Bitcoin Forum

this article seems to imply so

https://www.cryptocoinsnews.com/bitcoin-core-developers-attack-bitcoin-unlimited/

It looks like Peter Todd maliciously published information about a bug/exploit that had just been fixed in BU. 

read that article out loud to yourself. it's pure hysteria. anyone who was on the fence before would get straight off it after reading that.

Very possible. 

Now that BU is gaining serious momentum, Core is pulling out all the stops and resorting to dirty tricks.   They are terrified of losing control.

When Mike Hern rage-quit Bitcoin development a while ago, there was real momentum to raise the max block size, and get away from what the Blockstream core devs wanted -- the roundtable consensus agreement (or whatever it was called) was designed to pour cold water on that movement. However with it being very clear that blockstream and their core devs had no intentions of following through on their obligations to that agreement, the miners now do not trust the blockstream core devs anymore, and are moving to alternate implementations. It seems that blockstream is trying other tactics to pour cold water on this movement too. 

With all due respect my dear your opinion on this sounds insane.

Another fatal bug is being discovered in a fatally flawed codebase and it is somehow the fault of the Bitcoin developers?

Seriously now? Who is "terrified" here now!?

Not "their fault" as BU developers are ultimately responsible for their code.  However, if you read the article it says that Ciphera (presumed to be Eric Lombrozo) has made clear their intentions to attack BU nodes.

1 - you are posting from a hacked account, correct?

2 - The allegation is the blockstream core devs were behind the malicious attacks against the BU nodes this afternoon. There is also no question that Peter Todd (a blockstream core dev) did not responsibly disclose the bug that he was made aware of in the BU code.

Hello jonald_fyookball  ;D

BTU is trash and apparently Blockstream/Core Devs can't be trusted, time to toss them all aside and push for another solution.

Well it looks like to me that Core dev was spot on to identify a flaw in the code and makes it apparent for everyone to see and be aware of, if you see someone doing something wrong and stay silent you are a bad individual in general, if they couldn't find the exploit then they wouldn't have deserved to be trusted with the coding of the Core software.
It shows there is a dedicated and concise team behind bitcoin to navigate the engine in the road.

FUD. If that article was implying they did so then that is very irresponsible and biased journalism. They do not have proof of who really did it and second, why would the Core developers expose themselves in these sensitive times?

But I know one candidate who is capable of doing something like this. I am scared to mention his name but I will give you a hint. He could be also the same guy who hacked the DAO.

Well, maybe Ciphera is not really Eric Lombrozo? 

But his statements couldn't be more clear.

don't you think you're going a little far off the deep end with this? i don't get how anyone could treat this article as anything other than squealing.

if they have a point to make then make it in a dignified manner. if they believe core is out to 'get them' then be better people and rise above it.

Lol that was some ultra-FUD I just read right there. I can't take them seriously at all. This is really ... childish almost.

How am i 'going off the deep end'?

 

You sound like a real ass***, dont you get it; all youre coins went to $0 due of unskilled noob BU dev...This bug wasnt noticed for a whole year :o

This article has been written by a BU supporter, dont blame Core go ask questions at BU dev  :-\

Ok but who cares, why say malicious, bitcoin is free to be attacked at any time, it's not like anyone owns BTC, thats the whole point


the word malicious is here I posit misused. They simply have a different vision and saw a way to make their point, and in doing so exposed a bug more widely to the market.

That's all legit.

In fact everything when is legit.

I don't understand how people can say they get bitcoin then try to cry fowl.

This is not true. The bug was discovered and patched by BU devs first. Todd simply tweeted about it.

ok guys

if there was a bug on core (imagining shoe on other foot)
those blockstream lovers would hope that core got informed first. to fix the bug and release an update, once X% of nodes were running the fix to negate any exploiters, then publicly releasing the exploit

EG
2013 levelDB bug.
not explain what went wrong until days after the fix was released and everyone updated.

..
but when the shoe is on the other foot.. core/blockstream do not believe in diversity of nodes and decentralisation to protect the network by offering the same moral stance of offer fix first, then release exploit publicly.

it proves core devs are NOT "independent"

seems to me that its obvious that "attack and rekt anything not blockstream, protect anything that is blockstream" (centralist mindset) is the game here

It still violates responsible disclosure principals and was very unethical.

The amount of spin in this thread is astonishing. I don't know if some of you are actually that dishonest or simply ignorant. I hope it's the latter, but I have a feeling it isn't.

