|
Actually the prices went to $4 range.
Even I wasn't pessimistic enough for LTC.
|
|
|
|
|
Updated top post with new vulnerabilities.
|
|
|
|
Butthurt much? Poor thing. How much did you lose?
Or just have nothing better to do?
Quote again in a year or two. Like i said. 50$ in a 1-2 years.
Skyrocketing progress to $50!! |
|
|
|
Then, with a simple calculation, you get a weight in coins*days. Given the above reference numbers, your 'staking chance' ranges between 30 and 90 coin*days for a 1 coin amount. The rest is pure luck, random numbers.
Yeah, see that's exactly what I said. The probability of a single coin staking is 1/x (where x is your calculated coin weight). So the probability of a million coins is 1,000,000/x. From what I understand what you say, as per your logic, a graphs card should never be able to mine any coin and a single core CPU is infinite times after than the GPU when it comes to mining. Cause if a graphics chip has 1500 stream processes; each core will have negligible hash rate, so the probability of a core to mine a block is negligible.  In fact, by this I've uncovered another vulnerability using this calculator. As the no. of coins increases, the probability of hitting a block does not increase linearly; it decreases. So the network difficulty is lower. But if you've split your stake, the probability of staking a block will increase linearly, cause each coin has it's own instance. It's stake is calculated separately. That means the network hash rate of genuine PoS miners will lower, helping the attacker more. Also, in your invention, you claim that "Each block gives the miner variable rewards depending on the current difficulty" -- which is essentially not true, at least for most PoS coins. The 'difficulty' in PoS is merely multiplied with coin*age to produce your chance to participate in PoS. The PoS reward is strictly dependent on coin*age*interest and 'difficulty' is nowhere in that calculation. Difficulty=coin*age coin = Difficulty/age PoS reward = coin*age*interest PoS reward = Difficulty*interest Similarly if the difficulty is high the block reward will increase cause...<snip> As I said, rudimentary question. I'm not answering any of these rudimentary questions in the future. I'll just put a notice and link this this conversation. Please you should know high school mathematics to understand this vulnerability. And of course have some common sense (to understand what's a 51% attack in the 1st first place). |
|
|
|
Oh, and you maybe interested in my other predictions. https://bitcointalk.org/index.php?topic=604716.0PoS has no future. Neither do any PoS coins. Oh, and those premined coins are actually scams. The dev has released only a small % of coins, so their prices and market capital are inflated. PPC will fail cause of bad economics and security. |
|
|
|
|
LTC at $5 range.
Now where are the Litecoin holders and supporters? I suggest they buy their pants out now it's the right time... that way the sellers become rich while they can.
|
|
|
|
For 0.01 TX fee, the attack will be made just 1% more expensive.
So it doesn't matter.
It does matter. The 0.01 PPC tx fee will dramatically limit your attack power. You have to pay 0.01PPC tx fee for each smaller unit of PPC when you divide each PPC into smaller unit of PPC, so you can't divide one PPC into unlimited smaller unit of PPC. That comes out as 1% overhead. 0.01/1*100 = 1% You cant stake mine with balance under 1 coin, so that's the minimum you need to split. You can't assume the minimum would be adequate. You may need to subdivide into millions of separate transactions to provide enough leverage for this to work. And then whether it will work depends on the specific implementation of proof of stake you're talking about. Assume? It's the reality. In PPcoin (and in most PoS cryptos), you're not eligible for PoS mining if the coin's quantity is less than 1. They attacker may use 2 even, but there's no point in doing that. Do you have code references to support this claim? It is amazing how little people know about the PoS mechanics off ppcoin and descendants. It is true, that some coins are very poorly configured, but let me give you an example and ask you to re-play your attack logic there. The current version of Diamond, has minimum stake time of 7 days and maximum stake time of 30 days. It also has a combine threshold of 100. What those numbers mean is this: 1. You DMD can't stake while younger than 7 days. 2. If your DMD happen to stake between 7 and 30 days (because of sheer luck, or because of too much coin age), it will be subject to splitting. The amount plus reward will be split in two almost equal pieces. 