Bitcoin Forum
September 23, 2019, 06:48:19 PM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: [ANN] MangoCoinz (official) - The mobile crypto currency  (Read 2942 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
SreleFromMangoCoinz
Sr. Member
****
Offline Offline

Activity: 245
Merit: 250

CTO at MangoCoinz


View Profile WWW
October 26, 2015, 04:00:04 PM
Last edit: November 02, 2015, 02:54:40 PM by SreleFromMangoCoinz
 #1









































MangoCoinz, mobile cryptocurrecy mining is here. Available for Android now and soon on the iPhone!
1569264499
Hero Member
*
Offline Offline

Posts: 1569264499

View Profile Personal Message (Offline)

Ignore
1569264499
Reply with quote  #2

1569264499
Report to moderator
1569264499
Hero Member
*
Offline Offline

Posts: 1569264499

View Profile Personal Message (Offline)

Ignore
1569264499
Reply with quote  #2

1569264499
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1569264499
Hero Member
*
Offline Offline

Posts: 1569264499

View Profile Personal Message (Offline)

Ignore
1569264499
Reply with quote  #2

1569264499
Report to moderator
SreleFromMangoCoinz
Sr. Member
****
Offline Offline

Activity: 245
Merit: 250

CTO at MangoCoinz


View Profile WWW
October 26, 2015, 04:01:43 PM
 #2

Hey,

There is also one more exchange that MangoCoinz is listed on and that is https://www.banx.io

Best regards, Srele from MangoCoinz.

MangoCoinz, mobile cryptocurrecy mining is here. Available for Android now and soon on the iPhone!
Sir_Astral
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500


View Profile WWW
October 26, 2015, 04:12:22 PM
 #3

How to see diff, total coins mined already etc.?

SreleFromMangoCoinz
Sr. Member
****
Offline Offline

Activity: 245
Merit: 250

CTO at MangoCoinz


View Profile WWW
October 26, 2015, 04:17:15 PM
 #4

How to see diff, total coins mined already etc.?

Hey Sir_Astral,

You can see the current state of the coin by going here: http://coinmarketcap.com/currencies/mangocoinz/
Oh, and the daily limit (difficulty) is visible from within the app when you press on the coins indicator (big circle).

Best regards, Srele from MangoCoinz.

MangoCoinz, mobile cryptocurrecy mining is here. Available for Android now and soon on the iPhone!
Sir_Astral
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500


View Profile WWW
October 26, 2015, 04:32:05 PM
 #5



Limit for all users or my limit?

SreleFromMangoCoinz
Sr. Member
****
Offline Offline

Activity: 245
Merit: 250

CTO at MangoCoinz


View Profile WWW
October 26, 2015, 04:35:07 PM
 #6



Limit for all users or my limit?

Hey Sir_Astral,

This is the limit for all users in your time zone.
This is because the limit updates every day at midnight your local time.

Best regards, Srele from MangoCoinz.

MangoCoinz, mobile cryptocurrecy mining is here. Available for Android now and soon on the iPhone!
cromwell600
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
October 26, 2015, 05:27:19 PM
 #7

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.
SvonioneFromMangoCoinz
Member
**
Offline Offline

Activity: 568
Merit: 10


View Profile
October 26, 2015, 08:14:19 PM
 #8

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.


Some things you say are true, most aren't. Reading up on general purpose tech and having a premise that every system only works on the worst and lowest version of the tech type it uses is just bad. The problems you have mentioned are, simply put, problems that any architecture of that type has. Do you keep your money in a bank or under your bedsheets? Think twice if it's a bank.
But that doesn't mean you can't get the 99% efficiency.

We have invested a lot of money and time into this project, we have been through a lot of bad and nice stuff with our community. If you are indeed someone who has read the old thread, you would know that all the stuff present now will only get better in the future. We said we will move towards open source and decentralization. We delivered before. We will on this as well.
Once the thread gets rolling, we will present our plans.

Please don't mistake our honesty for incompetence.
Made an account just so you can post here?

