Your fee on that transaction was 0.2 XMR - http://chainradar.com/xmr/transaction/487ba284e7f4aecc262901d7ac8d8490a9639484e8c28ffe84de0ba89e7abda6

I see no reason for the fee to be 0.2 XMR, though, are you using a custom build of simplewallet?

http://www.databasically.com/2011/03/14/git-commit-early-commit-often/ -

"You can clearly see the evolution of this feature, and it makes sense. Not only can you step back (if user permissions were implemented incorrectly, for instance) but Alice was "forced" to think about each logical step of her development process, instead of jumping in head first. It's engineering 101 - break a problem in its atomic elements, and attack each of those."

http://blog.codinghorror.com/check-in-early-check-in-often/ -

"Developers who work for long periods -- and by long I mean more than a day -- without checking anything into source control are setting themselves up for some serious integration headaches down the line."

And to quote from my personal favourite, http://sethrobertson.github.io/GitBestPractices/#commit -

"Git only takes full responsibility for your data when you commit. If you fail to commit and then do something poorly thought out, you can run into trouble. Additionally, having periodic checkpoints means that you can understand how you broke something. People resist this out of some sense that this is ugly, limits git-bisection functionality, is confusing to observers, and might lead to accusations of stupidity. Well, I'm here to tell you that resisting this is ignorant. Commit Early And Often."

Well, I guess you proved that right.

Bytecoin's developers aren't capable of developing the coin, and need to borrow code from Monero without attributing it.

See, two can play this game. The difference is that mine has actual verifiable proof.

It's not a dirty trick, it just saves us the hassle of having to change licensing as and when we do touch one of those files. It's the equivalent of having *no* license headers, but then in the LICENSE file specifying that parts of the project are copyright the CryptoNote Developers - are you then supposed to list which parts are yours, maybe have a log of every line changed? No, because "git blame" does that already. Similarly, if anyone wants to know which parts of a specific file in the codebase have been modified, they could use "git blame" to see.

Why on earth would we constantly change the underlying protocol? Protocol changes will come when they are needed, not because we feel like making random changes to the protocol.


Commit early, commit often. Committing a whole bunch of changes in 1 commit is going to lead to a disaster when you have multiple people working on the same project, because everyone needs to rebase off everyone else's commits. I guess Bytecoin don't need to worry about that.


Again, disingenuous given that we work in branches before committing to the development branch to make rebasing easier. Things are only merged into master (staging) when they are ready.




I guess you must be struggling with your eyesight.



Prior to that blogpost, all the way back on July 25th, Meeh and I confirmed the formation of Privacy Solutions to enable i2pd development to progress to the benefit of both Anoncoin and Monero. Even further back in July the 13th's Missive this was set in motion when we said: "I2P: subsequent to discussions with the I2P team, we are going to be making a bit of a diagonal movement from libi2pcpp to i2pd. This should end up with us slightly ahead on the I2P integration project than we would've been. The major focus at the moment is getting TCP streaming (for persistent connections) to work, and that is where the largest focus is at present."


It was replaced with this one: https://geti2p.net/en/blog/post/2014/08/15/The-privacy-solutions-project in order to clarify that we've moved away from i2pcpp and to i2pd instead. The original blog post is archived here: https://web.archive.org/web/20140703064626/https://geti2p.net/en/blog/post/2014/05/25/Monero-partnership


Not a single person's money was lost. It was an error that was fixed in a branch and was not merged into master. That was, indeed, a grave mistake, one that has prompted us to focus on adding RPC unit tests so that this does not happen in future. TDD is hard when you're doing it in retrospect.



Not true.






We credit and attribute every time. Very early on there were some changes that were merged without attribution before this standard could be universally enforced, that is true. However, all of this changes are also in the CryptoNote Starter (the reference implementation) where it specifically says "Copyright the CryptoNote Developers", so we retain their copyright and really should be attributing the work to them and not Bytecoin.


Blatantly incorrect. The github commit in question from Jun 2nd is clearly titled "Added 'payment_id' optional argument to 'transfer' wallet RPC method". The duckNote developer was confused, and implied that we were trying to claim we wrote the payment ID functionality initially. This is not true. Payment IDs were added to the reference code when it was still in the Bytecoin repository, and we acknowledge that CryptoNote wrote that. However, we added the payment ID option to the RPC call.

