Slush was obviously just an example. A sign im behind the times perhaps, But irrelevant




Sure there are miners out there who actually monitor what their miners are doing and would notice it moving on to new blocks but 99.99% wont and the ones that do will take time to get their word out. Then those people to move their hashrate. You only need 4 blocks with most exchanges.

That brings up another good point. Which large scale miners actually have monitoring in place for this? I doubt its standard across the industry. I know for a fact it wasn't when I was more involved and mining was even further centralized to a few pools.

This is all hypothetical of course as the risk of two or more major pools getting pwned and then the pwner deciding to carry out this specific attack are very minimal. I dont want people thinking I lose sleep over this, its certainly not a major concern now but if mining further centralizes into a handful of pools then the threat grows.

Im simply trying to point out you are assuming the person in control of those pools has any skin in the game and that they are mentally stable enough to make sensible decisions.

Pools can be taken over by attackers and people have mental breakdowns. Seal team 6 could come in and hold slush hostage until he builds a side chain. There are endless possibilities your defenses dont account for. You are just being Naïve. Perhaps intentionally.

These are the simple facts. 2 or fewer actors need to be compromised in order to gain enough hashrate to significantly harm Bitcoin and your only defense is blah blah game theory blah blah economic suicide.

Arion Kurtaj is completely relevant example. It doesnt matter how lucky he was to find the exploits he did the fact is he compromised multiple major players in an industry and was reckless with their data instead of thinking it through. Neither game theory or the thought of economic suicide would have stopped someone of his mindset

You can continue to be ignorant to these threats but dont expect to not be called out on them.

Honestly the Binance delisting might be a good thing.

We will know if they were solvent and if so, big win

We will also know if they weren't as they will have to buy it back on the market to fulfill withdrawals. Still a win

What benefit would a malicious attacker have? They would have control of a Trillion dollar network. You pointed out some of their abilities further down your post but most importantly, They could double spend. I dont think you understand the trust that would be lost in the system if a large double spend was successful.


Im not talking about game theory. I simply pointed out that the operator of a pool could use their users hashrate maliciously before anyone had a chance to move their hashrate off the pool. Effectively when looking at short term attacks like double spends they do control the hash, not the individual miners. Their incentive to do so is completely irrelevant to my statement. Your fork tracker is useless when a longer chain is being built in secret. Sure the pool might have a few hours of bad luck, but so will the whole network if 51% of the hashrate drops.


Really?  Money means nothing to the government. They can print it as they please. Never underestimate what they will do to keep their backdoor inflation tool as the global reserve currency.

Do you think someone like Arion Kurtaj would have cared about economic suicide if he got access to a few pools instead of nvidia, uber and the others?

I think there are a lot of scenarios , although highly unlikely where game theory doesnt apply. I dont think people put enough stock in those.

Dont get me wrong, I believe OP's research has some flaws if it came to that conclusion, I just havent had time to read it.

My issue with this specific argument is how long would it take word to spread of a pool acting maliciously? How long would it then take word to spread far enough to significantly impact their hashrate? Lastly, how long would it take someone with 51% hashrate to do damage to Bitcoins reputation or worse?

If the former is > latter, effectively they do control the hashrate.

It only takes a short time of a few pools having "bad luck" to build up a longer chain.

For OP's purpose the amount of time it would take to parse a fully indexed chain into an sql database is probably the same time frame to query that list for all 200m+ addresses. In the long term the database would be the way to go though imo. Plus its a great way to learn more about the protocol.

I'm guessing OP set keypool=200000000 and now wants to check for collisions 

I hope you are not talking about a centralized exchange you own. I want to believe that is the language barrier but just to be safe, That is a terrible idea and you should stop now.

I felt bad for us blockchain infrastructure engineers in 2014 with hundred of nodes

RIP engineers of 2021

I've been asking that same question for 11 years now 

Unrelated seizure

I doubt Paul is planning on surrending anything.

A Facebook memory reminded me of something that still frustrates me today.

It was 6 years ago today that Paul moved the Cryptsy XRP wallet

$14 Million of Cryptsy customer funds are in the hands of the owners of btc38.com wherever they are.

I traced the 29 Million XRP Paul took after it was legally the receivers property to 3 separate accounts. Btc38.com confirmed they froze the accounts but refused to comply with legal demands to return the funds.

What analysis did you do to point this back to Cryptsy?

At first glance the timing doesnt add up. Unless it was on rackspace which Paul lost data on.

I did look into doge for a solid two nights. It seems Paul used a lot of Doge to fill up other wallets. I dont know how much was really left in the end. Without the wallets themselves or the database I kinda hit a wall. He did help out by setting a static change address on the hot wallet for a while which provides a great taint analysis of the hot wallets from early 2015.

The wallet you posted I would suspect belonged to Mintpal. It's not well known but the Cryptsy hacker also hit them. They had better security in place and only lost their Bitcoin hot wallet and the Vericoin that caused the rollback.





That IFC wallet was sold in the auction. Likely just the new owner or Paul sweeping funds. Why would a billionaire bother with packet change?

That is I suspect the fate of all the wallets. They were sold to new owners but Paul obviously still had copies. Deposits still come in years later for various reasons and its a race between them and Paul to collect.