MINTER - WE MINT COINS AND CREATE THE INTERNET OF MONEY
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Telegram  |  Bip Wallet  |  Twitter
DOGEbubble
Hero Member
*****
Offline Offline

Activity: 848
Merit: 501


View Profile WWW
October 26, 2015, 11:43:10 PM
 #9

Congratulations!  Mangocoinz is reaching another milestone.

  Great News 

digit
Legendary
*
Offline Offline

Activity: 1644
Merit: 1006



View Profile
October 27, 2015, 02:13:30 AM
 #10

Guys, we are pleased to announce that the new ANN thread has been published!

Come over and say hi Smiley  https://bitcointalk.org/index.php?topic=1221198.new#new

Hi! Smiley

Great to see the ANN, looks really shiny.  Hopefully moderation will not be necessary

I like the runners gif, very cool  Cool
Quote

I highly recommend https://www.banx.io, its another great exchange to trade mangocoinz on and they also have recently
reduced the trade fees to half and also reduced the minimum quantities needed to make a trade.  less fees more profitable trading Wink

https://www.banx.io/trade?c=MCZ&p=BTC



BTC:1DigitwteXwFcRAaWpVDRp6eKqzC6y9tgm ■ ŁTC:LKMcEHoFWHAUoRscqW1cwjhLgFrk7MgCWU ■ BLK:BR4WG59FjQYiQNVR3Ftn9EYgs4kJE1YLUK ■
gravitate
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000


View Profile
October 27, 2015, 02:24:30 AM
 #11

Great new thread and now is a good time to get into mangos as can still mine quite a lot.

To peel or not to peel.
zodiac3011
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500



View Profile
October 27, 2015, 04:11:27 AM
 #12

I love this new thread. However the last time I install the app it is not compatible with android 5 yet. How about this time? I can't wait till I can download it.
barabbas
Legendary
*
Offline Offline

Activity: 1162
Merit: 1000


View Profile
October 27, 2015, 04:45:13 AM
 #13

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.

Some VERY valid points, no question about it. But screaming "Scam Alert" kind of devalues them because, so far, there's no basis for such alarmist terminology. Mangocoinz is what it is, the good the bad and the ugly. And yes, it cannot be trusted. Then again, NOT a single cryptocurrency can. Not one. Not even Bitcoin. Simply put -as you adequately put it- "it is a FACT". So, on that preamble and frame, Mangocoinz, as an investment, es neither more secure nor less secure than an y other crypto currency. And yes, to cal it COIN -or "coinz"-, just like calling it cryptocurrency, is simply not adequate and I'm sure the developers chose it instead of "token" of whatever other term for unity of value can apply. This is, in idea, an "alternative currency". A CENTRALIZED one at that. For good, bad and in-between.

Can it be "gamed"? of course it can be. It probably is. It probably has been. It SURELY will. Will the developers game it themselves? That's for you to decide if to trust them or not. And for the rest of the community.

Those are NOT the main problems of this project. They are simply circumstances of it. As long as the total number of coins is not altered, the value would depend on the popularity and usability: What can you purchase with those coins that you either "mine" or buy in the exchanges? Is it something you put a big value on? Then they would be VERY valuable. You cannot buy anything of interest with it and the trading value is minimal in terms of BTC or others? then you have yet another failed project, whether scam, incompetence, or just lack of interest.That's all.

You are, again, right, very right, in mentioning that a new (fourth) developer seems to have come on board. Someone of whom no one knows anything. That, obviously, doesn't lend a lot of trustfulness to the project, which, being 100% centralized -and make no mistake about this: There's no other way possible for this project, now or ever, therefore I don't understand the pretense that they will work toward decentralization...-, is absolutely indispensable for the community to know and meet. Total transparency, in this case, is not a requirement only, it's a necessity.

