MINT people i know its not a lot of traffic but the mintcoin Faucet is dry at http://earncryptocoins.com/mintcoini think some MINT people should donate to faucet so people who dont know MINT will so when they can get 1-2MINT free from faucet every hour. it's awesome. i was just thinking about the same thing!!!  but is there a faucet that people can use without a registration? i know i don't want to register at too many sites. why to donate faucets? Faucets SHOULD earn money from adverts - easy ... yeah maybe, but there isn't a single working mint faucet out there that isn't dry. This has to change! Anyone know of a sexy looking faucet we can add MINT to?  may not be very sexy but I can attest to the fact that it is very functional. I used it when I was first introduced to MINT, and I have donated to it since becoming much more involved with MINT. I will donate to it again if it is activated (I don't have a twitter so I can't contact them to activate it). yeah you're right, just donated some MINT and tweeted them. let's see what happens  This might actually be something. Thank you! I will keep an eye on it and donate once it comes back online. |
|
|
|
MINT people i know its not a lot of traffic but the mintcoin Faucet is dry at http://earncryptocoins.com/mintcoini think some MINT people should donate to faucet so people who dont know MINT will so when they can get 1-2MINT free from faucet every hour. it's awesome. i was just thinking about the same thing!!! but is there a faucet that people can use without a registration? i know i don't want to register at too many sites. why to donate faucets? Faucets SHOULD earn money from adverts - easy ... yeah maybe, but there isn't a single working mint faucet out there that isn't dry. This has to change! Anyone know of a sexy looking faucet we can add MINT to? may not be very sexy but I can attest to the fact that it is very functional. I used it when I was first introduced to MINT, and I have donated to it since becoming much more involved with MINT. I will donate to it again if it is activated (I don't have a twitter so I can't contact them to activate it). |
|
|
|
I think Jeff Jefferson said he would pledge 300k as well!
yes, but it REALLY has to mint. otherwise it's just another android wallet of a coin. we need to make the difference guys. I also think its not that necessary to use an escrow. I think MINT users are sincere and honest people, am I right?  I also had the concerns about the upcoming android wallet being open source so the others just can copy it. So I would propose a simple not open source app at first in the google play store. Than after a month or two the source code should be released. This is privately offered bounty for a working prototype, upon public delivery. Offered separately from other bounties that may exist. So far the total is: mgburks77: 250,000 stormia: 125,000 garicson: 200,000 jeff jefferson: 100,000 moderndezigns:200,000 Total: 875,000 Bonus for wallet that mints: mgburks77: 250,000 jeff jefferson: 200,000 moderndezigns:50,000 Total: 500,000 Total Total: 1 375 000 I'm sure there are other people willing to contribute! Looks like gonzoucab said he would donate for a wallet that is fully functional and mints as well. (Sorry if I am misunderstanding your post. I don't want you to get left off the list if you are, though!): I can pledge 125K for when a fully functional wallet that mints is deployed. Im also asking a developer for a twitter bot, maybe i will fund myself alone. is not too much. We are better, we are greener we are mint. |
|
|
|
From what I read and understand, I suspect that forks are coming soon on POS/POW and POS only coins. But, this is perfectly fine.
We are talking about software, it can not be flawless. My personal experience, working for more than 15 years on a sw giant that controls more than 50% of the global market in a mainstream technology, proves it. There are hundreds of people here, working only on sw fault fixing, by patching the code all the time and deliver these patches to the customers around the globe.
So, please take it easy and relax. The possible faults will be discovered and fixed.
And have something else in mind: The real developers respect and support each other and they do not do "dogfights" as the coins investors/zealots/holders (you name it) do. And from what I saw so far, at least BC and MINT both have real developers.