Contrary to what you claim, you can see where our code was taken and used by Bytecoin without attribution in their commit on June 25th -
https://github.com/amjuarez/bytecoin/commit/76bb193b0556aaaa3ffa5d48db7bd28eceb36300#diff-b7ff5388bca1357894178fd7f93d4ad8R55

They even took our exact code and stripped the comments out -
https://github.com/monero-project/bitmonero/commit/117393d562fc9782efed0e1b25f6470d9f8102b2#diff-297e4d3d4221d9bf7ea37267597959f9R106
https://github.com/amjuarez/bytecoin/commit/76bb193b0556aaaa3ffa5d48db7bd28eceb36300#diff-297e4d3d4221d9bf7ea37267597959f9R88

Visually -

Our commit on June 2nd:


Bytecoin's commit on June 25th:


Again, Bytecoin did this without attribution. Even duckNote in their commit backed down and attributed us, and I have the utmost respect for them doing so.

Seriously, this stuff isn't rocket science to get right, I don't understand how your post can have so many gaping errors.

We had no control over the launch of Monero. We inherited a steaming pile of horse manure by chance and circumstance. We are a completely unfunded open-source project that relies on community donations to get anything done. We had no premine, no instamine, no ninjamine, no fake blockchain. We are not a company. We are not a startup. All of the members of the core team and the contributors have to have jobs or do work of their own in order to live. Monero does not pay us salaries or remunerate us in any way. We work entirely, absolutely, completely for free and at-will.

Again: other cryptocurrencies forked from Bitcoin do not have this uphill battle, because they don't inherit a steaming pile of horse manure. They inherit a well built machine with 6599 github commits spanning 5.5 years. They inherit a wealth of freely available software that can be trivially modified to work with their newly forked cryptocurrency (Electrum, MultiBit, CoinPunk, VanityGen, BitcoinJS). They can add a logo, tweak some values, and "release" something that took them a day or two. For us to do the equivalent of any of these projects would require weeks or months of effort developing from scratch.

So please name the people that have bought Monero. No no - not bought the cryptocurrency created by miners (of which group the core team does not belong), I mean bought the Monero software from the Monero core team. Because I fully understand if those people want the software they've bought to "just work". The rest are using a freely available open-source software that is being continuously and incrementally improved.

You treat us like a company with funding when you use phrases like "take a product to market", or calling our users "customers" when they are not. Your argument demonstrates stupidity the likes of which I have not previously encountered on Bitcointalk. You are clearly intelligent in that you can express your viewpoint in a coherent and sound manner, but that you conflate funded software development with the nature of open-source development is mind-blowing. It is an underlying stupidity that I do not think can be helped or reasoned with. I do not mean this as an ad hominem attack, but as an unfortunate statement of fact. If you are interested in correcting your fundamentally flawed thinking, I suggest starting with the Wikipedia article on Open-Source Software Development as a very soft introduction, and then reading Eric S. Raymond's seminal papers on the matter, The Cathedral and the Bazaar and Homesteading the Noosphere. I trust that at some point in the future when you have come to your senses, so to speak, we can pick up this conversation and continue it based on our mutual rational thinking, observation, and logic.

Sorry when did we say that? Citation, please.

Uh nope...


Our most recent updates were the blockchain spam attack post-mortem Part I on the 24th and Part II on the 25th.

What's your baseline for comparison? Oh that's right - all the other cryptocurrencies that can inherit all the work and broad testing that's gone into Bitcoin over the past 5.5 years. Makes perfect sense, carry on then.

We love you too!

/ \/ \
\      /
  \  /
    V

Such ASCII art...much skill...wow...

Your theory (and I say your, because it's clear to everyone that, at the very least, you and Cheesus are the same person) is predicated on the high emission curve that you yourself voted for. Given this state of affairs, I think it's reasonable for us to conclude that the botnets are controlled and operated by you, the person who pushed for the emission curve.