What are you talking about? this isn't a geek little community of coding nerds any more, moral has no place here this is serious human lives at stake  here, $20B potential hard cash at least a million lives depending on the day by day functional and operational network. you want us to rely on a version that could go under this easy? we shouldn't put our faith and money in something this much vulnerable, in case if you missed it bitcoin network is constantly under attack from every angle yet the dominant version(Core) stands firmly.
People want strong steel system not a 2 man team wishing to take the wheels and steer.
BU is like a 6 years old kid trying to ride 1000cc motorcycle, I once tried to ride a 250cc Suzuki when I was 8 and I pulled the front brake on sandy ground caused me to slip and crashed to the ground burning my stuck leg with hot cylinder.

My point being every serious business needs experienced minds and skilled people in charge , experts knowing what is what.

https://i185.photobucket.com/albums/x44/shadow_zangetsu/other/Renamon-4.gif~original

I shouldn't even be surprised by BU's incompetence any more.

in short.
if YOU found a core bug..
exploit it and public release info for everyone to exploit it?
or
inform them quietly to fix first


in charge?
there should be no one in charge. the devs should be independent and helping each other..

but if bitcoin can only function without diversity and with only one codebase running. then bitcoin becomes no better than a bank with 6000 local town bank branches with 1 head office.

---

think about it
BU crashes.
bitcoin network still runs because it has alternatives such as classic, xt, core still communicating to import keys into and continue..

but (under your utopia of only core running the show) where core had a bug.. all nodes go down

diversity is GOOD not bad

Franky1, you do understand that BU themselves were the first to publicly release this info, right?

Looking at order of events:

BU fix is committed into repository.
Details of exploit is posted on reddit.
Most BU nodes fallover.

This bug has existed for quite sometime so no one attacked it before it was pointed out.
It is possible that the mining nodes where made aware of this first and patched it.
The bug fix has to go in github before precompiled binaries can be released to the wider public.

Saying core developers attacked it is quite an accusation. They don't need to. There are plenty of others willing to do it.
Since BU is becoming more popular, it will be under increased scrutiny to ensure bugs are minimised before wider adoption (if that happens). This is a good thing.

There are plenty of assertions in core code. They are there to prevent unanticipated execution. If you can find a situation which cause a core node to fail to evaluate an assertion all core nodes would fallover, and probably all those nodes forked from core code. I would not recommend anyone do this.

It is not fair to assign intent without evidence.

It also appears that the attacks on the BU nodes started before his tweeting, which would indicate those attacking the nodes found out about the exploit the same way Peter Todd did - by looking at the git commit that fixed the issue.

Peter Todd can be very arrogant and his tweet seemed to carry an air of arrogance, but I do not think it is fair to assign malicious intent to his action.

Bringing supporters like AntPool down either physically by sabotage, or software exploits/CyberAttacks.
Why not? Seems the time to reason is over and the time of power play has arrived.

BU supporters were not open to reason, they maliciously attack Bitcoin in an attempt to centralize power, hell yeah they should be attacked.


Rico

Amazing how view of community on Core developers changes over years. From the bastion of decentralization they become censors and attackers.
But as far I am concerned there is no hard evidence that info about this exploit leaked by Core devs caused this situation to escalate.
All in all Bitcoin Unlimited is faulty piece of code, fix it first, we have new bug every month so far.

AFAIK, and judging from the comments on r/btc, the attack began before Peter Todd posted on twitter about it. Stop with this bullshit propaganda. ::)

Who paid for this article? ::)

---

To make matters worse, the fake incident report that "allegedly affected Core": https://medium.com/@g.andrew.stone/buir-2017-2-23-statement-regarding-network-wide-bitcoin-client-failure-28a59ffffeaa#.7rqgmlmb4
https://archive.fo/Sx31y

There is a log of bullshit propaganda going on in both sides. It certainly seems that different bitcoin news websites have their own agenda, just like the newspapers and TV broadcasters. That's why I obtain my news from various sources just to keep my objective sanity.

i was actually putting a critical/unbiased hat on and playing with the blockstreamers mindset that:
"BU couldnt fix their own problems and found out after things went public."
(their rhetoric)

and putting shoe on the other foot and switching it, to ask
if those events were involving blockstream(core) code where the community exploited first. rather than secretly inform first(peer review) what would they do

point being.
if core are "independent" then they should help each other out. not kiss ass of one team and only one team. as thats just centralist mindset
EG if core prefer to dominate and stick to a higher TIER, then they have no PEER.

bitcoin should be about PEER review not TIER review

xt, classic, btcd, btcc, statoshi, core, knots, BU etc should all be on the same level playing field in regards to a open community of PEER REVIEW
and not the cat and mouse game of
'im not gonna peer review their code'
then same person
'its not peer reviewed so cant be good'
meaning if your not going to review it. then dont complain about it not being reviewed

EG like a book critic not reading a book. then crying it must be bad because its not been critiqued

Yeah!

The banksters paid Roger Ver and the antpul hard fork for bitcoin network. They also pay network trolls....