Agreed. These things need to be discussed. A lot of good can come out of it. Although, perhaps this would be better discussed not on a public thread such as this, where if any true and effective attack mechanism were described it would then be readily available for people to recognize and exploit. I think that, if somebody actually had good intentions for pointing out what they theorize as and believe is a possible security hole then they should have contacted the devs of the vulnerable coins directly and not stated the possible exploit on a public thread (IMHO; I also expressed this opinion to anonymousg64 when he started talking about the theoretical TX bug). FYI I have contacted both the mintcoin dev and the eccoin dev and neither of them are concerned about this "security issue"... whether that means it is not an issue at or, or that it is one that can be easily solved I am not entirely sure (they both made it sound like it was likely the former, though). |
|
|
|
don't know if people saw my posts from last night.
summary:
bought 400,000 thousand MINT in 5 trades from 2 exchanges.
withdrew after every time and only took 2-3 min each time to reach wallet.
deposited to both excanges with BTC.
wait time
1st- 10min
2nd- 11min.
3rd- 10 min.
4th 19min.
5th 33min.
Ya it's fast. Actually a lot faster wallet to wallet. The exchanges first process the withdrawal which takes a few minutes. I had mint on 2 computers. I sent from one wallet to another and saw the "incoming" pop-up almost simultaneously. Hashcows now over 1600 mh, keep em comin'!Impressive, that is really great! Keep the hash support up! |
|
|
|
MINT people i know its not a lot of traffic but the mintcoin Faucet is dry at http://earncryptocoins.com/mintcoini think some MINT people should donate to faucet so people who dont know MINT will so when they can get 1-2MINT free from faucet every hour. it's awesome. i was just thinking about the same thing!!! but is there a faucet that people can use without a registration? i know i don't want to register at too many sites. This one doesn't require registration: http://coinok.pw/faucet/mint/It has been disabled though because it went dry for three days. |
|
|
|
after all my buys yesterday i am proud to say i have 1,675,000 MINT
all in my wallet waiting to collect inerest
Congrats!! Minting is fun |
|
|
|
there you go i bet you guys can get up to 2 milllion MINT for bounty
We can do it. If everybody just donates whatever they can, no matter how much, it will add up quickly. |
|
|
|
I pledge 250K MINT to be paid upon receiving a basic working prototype of Android wallet.
Anyone wanna match me on this? I can pledge at least 125K MINT at this time. Wish it could be more but the funds I can part with are drying up and I am still planning on donating more to the Mint Foundation. |
|
|
|
POW has been proved
POW POS Hybrid have been proved, Sunny made a really nice software
POS only have never been proved, have less programers dedicated to.
Thats the true.
But the fact is that all POW/POW+POS/POS coins have the possiblities to get attacked. Blackcoin has its problem just a week ago. Yeah and does anybody else find it interesting how timing of the "timebomb attack" described here: http://www.blackcoin.co/wallet-2/official-statement-regarding-blockchain-problems-23rd-of-march/"To solve the issue, by making a check for such cases and making sure the right value is always returned we had to hard fork the BlackCoin blockchain at block 38424." Corresponds to the problems that occurred at cryptorush:  CryptoRush's problems with BlackCoin were due to their usage of the getbalance accounts function, which no other exchange out there uses for good reason: https://en.bitcoin.it/wiki/Accounts_explained#Account_WeaknessesIn fact, the fork itself has nothing to do with the losses that CryptoRush had due to the usage of the accounts feature. If CryptoRush had checked the new version of BlackCoin before implementing it in their live exchange there would've been no losses since they would have found the issue with the accounts feature immediatly and asked us to fix it. But again we are discussing BlackCoin vs Mintcoin while we are talking security vunerabilities of PoW/PoS hybrid based systems. Thanks for clarifying. I made no mention of Mintcoin vs Blackcoin. Just talking security, of both PoW/PoS hybrid systems and pure PoS. |
|
|
|
Just one idea from my side ... Why not release it in 2 drops? First drop (that I consider easier, not a developer myself though) to be able to send/receive coins only. No minting. Second drop (the most difficult part I guess) minting option included. Is this something worth exploring or I am totally rumbling ?  edit: I mean of course the android wallet ... This seems like a good idea BigChirv is a good Programmer, he is willing to help! Hey Chirv!!! welcome! Excellent! Welcome BigChirv  I may have missed it, but is there a bounty on the Android wallet? Seems like this would be a great thing to have. I'm willing to contribute some Mintcoins to a private bounty to get-er-done if necessary. Ideally there'd be some premine coins that could be used as a bounty though. Any news on this front? Welcome BigChirv! I think there is a premine bounty associated with the android wallet although I am not sure how much. If it will help I think it would be worth it to add a community bounty on top as this is a very important development. I'm willing to contribute to such a bounty. |
|
|
|
Thanks, I do notice a similar minting shortly after, not the same number of coins but close.