You also don't want to hear "but it's beta"... well, still is, sorry. Even if this new thread comes with the pretense that, technically, they are done. They aren't. If there's no SECURITY -outside of the centralized system-, then it is alpha, not even beta, for no one will ever put any kind of serious money in something that is sure to be hacked and robbed. It's THAT simple. But it is also beta in that we so far don't even know where the developers are aiming. I hear ideas, nice, interesting ones, but  
nothing specific, concrete, let alone already implemented. The merchandising idea is not just the obvious but the main -along with the sponsorships- attraction of this project in the beginning, but talking about it and implementing it EFFECTIVELY, are two very different things. So lets wait a bit and see what comes out of those ideas barely mentioned  and what the final purpose of the whole project is, because I don't see it at all yet. I have asked, since the very beginning, AND THEN WHAT? I still don't have any answers, therefore it remains beta, an idea, perhaps chimeric, a path full of difficulties ahead and, when the total number of coins are "mined", "THEN WHAT?"

I was VERY supportive of this project, as everyone in the community knows. I have gotten considerably cold since I saw that not only the kids did not have a real plan but were very, very reluctant to open the gates so to speak to let the people with the means and knowledge in. Now, Srele even posts that they have "invested a lot of money" in this... this from three guys that didn't have a dime to their names and couldn't even afford an IPhone to work on the application... again, not a whole lot of trust gained with such statements that, if nothing else, indicate that the underhand is up for the taking. I also brought to question the net transfer fees, which are excessive... to no answer, no avail. So, although I remain supportive of Mangocoinz, my investment has been drastically reduced and my support is lukewarm while I keep observing the developments. I never ever lie and I'd be lying if I'd say that I like all or most of what I see here.

And the decentralization of the project, again, is NOT, a problem to me. On the contrary, actually.

One final thought regarding the new thread: The animated gif is horrible. Not just bad: horrible, actually. Aesthetically it cannot possibly make less attractive the exercise with the phone hanging out of the leg. Really, really horrible. The fact that it is men doing the exercise is another horrible choice when women is an evidently more attractive and bigger demographic Mango should pursue... Please take it down asap and susbtitute it for something more endearing and easier on the eye not that horrific image that would turn off immediately any prospective "miner". Please also, don't consider this just "an opinion", alright? That's the easy way out for losers. It is a VERY EXPERT one, ok?
SvonioneFromMangoCoinz
Member
**
Offline Offline

Activity: 568
Merit: 10


View Profile
October 27, 2015, 11:56:16 AM
Last edit: October 27, 2015, 12:07:04 PM by SvonioneFromMangoCoinz
 #14

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.

Some VERY valid points, no question about it. But screaming "Scam Alert" kind of devalues them because, so far, there's no basis for such alarmist terminology. Mangocoinz is what it is, the good the bad and the ugly. And yes, it cannot be trusted. Then again, NOT a single cryptocurrency can. Not one. Not even Bitcoin. Simply put -as you adequately put it- "it is a FACT". So, on that preamble and frame, Mangocoinz, as an investment, es neither more secure nor less secure than an y other crypto currency. And yes, to cal it COIN -or "coinz"-, just like calling it cryptocurrency, is simply not adequate and I'm sure the developers chose it instead of "token" of whatever other term for unity of value can apply. This is, in idea, an "alternative currency". A CENTRALIZED one at that. For good, bad and in-between.

Can it be "gamed"? of course it can be. It probably is. It probably has been. It SURELY will. Will the developers game it themselves? That's for you to decide if to trust them or not. And for the rest of the community.

Those are NOT the main problems of this project. They are simply circumstances of it. As long as the total number of coins is not altered, the value would depend on the popularity and usability: What can you purchase with those coins that you either "mine" or buy in the exchanges? Is it something you put a big value on? Then they would be VERY valuable. You cannot buy anything of interest with it and the trading value is minimal in terms of BTC or others? then you have yet another failed project, whether scam, incompetence, or just lack of interest.That's all.

You are, again, right, very right, in mentioning that a new (fourth) developer seems to have come on board. Someone of whom no one knows anything. That, obviously, doesn't lend a lot of trustfulness to the project, which, being 100% centralized -and make no mistake about this: There's no other way possible for this project, now or ever, therefore I don't understand the pretense that they will work toward decentralization...-, is absolutely indispensable for the community to know and meet. Total transparency, in this case, is not a requirement only, it's a necessity.