3. If your DMD happens to stake, when it is older than 30 days - for example, you kept your wallet locked for way too long, or the amounts are too small they can't be lucky enough -- then the amount is not split. Instead, the combining routine is invoked. What it does, is find other DMD amounts older than 30 days, and combining them all untill they all are not over the combine threshold (100) in this case. Then all these amounts stake together and create one new amount or around 100 DMD + reward. Now, say you have 10,000 amounts of 1 DMD which you let age enough and you hope could help you create such an attack. Tough luck... If they are all aged over 30 days, when they start to stake, each of the stakes will group 100 of them into one amount. You will end up with 100 stake events, instead of 10,000 as you had hoped. Caveat emptor. Are you still convinced this "attack" could succeed? If you want something like this to succeed, you need big piles of coins, large number of them, sitting with PoS disabled for a very long time, in order to be able to execute an attack like this. Which brings us back to the original PoS claims... more or less. To PoS coin developers/maintainers: You guys should look at this line in your code: int64 nCombineThreshold = GetProofOfWorkReward(GetLastBlockIndex(pindexBest, false)->nBits) / 3; This thing is usually improper. You are confused by the "do not touch this, we invented it right" comments around it, but in fact, what it does is limit the combine threshold to 1/3 of your PoW reward. You disabled PoW, perhaps, or reduced it's reward too much? The nCombineThreshold sets the upper limit of how big a pile of coins PoS will create for older coins. You want this to work! Mostly because the endless splitting that is done by PoS otherwise will create too small coin piles to stake often. Using Coin Control for this task is pretty much pathetic -- it is already built in your PoS code, use it. You might want to thank me, or not ;-) I would only like to answer the other half of your post -- the others being too rudimentary to answer (please ponder on your own). The coin control you're talking about can be easily disabled. It doesn't break the protocol and there's no way to know if the stake was generated by a single person or not. |
|
|
|
Americans engaging into scam and defending the same until this happens. No use banging your head against Americans. |
|
|
|
Since I'm not a developer nor a hacker I cant modify wallets to do such an attack, but here's the concept, which may not be right, but crackers may try.
We're going to exploit low PoS difficulty and prominently it's low for even 100% PoS coins. Like for mintcoin it's 0.243, even for popular and old coins like PPC, the difficulty is 10.
First let me explain the significance of difficult in PoS which's very much similar to difficulty in PoW. But don't assume low PoS difficulty means higher rate of returns. Each block gives the miner variable rewards depending on the current difficulty which predicts the probability of the coins to mint a PoS block. A low difficulty means the coins will easily be able to mint PoS blocks, since the number of PoS blocks generated by coins are frequent, the block reward will drop cause the interest rate is capped. In other words, when difficulty is low, the coins will have to wait less to generate a block reward, i.e. the coin will have less age so the block reward will be low. Similarly if the difficulty is high the block reward will increase cause the probability of the coins to make a PoS block will be less, so PoS blocks generated by the coins will be less but the interest rate has to be maintained at 20%; so to compensate for the lower block rate, the block reward will increase.
In PoS, when a node receives a number of coins all in 1 transaction (call this transaction X and the no. of coins in the transaction as A), all of these coins will be used to mine a block. The more the no. of coins in X, the higher the chance of hitting a block. The older transaction X goes the higher the chance of hitting a block. For coins which were received in another transaction (apart from X, call this transaction Z) but to the same address will try to mine a block separately from Z; the wallet will use Y along with X independently to mine blocks.
Suppose the probably of mining a block for X is within x days, after mining, the coin age renews to 0, making it ineligible to mine a block till it's old enough to mine blocks again.
We're going to compare the set of coins X which were received with in a single transaction to a no. of transactions the size of each being 1 coin, but the no. of transactions is such that it results in A no. of coins (i.e. A no. of transactions). This mean for each of these coins, the wallet will try to generate a block using them separately. Let's call this set of coins Y.
