Bitcoin’s transformation to true market has necessitated the use of exchanges. TechCrunch reported today that, in addition to the lag, DDoS, and other problems afflicting the most popular Bitcoin exchange, Mt. Gox, a cross-site scripting attack halved a user’s Bitcoins, making him hundreds (or thousands) of US dollars poorer.
This brings up a larger question about the role of exchanges in facilitating an unregulated and anonymous currency. What liability do such exchanges have when accounts are hacked, trades fail, attacks disable the reliability of the exchange, or the exchange rules permit manipulation that harms a huge swath of purchasers? Mt. Gox claims to be registered in Japan, but obviously operates internationally by facilitating cross-border transactions in a wide variety of currencies.
Is it a self-regulating exchange, like NASDAQ? If so, NASDAQ claims immunity from, for example, when its computers crashed and caused an alleged $500 million in losses related to the Facebook IPO. Given that the legal status of Bitcoin (security, currency, or hobby) is still in a legal gray area, it is possible that Mt. Gox could be liable for failure to enforce its own rules.