Hold on. Blockchain API seems to be down or something. I'm looking into it. BRB.
Getting this message ^ Hope that it is up soon. This thing is going insane
|
|
|
A payment that isn't confirmed isn't the sites fault. Make sure to use a fee of at least 0.0001 to ensure your transaction is confirmed fast.
|
|
|
Lol at least he got it back. Thats a huge amount of btc and the owner could have just ran and took it. Did the ponzi stop moving? Seems to have 8btc on the wallet and none sent back
It's still processing payouts. The thing is that only 1 payout is processed every 60 seconds, then another payout in another 60 seconds. Theyre not all at once. I'm working on the code to make it so that every minute it sends more than 1 payout. Thanks, Wow OK they all have been processed now. Over 10 btc processed in a couple minutes. Did you fix it? Received my payment and will be reinvesting.
|
|
|
Lol at least he got it back. Thats a huge amount of btc and the owner could have just ran and took it. Did the ponzi stop moving? Seems to have 8btc on the wallet and none sent back
|
|
|
This is not 130% There is a fee if im not mistaken
|
|
|
24 more hours until bassguitarman wins the bid with 0.1 btc
|
|
|
I really vote against hotkeys but you said that you would make it customizable. I would hate to mash my keyboard and then bet it all on a 1% bet and lose.
|
|
|
Ponzis are actually a great way to make money if you know what your dealing with. Get in early and dont be greedy and you can make a large profit. Ponzis have to close sometimes and the luck is in guessing when that will happen. If a ponzi opens today, invest, and it will probably not close the day or next.
|
|
|
Ponzi is definitely picking up some steam. I've been paid back 3 times so far and am reinvesting. Hopefully the huge bets will be covered in time for mine to be paid.
|
|
|
Nice, reinvested plus added a bit more. Got my payout confirmed, good site.
|
|
|
Idk what happened, but remember this ponzi is weekly so it resets weekly. Theres no reason to have multiple accounts and threads though, maybe you should just make 1 weeklyponzi.com thread and account
|
|
|
So to payout the 0.015 BTC , someone gotta send the same amount or more right ?
It's nice if it's really auto, atleast there's a timer.
Yep. I sent a much smaller amount to test (0.001, minimum), and when there is around 0.02 btc fund the 0.015 person's bet will be paid back. I would introduce maybe a daily ponzi and an unlimited ponzi for some variation. try to build some users so this goes faster
|
|
|
Auction still starting at 0.1 btc, get your script now for a fraction of the price!
.1 Auction confirmed started. 48 hours until bassguitarman wins the auction with 0.1 btc unless someone bets, then the timer is reset for 24 hours. If someone does not place a bid for the 24 hours after the bet, the person with the bet wins. This removes the possibility of auction sniping
|
|
|
How can a Ponzi be trusted? You are talking about the liars we can trust. that's ridiculous.
The Ponzi that pays you is always run away with your money at the end,maybe you would benefit from the Ponzi,but the later investors pays for this.
A ponzi here is not one that you would commonly think of. Here it is more of a game, hoping that the next person will send and if they dont you will lose your money. The owners not running away with your funds and scamming you, he is simply running the game and if the ponzi is time limited, he takes the funds for profit and resets the game, and it is 100% transparent and no on is calling scam.
|
|
|
Im working on a burst related project and I understand burst is very similar to NXT in the way it works. Does anyone have any API documentation that they can provide me allowing to check transactions of the wallet, generate new one, and send money?
|
|
|
Happy that there is a new ponzi in town. I used to use ponzis all the time, they were a lot of fun and you can earn some money if your smart.
|
|
|
Congrats mate. Also did you get into the accepted in default trust? Its showing you as giving trust points
|
|
|
...
very nice sum up i'd like to add: bitcoind which has access to funds should not run on the same machine as the webserver. and if you use a salt dont reuse it Yep I am not reusing salts, they are randomly generated when the user creates account, but stored in the same table as their username and password. I use SHA256 for password hashing, and it is hashed 65 thousand times. bitcoind will not be run on the same server
|
|
|
Yup, in the interim you could always change the port numbers as well until you can upgrade your infrastructure. A quick fix would be to filter our the input characters: " ; ' - / * xp_ \ and %. In addition to that, you can redirect all your 40x error pages back to your login page. You usualy have to create the pages and then tell the webserver that you have those pages. You might also want to capture the login ip address and then for x amount of failed logins, lockout that IP address by adding to the firewall as a block. This will help prevent against someone running a dictionary attack on your login code. You might want to add a timer or captcha after a failed login as well. In the error messages, don't distinguish between a failed username or password, I think you just display a generic error message which is good. If you decide on a password reset function, whether the email address exists or not, don't display an error message if someone submits a bad email address. Netnames has a bad history of having some lax security for social engineering, if someone figures out your real name, they may attempt to contact them and social engineer a password reset on your vps account. What I usually tell people is to contact them in advance and tell them to deny all password and email change resets over the phone and call you back on your mobile phone. They have a notes field in their customer management systems (I think they use salesforce) so that your request gets honored. You might have to ask for a supervisor, but they will do it. Lastly, you might want to throw in what I call a fake breadcrumb trail or Chum in your php/html. In the comments section of your login page, deposit, or withdrawal page, something that goes like this: /* Hot wallet is located at fake.ip.address and rpc login is fakepassword on port fakeport. */ It won't fool everyone, but you can at least redirect some of the snooping elsewhere. I would also create a fake directory in the php directory called wallet and put a wallet.dat file in there with 0 btc in it or dust. That way if someone breaks in, they'll go for the easy target. You can then monitor the file for access or the wallet balance to see if it gets nabbed. In your database, don't call the password field password, call it something else like indexing, etc and then dump in fake unencrypted passwords into the password field. I often create fake user, password, and email tables for my applications. That way, if someone steals the password database, they'll go for the low hanging fruit to buy yourself some time. Also, avoid MD5 and SHA1 for encryption, I'm sure you already know this, but just putting it out there. When you salt your passwords, don't store the salt in the config files. You can also write a function to scan for a specific account in there, like Admin and P@ssw0rd, so if someone uses them, you'll get some type of an alert and then a shutdown function so you know your username and password table has been compromised and powers down (or disables) the services preventing additional loss. These tips are extremely helpful. Putting fake info in somewhere that isn't in plain site, but is easily accessible by a decent programmer would be very helpful, because they would spend hours on that ip. The fake mysql columns is also a great idea and I think I may use this in the final copy. The salts are generate different and are unique to each user, so there isn't one main salt. Currently I don't have incorrect password protection (since its still testsphase), but I will also add this. I also don't have any IP protection, and I think I will make the user re-login if the IP changes
|
|
|
Was I accepted?
I would like a pm or a message saying that I was accepted as well
|
|
|
|