This is a battle without rules! We must show that Bitcoin Core also have strength!

Careful what you wish for, unless you have a warehouse full of asics at the ready.

So True and this is what i felt

You may say that I'm biased, but I am more inclined to say that there is much more bullshit coming from r/btc than the other side. Note: I have never, and will never participate in either one of those places.

Who is playing the Utopian dream scenario now? :D You can't really have that if some* players attempt to diverge from the protocol without attaining prior consensus from the whole network.

Two words: PoW change.

so this is all fud again right? if they were aware of the bug exploit, why the article say that the team from core is reproaching it? i thinkt he core team is afraid that antpool can start a crusade that can raise the attention form other pool and want to kill BU now that has still a low percentage of consensus

What a wonderful consensus change. Along with Shaolin Fry's UASF and forced activation proposals, the 2 tier spoon fed network and the ability to whitelist/blacklist nodes, it looks like one side is fully prepared for a bilateral split to protect blockstreams investment.

That has nothing to do with Blockstream. If the miners coerce to attack the network for whatever reason, they deserve to get fired. Simple as that.

---

Here's some comedy found on reddit:

https://i.imgur.com/3XairKM.png

xt, classic, btcd, btcc, statoshi, core, knots, BU

the ones not crossed out want consensus and happily not put in deadlines. and nodes have not decided to split off in the 2+ years of their implementations being running on mainnet.

however core 0.13.1+ and knots.. bypassed consensus by going soft
willing to split the minority off once reaching 95% (bip9 allows this)
and at worse split at a lower threshold UASF

so im guessing your 'if some* players' has the * referring to core and knots.

after all (which you know because i quoted it to you many times) gmaxwell actually invited the non core implementations to split off ages ago and they all laughed in his face.

non core implementations want to use bitcoins consensus to keep to a single network.
its only core that is shouting opposite to point the blame in the other direction when they themselves pull the ban hammer trigger


so logically
blockstream proposals:
removing PoW
removing changing native keys to segwit keys
removing changing peer-to-peer to peer-to-LN
removing node consensus for pool only consensus
bypassing pool only consensus by having upstream filter FIBRE activated UASF

can you not see the big picture?

all thats then left is for them to stroke their sheep into agreeing to a nice licence..
(sarcasm) Hmmm.. i wonder have they hinted they are going to swap to a new licence(we know they have)
oh look so they have
Defensive Patent License

BU needs more attacks - go for.

BU get's more fixes and has the luxury to run in a real live testnet side by side to core - finally nothing really happend, but BU got stronger... how does SW and the hidden bugs in it?

Bitcoin cannot die that way.

Indeed.

https://blockchain.info/address/14PUebVa1CpYuFVEvdyCB1vG37SpmBtWQL?offset=0&filter=6

751 inputs, balance 0.26644724 BTC

751 inputs at 148 bytes per input = 111148 bytes
111148 bytes at prompt 200sats/byte fee = 22229600 sats fee = 0.222296 BTC fee

Effective spendable balance (assuming a fairly prompt confirmation)  0.26644724 - 0.222296 = 0.04415124 BTC.

Do you see why some people want to solve this issue?

Good case. Try to SW-sent this (in case SW gets enough hashpower) . Does this get cheaper ?

Looks like you BUcoiners are on some severe denial.

Facts:

1) This was released by BU developers, once it's in the wild it's BU developers problem if something goes south
2) Peter tweeted about this 1+ hour after release, so this is not a 0day
3) BU devs are being childs about their own fuckup:

https://www.reddit.com/r/Bitcoin/comments/5zhmwn/andrew_stones_bu_dev_fake_screenshot_is_a_poor/

BU is dead, and it's all due BU's dev incompetence.

http://1.bp.blogspot.com/_kDyMtZ_dJwQ/TKrjTZ5j6xI/AAAAAAAABt4/r8xQ4n4wQx0/s1600/corewar_125.jpg

 ::) ::) ::)

This is another sad story in bitcoin history. We all keep saying that bitcoin is decentralized yet there are groups who are forming as one and trying to make bitcoin a centralized currency. This attack by the core developers is just one of the evidence that groups wanted that the miners will use their system to mine bitcoins. This is just a display how bad they wanted to have control over bitcoin production and get profit.

This is one of the most fucked up public stunt screw ups yet.

Nope. Soft forks have always been used and you start complaining about them now. I wonder why. ::)

Wrong. He was talking about consensus altering implementations.

There are apparently other exploits that have been properly disclosed, but the BU team failed to fix so far. This team's incompetence is on a prestiege level.