You also don't want to hear "but it's beta"... well, still is, sorry. Even if this new thread comes with the pretense that, technically, they are done. They aren't. If there's no SECURITY -outside of the centralized system-, then it is alpha, not even beta, for no one will ever put any kind of serious money in something that is sure to be hacked and robbed. It's THAT simple. But it is also beta in that we so far don't even know where the developers are aiming. I hear ideas, nice, interesting ones, but  
nothing specific, concrete, let alone already implemented. The merchandising idea is not just the obvious but the main -along with the sponsorships- attraction of this project in the beginning, but talking about it and implementing it EFFECTIVELY, are two very different things. So lets wait a bit and see what comes out of those ideas barely mentioned  and what the final purpose of the whole project is, because I don't see it at all yet. I have asked, since the very beginning, AND THEN WHAT? I still don't have any answers, therefore it remains beta, an idea, perhaps chimeric, a path full of difficulties ahead and, when the total number of coins are "mined", "THEN WHAT?"

I was VERY supportive of this project, as everyone in the community knows. I have gotten considerably cold since I saw that not only the kids did not have a real plan but were very, very reluctant to open the gates so to speak to let the people with the means and knowledge in. Now, Srele even posts that they have "invested a lot of money" in this... this from three guys that didn't have a dime to their names and couldn't even afford an IPhone to work on the application... again, not a whole lot of trust gained with such statements that, if nothing else, indicate that the underhand is up for the taking. I also brought to question the net transfer fees, which are excessive... to no answer, no avail. So, although I remain supportive of Mangocoinz, my investment has been drastically reduced and my support is lukewarm while I keep observing the developments. I never ever lie and I'd be lying if I'd say that I like all or most of what I see here.

And the decentralization of the project, again, is NOT, a problem to me. On the contrary, actually.

One final thought regarding the new thread: The animated gif is horrible. Not just bad: horrible, actually. Aesthetically it cannot possibly make less attractive the exercise with the phone hanging out of the leg. Really, really horrible. The fact that it is men doing the exercise is another horrible choice when women is an evidently more attractive and bigger demographic Mango should pursue... Please take it down asap and susbtitute it for something more endearing and easier on the eye not that horrific image that would turn off immediately any prospective "miner". Please also, don't consider this just "an opinion", alright? That's the easy way out for losers. It is a VERY EXPERT one, ok?


Some nice points made by barabbas. Let me answer some regarding the dev team.

It's true, we are young. Early twenties, to be more accurate. Originally, there were 3 of us. Srele, Micto and myself. After some time we added one of our trusted close friends as a new dev. He is not a member of this forum, never posts anything. The 4 of us are very good friends IRL, we all live in the same city, all went to the same school. That's who we are. If we need more transparency, we will answer anything we can. Let's work on that a little bit.

It's true that we did't have any money when we started this. We couldn't afford an iPhone to work on the app. So we went to our families and other friends for help and we managed to raise some money to keep paying for the servers and to continue development. Servers right now cost us $150 per month, and we are still paying for it out of our own pockets. We are not selling coins in order to pay for expenses. We don't want to take the trading potential from someone else. If we need to disclose how many coins each of us personally holds, we will disclose that as well.

If by net transfer fees, you mean the 1% transaction fee, we will remove that. Since there wasn't any premine, we thought that we needed a way to accumulate some coins just so that we have them for bounties. We even gave out free coins to people that had some account problems.

As for the animated gif, we can replace it with something more pleasing to the eye, we just thought it was nice. Any suggestions on what it should be (a woman will run this time Cheesy)

Let's work on transparency.