The probability of one coin to generate a block is x/A (since X has A no. of coins); for all of A no. of coins used together, the probability to generate a block is (x/A)*A = x. So Y has the same probability to generate a block as compared to X. Once a block has been mined, the age of the single coin used to mine a block becomes 0 and it comes ineligible for mining, but all other coins are still eligible for mining. Now the probability of Y to generate another block is (x/A)*(A-1) which is almost x (call this changing value y, i.e. y is the current mining power of Y after a no. of coins's age has been reduce to 0). Depending on the size of A, the this value of y will almost be the same as x for (x/A)*(A-1), (x/A)*(A-2), (x/A)*(A-3)... (x/A)*(A-100). The larger the value of A, the closer is the mining power to x as a single coin will be less significant for a large value of A.
So Y has lot more power to generate blocks as compared to X with the same no. of coins. The attacker with possession of Y can wait for an attack till the coins become older which yields better probability of blocks.
In a 51% attack, you need exactly that. You try to fork the block chain and try to make the forked chain longer than the main chain and once that happens all valid transactions in those chains will be lost (double spending). So when it comes to hashing power, PoS is more vulnerable to PoW.
It's a fallacy that you need most of the coins in a PoS coin to attack it; it all depends on the difficulty. You can do an attack even if you have less than 1% of the coins. It's all on the difficulty.
If you do a mindless criticism (criticizing me without any reason or calling the whole text gibberish without stating a reason), realize that it's clear that you own a huge stake in a 100% PoS crypto and are planning to dump it at a pump which this article may reduce the probability of (if it is true).
If you don't believe me, very well. I got no issues, but I'm always open for constructive discussion. As of attackers, they may try this and succeed while you believe this's a lie.
just seeking clarification here. but would this "theoretical exploit" still apply if a coin had a low inflation? such as 1-5%? meaning.. not 100%POS? Yes, but to a limited extent. The more the PoS block, the more insecurity will be added. |
|
|
|
There's a flaw in the way the Bitcoin protocol distributes objects which can be used cause mischief with a PoS (and hybrid PoS/PoW) coin that has low PoS difficulty. I won't go into further detail, other than to say I have discussed it at length with Sunny King and for a popular coin like PPC is unlikely to be possible, but for the quieter coins it is of more concern. I can't see any easy way to fix it.
If trouble awaits with certain kinds of coins, it would be nice to be informed about it. Don't you think serious hackers who perform real attacks are far more likely to already know or be able to figure it out on their own than normal users/investors, and hence giving more information about it here is more likely to benefit normal users than real attackers? There are hardly any successful PoS coins. Especially the ones which have been mined. There's more profit in finding vulnerabilities in Microsoft software and selling/exploiting them for botnets. |
|
|
|
./hardforkcoind getinfo
{
"version" : 1000000,
"protocolversion" : 70001,
"walletversion" : 60000,
"balance" : 0.00000000,
"blocks" : 10,
"timeoffset" : 0,
"connections" : 1,
"proxy" : "",
"difficulty" : 0.20926401,
"testnet" : false,
"keypoololdest" : 1406892517,
"keypoolsize" : 101,
"paytxfee" : 0.00000000,
"errors" : ""
} Great job! You made your 1st coin! |
|
|
|
This may migrate this attack a little, but still this's magnitudes insecure than PoW. |
|
|
|
dE_logics@ Please take your shit somewhere else, we do not need your shitty coin. If you need to promote your coin, go somewhere else. Guys, it is better to just ignore these trolls [ dE_logics ] & focus on the development. These usually have other vast interests, if you ignore them they will disappear, no need to fight or argue, not worth your time. You guys realise that this is our coin? It's the old version. They can't. They're too dumb. They invested all their savings into this coin, they call anyone criticizing their coin a troll cause they panic and have fear. They're desperate nerds anyway. See, these guys are kids basically. They all behave similarly -- like kids. |
|
|
|
Remember, nothing is ASIC intolerant, but the cost to develop an asic for Scrypt-OG is currently a deterrent. As of scrypt-n, I speculated in April that such a product will be easy to make. From what it looks like, you basically reduced the n to 256. |
|
|
|
dE_logics@ Please take your shit somewhere else, we do not need your shitty coin. If you need to promote your coin, go somewhere else. But you did shit right here. In your beloved coin's thread. Why do you think that's MY coin? |
|
|
|
|
Show Posts