Bullshit as always from BTU fanatics. Go find those bugs:
1) Testnet.
2) Live network on Groestlcoin: https://bitcointalk.org/index.php?topic=525926.msg17607303#msg17607303
3) Live network 2 (soon) Viacoin: https://bitcointalk.org/index.php?topic=699278.6080

I don't understand how someone can continue to shill for these guys without being paid or something. If someone that I had a high vision of, or supported in a way did something like that, then all of that would vanish into thin air.

There are only 2 groups of people still defending BU:

-The ones that still think it is the best for bitcoin because they don't know any better
-The ones paid to keep promoting it in order to meet certain agendas

i'm in the former group.  I would appreciate it if you can direct me to the place where I can get paid.  thanks in advance. 

And you also see why some other people like to keep it that way...

If you read the "authors" other "articles" you will understand he/she does not know the first thing about writing, journalism, or Bitcoin.

I don't think he really had any malicious intent. Sure, he doesn't approve of Unlimited but he seems like a good guy/not a terrorist.

nope.
because although lets say average fee today was 200sat/byte

with the grace period of activation. followed by the few weeks to wait for a SW wallet active release. and then people sync to it.
(atleast a month)
the fee might be 400sat/byte.

then spending all them outputs(native keys) cost 400sat/byte.. to put into a SW key.. to then and only then only cost 100sat/byte to respend that day...

whereby then your playing the fee war game again because not everyone is on SW keys(thus not getting a real 2mb block) and mempools are still bloated. and that 100sat/byte SWfee wars into 200 sat/byte SWfee and 800sat/byte nativefee

thus no end benefit, because the fee war will catch up with the possible discount.

forget ever going back to 1c/tx average. all your doing is TEMPORARILY back dating fee's by a couple months.

Wow...what a horrible piece of yellow journalism. Even if it is an op-ed piece, any reporter worth his / her salt
would gather facts to support his / her position. This is fearmongering, plain and simple. So some guy named
cipher said he was going to exploit bugs. So what. There is no proof that he is or was ever tied to the Bitcoin
core group. In fact, CCN noted that in a correction to the article.

Do I believe that certain persons in the Bitcoin core could stoop to this level to try to knock BU off its pedestal?

Sure. Do I have proof? No, i do not.

Bet the article got a lot of eyes on it, though, and at the end of the day that seems to be the only goal for some
folks.

This is apparently an exercise in journalism, or it is someone who needs an order of the article, so that the information of such a composition would come out to the masses.

No it doesn't because nothing was disclosed that wasn't already public. The BU devs committed a fix for that bug an hour before Todd decided to tweet about it. It was public info!

if it was public info, it wasn't fixed because...?

A bug/exploit by definition is public information. The fix was not yet implemented and therefore pointing to the exploit very publicly and drawing attention to the exploit was unethical.

If Peter Todd worked for any half reputable company, he would have been fired for doing this.

They posted a fix on their git repo and that's how Todd got wind of it. So it was fixed but people hadn't downloaded the fix yet. You can't really blame Todd for this. Once a vulnerability is made public people have to scramble to get it fixed. People looking to exploit will also scramble to exploit it. It is the nature of the beast.

In other opensource projects the fix is pushed out first and later the vulnerability is spelled out to the public. In this case the vulnerability was so obvious that they couldn't hide it.

I was wrong that the BU devs found the vulnerability. It was an independent security researcher who found it and disclosed it to them privately. This is what the researcher who found the vulnerability had to say:


https://bitcoinmagazine.com/articles/security-researcher-found-bug-knocked-out-bitcoin-unlimited/?utm_content=buffer6e884&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

i never blamed Peter Todd.

This is actually quite a good article.

But as BU is gaining traction, the BU code will come under closer and closer scrutiny, and these issues will be resolved. Those who prefer the BU future vision to the core future vision are more likely to get involved. Perhaps the article doesn't explore this possibility.

BU doesn't have good blockchain developers team to fix it. A bug has been used to collapse the entire network. When it took around 40% support in a 24 hours time. Soon after the bug it dropped to 32% and continues. Several statements were made funny in the social Media regarding the collapse of BU.

Dont jump to conclusions man we dont actually know the exact truth Peter todd posted in his twitter account that he did not do it.
Well, if it was bitcoin core dev or some hacker sooner or later the Bug will be discovered and exploited.
I do hope that no more major flaw will be found in BU's code or if there is better fixed it already before some attacker tries to bring down the network again.
prevention is always better than cure.

This guy knows it how BU is in deep shit, thx for sharing this article. All as expected but BU supporters are to stubborn to accept that.

Yes, you have to ask them "really? this?". There is a concentrated effort to FUD Core, divide the community and then conquer. It began with XT vs. QT. That is where the Core vs. the big blockers argument started. I am all for competition but not the dirty tricks being done from both sides.

Who next to Bullockstream is more responsible for

 'divide the community and then conquer'

??