Was the subsequent minting slightly more than the previously orphaned block? Since the coinage will be a little older after they got orphaned, it should be slightly larger. At least that is my understanding. |
|
|
|
How exactly is this possible, particularly with difficulty re-targeting every block? Blocks may have timestamp different from real time. This allows keeping low difficulty. Time window is limited but enough for this attack. Also, it is my understanding that not only would the difficulty of finding a PoW block go up, but the difficulty of finding a PoS would go down in response as well. No. Additionally, no matter how fast you can manage to generate a string of PoW blocks there is no way to know with certainty that a PoS block wont be randomly generated within that time and interrupt the string? Again, one PoS block will not stop attack. Two will. Additionally, no matter how fast you can manage to generate a string of PoW blocks there is no way to know with certainty that a PoS block wont be randomly generated within that time and interrupt the string? Again, one PoS block will not stop attack. Two will. This I don't understand because of my own ignorance, like most of the things I don't understand, how is it possible that you only need to control one PoS block to orphan your PoW chain and carry out this attack but there would need to be two legitimate PoS blocks to stop the attack from occurring? Blocks may have timestamp different from real time.
So this is attack is dependent upon an unknown? Is there a way to confirm one way or another? Also, it is my understanding that not only would the difficulty of finding a PoW block go up, but the difficulty of finding a PoS would go down in response as well. No. Can you be a little more detailed? I have been told in the past that the two difficulties adjust to one another. |
|
|
|
Just one idea from my side ... Why not release it in 2 drops? First drop (that I consider easier, not a developer myself though) to be able to send/receive coins only. No minting. Second drop (the most difficult part I guess) minting option included. Is this something worth exploring or I am totally rumbling ? edit: I mean of course the android wallet ... This seems like a good idea |
|
|
|
Still having problems with orphaned coins, this time it was over 2,000 coins! Any ideas?
That is normal, somebody else found the block before you. Don't worry though, coinage is not lost on the coins you had at stake to find that block. |
|
|
|
POW has been proved
POW POS Hybrid have been proved, Sunny made a really nice software
POS only have never been proved, have less programers dedicated to.
Thats the true.
But the fact is that all POW/POW+POS/POS coins have the possiblities to get attacked. Blackcoin has its problem just a week ago. Yeah and does anybody else find it interesting how timing of the "timebomb attack" described here: http://www.blackcoin.co/wallet-2/official-statement-regarding-blockchain-problems-23rd-of-march/"To solve the issue, by making a check for such cases and making sure the right value is always returned we had to hard fork the BlackCoin blockchain at block 38424." Corresponds to the problems that occurred at cryptorush: Getting scary out there... The roundness of those orders suggests it's just a few people holding up the price....  Yep, its being manipulated to dump - they get you to pump it up by panic buying more only to dump on you - probably the coins that were stolen. Total loss reported about 1.5 million coins, 22 million number is their total processed coins as far as I understand. The coins were withdrawn by normal CR users seeing larger balance than they should have, not a single entity/hacker. The coins were distributed across many people, no single large dumper was born. The coins are useable. How did they end up with a total negative balance in their wallet? I mean, the daemon will not send coins it doesn't have. They must have HAD that many coins -- but they're claiming they didn't. They say they only had 68k coins or something, and ended up with a massive negative balance. The client doesn't -- or obviously shouldn't -- allow that to happen. The only way it might happen that I can see would be if the coins were on a bad fork. Right? Forget about logs, all the coins coming out of that wallet should be traceable and invalidated if they were in fact sent due to a bug in the client. |
|
|
|
Is this a novacoin clone what's new? I'm afraid I am not familiar with novacoin. |
|
|
|
But like you said "Attacker should wait for 1 PoS block and delay announcing this block." Why couldn't this process be simply reiterated to form a string? You wouldn't need to "find" >2 blocks in a row, you would just need to announce them in a row. Or am I missing something?