A cryptocurrency growing in popularity is being mined by botnets?? It can't be, this is surely unprecedented in all the history of all the world!

http://krebsonsecurity.com/2013/07/botcoin-bitcoin-mining-by-botnet/
http://www.coindesk.com/microsoft-destroys-bitcoin-mining-botnet-sefnit/
http://www.theinquirer.net/inquirer/news/2332589/bitcoin-mining-botnets-and-windows-xp-threats-are-booming-says-dell-sonicwall
http://www.networkworld.com/article/2225927/security/gaming-company-caught-building-bitcoin-mining-botnet-from-users--computers-gets-off-light.html
http://www.scmagazine.com/bitcoin-mining-botnet-has-become-one-of-the-most-prevalent-cyber-threats/article/288315/
http://www.symantec.com/connect/blogs/bitcoin-botnet-mining
http://www.bbc.com/news/technology-25653664
http://www.zdnet.com/nas-device-botnet-mined-600000-in-dogecoin-over-two-months-7000030662/
http://www.engadget.com/2014/02/25/bitcoin-cryptocurrency-compromise-pony-botnet/
http://blogs.mcafee.com/mcafee-labs/delving-deeply-into-a-bitcoin-botnet
http://securelist.com/blog/incidents/30863/the-miner-botnet-bitcoin-mining-goes-peer-to-peer-33/
http://bitcoinvox.com/article/883/litecoin-mining-botnet-using-cloud-accounts
http://www.reddit.com/r/litecoin/comments/1uvz7m/litecoin_botnet_killing_difficulty/
http://www.pcworld.com/article/2452080/facebook-kills-lecpetex-botnet-which-hit-250000-computers.html
http://www.webroot.com/blog/2013/07/22/yet-another-commercially-available-stealth-bitcoinlitecoin-mining-tool-spotted-in-the-wild/
http://www.esecurityplanet.com/malware/researchers-warn-of-litecoin-mining-malware.html
http://imaginarymarkets.com/the-doge-report-rampaging-scrypt-botnet-jumps-from-litecoin-onto-dogecoin-causes-fear-and-panic/

And what are we supposed to do about fake accounts? Where we see them they get called out by us:


Seriously, what more must we do? It's a waste of time and effort calling out fake accounts - you should know, you've already been caught out as being a fake account.


So you're suggesting people in a cryptocurrency forum stick to USD...?

http://github.com/monero-project/bitmonero/commits/master
http://github.com/monero-project/bitmonero/commits/development

The prices are high because we have diverged from the CryptoNote reference implementation ages ago. Also, it's important to understand what that means, and to understand that we did not "clone" Bytecoin (although TFT did use their code base initially), we effectively used the CryptoNote reference implementation (which, in and of itself, is also forked from Bytecoin). You'll notice that in both our original forked code, and the CryptoNote reference code, that the only developers credited are "the CryptoNote developers", not the "Bytecoin developers".


As mentioned above, Bytecoin is merely the reference implementation of CryptoNote. Just like we don't use Bitcoin's testnet for regular transactions, it's probably unwise to use CryptoNote's reference testbed (Bytecoin). I'm also excited to find out how you imagine they're going to get rid of the premine. Are they going to null out the blockchain and start from scratch?

2014/08/24 Monero Blockchain Spam Attack - Post Mortem

Part II

As you know from yesterday's Part I of the post-mortem, the net-effect of the attack was an addition of 22mb of data to the blockchain. Because of the unnaturally sharp increase in transaction volume, some transactions experienced delays, mostly several minutes but a few up to an hour, during the heat of the attack. The total duration of the attack was around 13 hours.

The attack started on 2014-08-23 at 15:06:59 UTC with the three transactions in block 186102. It ended on 2014-08-24 at 03:56:07. There were a handful of transactions (15 of them) mined as part of a second attempted attack 12 hours later (starting at 16:51:16 on 2014-08-24). By the time this second attack started, however, the network was already mostly upgraded, and it would appear that the attacker had no desire to repeat the attack with a 0.1 XMR fee.

In total, 1361 malicious transactions were confirmed and mined, although there were several hundred transactions that fell out the mempool as the network upgraded and pool operators started with a clean mempool. Every malicious transaction used a fee of 0.01 XMR, presumably to stay ahead of fee hikes or to have some sort of priority for the transactions, resulting in a total cost to the attacker of 13.61 XMR. Whilst this is not much of a cost, it's important to consider that the 13.61 XMR actualised cost only resulted in 22mb of additional blockchain data, so it's a fair trade-off. If the attacker wanted to repeat the exercise it would cost him 10x as much right now.