S.Law and the FBI have all the info I have. Some of the many interviews are published if you really dig.

Glad to see this thread still alive. If anyone wanted the chain revived I could setup some infrastructure.

I notified S.Law on the 5th or so when I first heard. They were already aware.

Nothing ever came from those transactions as without the database we couldn't even prove they were stolen. They almost certainly were but we cant prove it definitively.

Paul never even disclosed those transactions to me. I have my doubts if he ever even monitor for unapproved withdrawals like he claimed.

He let them walk right in and they gave him many opportunities to stop the bleeding. Based on that timeline I was awake upgrading the reddcoin wallet as they launched their pos upgrade that night. I could have responded immediately had I been notified or had the tools to even know what was going on. Believe it or not even I never knew the full extent of what was lost.

While some or all of that could be true I nor Thunderjet have the evidence to prove it. Without the cryptsy database we dont know what happened inside Cryptsy or with account #7. Further, his findings were hit and miss. He had a bad habit of making assumptions which you can't do in this situation. For instance.

1Jnz9XLNMdSyx1vPCsgQQkZYy2SrXsJcmE and 1LBDM5jvaE1e32KktyEyzWoPkY2CddUBZJ

Are either not coinbase addresses, did not belong to an account in Paul vernons name or the name of anyone employed with Cryptsy. We looked. Either coinbase was hiding the account, it was a customer or Paul with a false identity. The last seems far fetched given his disregard for privacy with everything else.

I can assure you nothing else went to his coinbase account as I personally did the forensics. That work is what led to his indictment earlier this year.

To be clear I only posted that as multiple people had reported to me they were seized. If they think they are seized they will give up looking/tracking.

I have confirmed there are legal team(s) working on it. No confirmation any authorities are but I would assume they keep that tight lipped.

Looks like bad reporting. The stolen Bitcoin (where I assume the 9.5 million figure came from) has never moved and therefore has not been laundered. The author should have done some research.

In their defense they have been good at responding quickly. It's just they are having trouble understanding me.

I have avoided opening the miner to find the burned component out of fear of them voiding the warranty but I'm going to open it next visit and figure it out.

Anyone had a controller go bad?

Went out to the mine one day after a a4+ showed offline. Strong smell of electrical fire in the mine. Traced it back to the offline a4+

First few boot attempts the smell was VERY strong. My clothes even smelled like it after returning home. Miner starts to boot. Lights on all 4 boards go off and the fault light flashes. Miner never requests an ip address. Will not boot with any boards attached. After a few attempts the smell went away.

Yesterday during troubleshooting it randomly decided to assign itself an ip address outside of my subnet (10.58.133.0/24 when my subnet is 192.168.1.0/24). Grabbed an old router and configured it to that subnet and no luck. It wouldn't even request or assign itself an ip this time.

Innosilicon keeps telling to to update the firmware via the management console. Despite my repeated emails telling them I cannot access it.

I was contacted to do an official interview shortly after my last post. Figured the authorities should know any info I have before the public. I honestly havent even looked at the forums since.

They still haven't gotten back to me on a date for the interview so I'm just waiting

As far as people who needed ousting im not sure what DCGirl is on about. She came in at the tail end of things and knows very little about how things went down. Perhaps she is referring to Logan? Cant argue there. If the initial hack came from inside of the company there is no doubt in my mind it was him. I still feel it was an outside attack. Paul's horrendous security practices just let them walk on in. I tried to fix those but he was unwilling to until after. I had only been in that position for two months.


I am no longer in crypto. I tired to make a business out of importing and reselling Bitmain products but they became out of stock too frequently and it seemed like you needed an in with someone to get a good price. I ran out of money before I could find one. I did a few consulting jobs on larger farms in hopes of getting some referrals but nothing ever came of it.

I hold less than one Bitcoin now. I had a decent stash when I started working at cryptsy and working there allowed me to keep them buried for a while. I burned through that pretty quickly without an income.

No clue what jshock is up to. Havent talked to him for probably a year.

I created one new account "HashingSupply" or something for my business but never did anything with it. Haven't been on the forums in months it feels like.

I probably wont check back very frequently. Being out of the crypto currency game my life has been much less chaotic. When I graduate ill be looking for a career elsewhere. For now im just paying the bills any way I can.  A pm reaches me more efficiently but if people start spamming that Ill just ignore it

All hot wallets except NXT. Some cold wallets. Anything of substantial value (btc, ltc, dash, doge etc.) I did not have access to the cold wallets. Some coins I could dig in and find the cold wallet balance by basic blockchain tracing. If it was active with coins going in and out of cold storage often then I could not.


Yes, myself and the network admin Logan were alerted of a breach. We were informed Paul had contacted the authorities.



I did not have access to the database and did not monitor transactions. My job as far as wallets were simply to ensure the servers were secure and the wallets online. The only times I was concerned with a wallet balance was when it was empty ( contact paul to fill) and when it had too much value in it (send coins to the cold wallet deposit address Paul provided). Paul monitored wallet balances, transactions and making sure we had as much of each currency as customers had on deposit. As far as any reporting done on Paul there would not have been any evidence on the website. Paul was the only one monitoring for withdrawals not initiated on the website. He could go directly to the wallet and move funds without anybody but him knowing.