My edit of what I said above, must have been editing while you responded:
"So, in that case, what is preventing an attacker from waiting for multiple PoS blocks and delaying announcing the multiple PoS blocks to form a string of PoS blocks similar to a TX attack chain like the one anonymousg64 was talking about? If it is not possible to wait/delay more than one block per wallet, then one could easy use multiple wallets. If the timing of generating/announcing a single PoS block can be controlled, what is preventing reiteration of the process to control a series of single blocks?
Attacker should build a chain longer than main. The more he waits the less chance to success. Also, what would prevent another block from being announced at that same time or right before you? Say you control when you can announce your PoS block, but does that mean you can control when other people generate/announce theirs?"
Similar to mercSuey's point that PoS is a stochastic process,
What would prevent another block from being announced at that same time or right before you? Assuming you can control when you can announce your PoS block, does that mean you can control when other people generate/announce theirs?
Yes, this attack has not 100% chance to success. The point is that average block time is known. One honest PoS block will not stop attack. Two will. Going back to the OP, "At such difficulty a sequential chain of PoW blocks can be mined in a flash." And what artiface said, "If the difficulty is very low due to low network hash rate then applying a substantially higher hashrate can cause many POW blocks to be generated quickly, much quicker than the target rate." How exactly is this possible, particularly with difficulty re-targeting every block? Also, it is my understanding that not only would the difficulty of finding a PoW block go up, but the difficulty of finding a PoS would go down in response as well. Additionally, no matter how fast you can manage to generate a string of PoW blocks there is no way to know with certainty that a PoS block wont be randomly generated within that time and interrupt the string? The best you could do is estimate based on the average block time, right? But this would be further complicated since the chance of finding a PoS block is increased by PoW blocks being found.  As you can see here, the PoW blocks have a different and independent difficulty algorithm than PoS blocks. If you start getting a lot of PoS blocks in a row, the chance of PoW block generation increases in order to achieve the PoW target; so after each PoS block is generated the likely-hood of generating a PoW block as the next block goes up, and after every PoW block, the chance of generating a PoS block goes up. They are both integrated with block targets and difficulties that are independent of one another; so one cannot perpetually overpower the other. This is why PoS/PoW hybrid is more secure vs just PoS only. And, it is also worth noting that over time, the Mintcoin networks actually will get more secure with age, whereas a PoW only coin has the potential to get less secure due to centralized mining processes. Mintcoin is protected from PoW overpowering, as well as PoS overpowering. You cannot know for certain the future of the Mintcion blockchain (at least very far). With Pure PoS, you know the future will always be a PoS block next, and with PoW you know that the future will always be PoW blocks next, but you cannot know the future with hybrid PoW/PoS like Mintcoin. |
|
|
|
That is YOUR reply I quoted. You must have read the answer at one point, because YOU commented that your question was answered, but I will summarize it again here just to be perfectly clear. - Blackcoin use POS 0.3.0 protocol which has no known vulnerabilities at this time
- The "attack" suggested is impossible because coins do not stake on age alone, therefore making deposits at small intervals in no way guarantees you will generate POS blocks at those intervals. In fact splitting coins to generate these intervals will make the chance of staking at each interval even less
Right, it uses "POS 0.3.0 protocol which has no known vulnerabilities at this time" in the context of a PoS/PoW hybrid, right? It has never been tested in the context of pure PoS, right? I will restate: If i said said anything further about it on the blackcoin thread, I would have been ran out of there and labeled as a FUDer. Similar to how what I am saying now, not on the blackcoin thread, is drawing so much heat. I'm not giving you heat, i'm only answering your question.. again. Saying Sunny King's fix only applies to POS/POW hybrids is incorrect, it fixed the POS protocol. Period. The timebomb attack is not feasible because coins do not stake on age alone, there are other factors. Even if you could guarantee that all your coins ages were spaced at a minimum interval there is no guarantee they will all stake at their intervals. Also POS blocks have a target time interval, so coins that were eligible to stake too soon would not generate blocks any faster than the target interval, there is no way that one person could force their coins to be the ones to generate stake for many consecutive intervals. This attack is pure nonsense. But Sunny King fixed