You can see the attack plummet to 0 as most of the network and the major pools switch over, effectively cutting off the attackers supply of cheap transactions.

Timeline Summary

2014-08-23, 15:06:59 UTC - attack starts
2014-08-23, 16:12:07 UTC - core team begins to notice oddities
2014-08-23, 16:23:56 UTC - attack confirmed, mitigation begins
2014-08-23, 20:43:13 UTC - fee bump pushed to my (fluffypony) repo after internal testing, pools begin upgrading off that repo
2014-08-23, 21:12:39 UTC - fee bump merged into master
2014-08-24, 12:51:26 UTC - OS X binaries pushed to monero.cc and announced
2014-08-24, 01:10:05 UTC - Windows binaries pushed to monero.cc and announced
2014-08-24, 01:25:20 UTC - Linux binaries pushed to monero.cc and announced
2014-08-24, 03:56:07 UTC - attack ceases to function as the network soft-forks to the new fee

Thank you for your patience and support during this process. Work is underway to fix this permanently by switching to per-kb fees, and we expect to have this fully tested and deployed within the next 2-3 weeks, after which time transaction fees will go back to "normal"

It's been done before, even recently with Bitcoin (see the 1Enjoy 1Sochi attack last year). A highly motivated, highly skilled attacker with near limitless resources would benefit far more by combining market manipulation with an organised disinformation / smear campaign. At the moment, those who seek to disrupt little ol' Monero are able to do the latter, but lack the resources to do the former. The only thing you can hope for in future is that market manipulation, controlling more hashrate than half the network, spam attacks, and attempted DoS attacks become so expensive that even our proverbial attacker chooses to walk away from those options. We can't prevent the disinformation / smear campaign, but given how poorly it's going for certain-other-parties right now I don't suspect it to be terribly successful in the future;)

At the moment it's not stored efficiently - the key image set and the utxoset are both duplicated separately from the blockchain. This will be more efficiently stored in the database:)

[2014-07-16T12:57:07+0200] <ceger> Jojatekok did that guy really donate 5000xmr?
[2014-07-16T12:57:20+0200] <Jojatekok> no, or not yet :p
[2014-07-16T12:57:29+0200] <Jojatekok> I'm curious about it though
[2014-07-16T12:57:33+0200] <ceger> i hope he does buddy
[2014-07-16T12:57:38+0200] <Jojatekok> he has the world's 351st richest BTC address
[2014-07-16T12:58:37+0200] <ceger> interesting
[2014-07-16T12:59:31+0200] <@fluffypony> who donated 5000 XMR?
[2014-07-16T12:59:34+0200] <Jojatekok> but I'll make the next release introduce some special features anyway, and will dedicate it for him if he does
[2014-07-16T12:59:57+0200] <Jojatekok> fluffypony: no one yet, just an interesting post: https://bitcointalk.org/index.php?topic=683365.msg7857958#msg7857958
[2014-07-16T13:00:38+0200] <@fluffypony> weird
[2014-07-16T13:00:45+0200] <@fluffypony> I hope he does
[2014-07-16T13:00:48+0200] <Jojatekok> yeah
[2014-07-16T13:02:03+0200] <dreamspark> nice, I doubt he will but if he does that sure to help out eh fluffypony? Or is it a donation to gui creator?
[2014-07-16T13:02:22+0200] • ceger: pets the pony
[2014-07-16T13:02:27+0200] <@fluffypony> dreamspark: to Jojatekok, not to us
[2014-07-16T13:03:23+0200] <Jojatekok> he should also donate to you :p
[2014-07-16T13:03:28+0200] <dreamspark> fluffypony, cool well 20btc is alot Im sure Jojatekok may throw a little in the dev fund
[2014-07-16T13:03:39+0200] <Jojatekok> dreamspark: exactly
[2014-07-16T13:04:44+0200] <Jojatekok> I'll send 100 XMR to the dev team whether he really does donate me 5000 XMR
[2014-07-16T13:07:51+0200] <Jojatekok> but at the moment, even 100 XMR is pretty much for me :O
[2014-07-16T13:08:05+0200] <Jojatekok> (I have like 537 XMR now)


Come From Above did NOT donate 5 000 XMR to Jojatekok, despite him claiming that he was going to do so.

We don't lack the resources (as in highly skilled developers), we lack funds to allow them and us to spend more time on this.