PoS in the context of PoS/PoW hybrid, not pure PoS. Right? Since there have not been any other pure POS coins yes the fix was originally applied to a POS/POW hybrid. Nevertheless the fix is for the POS protocol and did nothing to POW. The fix ensured that POS was a secure way to generate blocks to secure a blockchain. If you know of any vulnerabilities in POS please make them known so they can be addressed. I don't know the specific vulnerabilities, I'm not saying that there necessarily are any. My argument is purely from a logic standpoint. If the security of PoS was in any way dependent upon PoW in the PoS/PoW hybrid system, then just because the PoS security flaws were fixed in that context doesn't mean they will be fixed when PoS is standing alone, or that new security flaws wouldn't be introduced when PoS stands alone. So the question is, did Sunny build/fix PoS to be completely secure standing alone or was it in anyway dependent on PoW? I guess this is ultimately what I am trying to figure out. Sunny built them to be dependent on each other. POW is a proven system. POW/POS is a proven system. POS is not and may be vulnerable to attack. OP's point is that a POW/POS system with very small rewards creates a weak POW system that someone could exploit and it would essentially be the same as a standalone POS system which may be vulnerable. You clearly did not understand the OP. That is not the OP's point at all. The OP's point is that POW/POS hybrid is vulnerable to a double spend attack by a POS block negating/orphaing a POW chain with enough blocks to have confirmed transactions. I expect you have never looked at the source code of a POW/POW hybrid, because it it very clear POS and POW are not dependent on each other in any way. They are completely separate methods. It is true that POS only has never been tried before, but the POS system is secure in itself and has no known vulnerabilities. POW is a proven system with a known vulnerability called 51% attack which is why POS was added. POS/POW may be vulnerable by the method explained in the OP. POS alone, again has no known vulnerabilities besides a 51% attack which would require owning 51% of the coins which would mean you already basically control the money supply and would devalue your own coins. looking at your posts and the OP "double spend attack requires 1 PoS block and low hashing power." So wouldn't this method of attack require that you control/know precisely when you are going to receive a PoS block, so that you can orphan your transactions that you confirmed on the PoW chain you control (otherwise somebody else will have a greater chance of getting the next PoS block, unless you control 51%)? You made it sound earlier like it is not possible to control when a PoS block will be generated: "The "attack" suggested is impossible because coins do not stake on age alone, therefore making deposits at small intervals in no way guarantees you will generate POS blocks at those intervals. In fact splitting coins to generate these intervals will make the chance of staking at each interval even less" So, are there ways to control/know the timing of PoS block generation even though coinage is not the sole determining factor? If so, wouldn't that mean pure PoS is vulnerable too? Attacker should wait for 1 PoS block and delay announcing this block. So, in that case, what is preventing an attacker from waiting for multiple PoS blocks and delaying announcing the multiple PoS blocks to form a string of PoS blocks similar to a TX attack chain like the one anonymousg64 was talking about? If it is not possible to wait/delay more than one block per wallet, then one could easy use multiple wallets. Nothing prevents. Chance to find even 2 blocks in a row is low. Long chain of PoS blocks is realistically only for exchanges with old coins in cold wallet. But like you said "Attacker should wait for 1 PoS block and delay announcing this block." Why couldn't this process be simply reiterated to form a string? You wouldn't need to "find" >2 blocks in a row, you would just need to announce them in a row. Or am I missing something? My edit of what I said above, must have been editing while you responded: "So, in that case, what is preventing an attacker from waiting for multiple PoS blocks and delaying announcing the multiple PoS blocks to form a string of PoS blocks similar to a TX attack chain like the one anonymousg64 was talking about? If it is not possible to wait/delay more than one block per wallet, then one could easy use multiple wallets. If the timing of generating/announcing a single PoS block can be controlled, what is preventing reiteration of the process to control a series of single blocks? Also, what would prevent another block from being announced at that same time or right before you? Say you control when you can announce your PoS block, but does that mean you can control when other people generate/announce theirs?" Similar to mercSuey's point that PoS is a stochastic process, What would prevent another block from being announced at that same time or right before you? Assuming you can control when you can announce your PoS block, does that mean you can control when other people generate/announce theirs? |
|
|
|
|
Show Posts