MINTER - WE MINT COINS AND CREATE THE INTERNET OF MONEY
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Telegram  |  Bip Wallet  |  Twitter
wildduck
Legendary
*
Offline Offline

Activity: 952
Merit: 1001


View Profile
October 27, 2015, 01:34:43 PM
 #15

Great looking project i will install app on my iphone Smiley
SvonioneFromMangoCoinz
Member
**
Offline Offline

Activity: 568
Merit: 10


View Profile
October 27, 2015, 05:06:16 PM
 #16

Great looking project i will install app on my iphone Smiley

Contact us at support@mangocoinz.com Smiley

MINTER - WE MINT COINS AND CREATE THE INTERNET OF MONEY
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Telegram  |  Bip Wallet  |  Twitter
IchLiebeMango
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
October 27, 2015, 06:25:53 PM
 #17

Awesomeee Grin Smiley Smiley
cromwell600
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
October 27, 2015, 07:15:25 PM
 #18

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.


Some things you say are true, most aren't. Reading up on general purpose tech and having a premise that every system only works on the worst and lowest version of the tech type it uses is just bad. The problems you have mentioned are, simply put, problems that any architecture of that type has. Do you keep your money in a bank or under your bedsheets? Think twice if it's a bank.
But that doesn't mean you can't get the 99% efficiency.

We have invested a lot of money and time into this project, we have been through a lot of bad and nice stuff with our community. If you are indeed someone who has read the old thread, you would know that all the stuff present now will only get better in the future. We said we will move towards open source and decentralization. We delivered before. We will on this as well.
Once the thread gets rolling, we will present our plans.

Please don't mistake our honesty for incompetence.
Made an account just so you can post here?

I said nothing about the worst tech, what I wrote regard to the optimal case. You need top stuff to deliver the expected QoS in case of such a system.

"Think twice if it's a bank." - Yes, I only keep the necessary amount in a bank. But this discussion is not about me, I'm not the average in this case. That's not to say I don't trust a bank. The thing is, in some cases you don't have another option. Also, banks employ top security and reliability experts. They have regulatory obligations. Again, this discussion is not about banks in general, but: Most people don't have security concerns. Just imagine a simple runner as they are the main targets They don't care about the system. They trust it as much as they do with a bank. What bad could happen anyway? - they think. But let's examine the emotional side: A club runs for charity for a month to help raising money, but someone games the system and suddenly their coins are worth nothing.

"Made an account just so you can post here?" - Nope, I read the whole old thread and even posted twice. Those posts were also about security. I simply wanted to post my concerns here as you're extending the coin now. There is no problem with the issues as long as there are about 1000 people using it. That's 1000 * (daily limit) * (BTC trade price) * (BTC/USD price) per day (not considering multi-accounts) and it's not a huge amount. But if it's 100k people and BTC trade price is 100x the current one, it's significant money and it will be worth gaming the system. So yeah, I mainly posted it here so people stumble upon the truth hoping at least they scroll down reading the first page.

@barabbas: The reason I started with "Scam alert" is to get people's attention. Most wouldn't care about a long post otherwise.

@everyone: Reading again, my previous post looks a bit harsh and rude at some places, sorry for that.
SvonioneFromMangoCoinz
Member
**
Offline Offline

Activity: 568
Merit: 10


View Profile
October 27, 2015, 08:14:50 PM
 #19

SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.


Some things you say are true, most aren't. Reading up on general purpose tech and having a premise that every system only works on the worst and lowest version of the tech type it uses is just bad. The problems you have mentioned are, simply put, problems that any architecture of that type has. Do you keep your money in a bank or under your bedsheets? Think twice if it's a bank.
But that doesn't mean you can't get the 99% efficiency.

We have invested a lot of money and time into this project, we have been through a lot of bad and nice stuff with our community. If you are indeed someone who has read the old thread, you would know that all the stuff present now will only get better in the future. We said we will move towards open source and decentralization. We delivered before. We will on this as well.
Once the thread gets rolling, we will present our plans.

Please don't mistake our honesty for incompetence.
Made an account just so you can post here?

I said nothing about the worst tech, what I wrote regard to the optimal case. You need top stuff to deliver the expected QoS in case of such a system.

"Think twice if it's a bank." - Yes, I only keep the necessary amount in a bank. But this discussion is not about me, I'm not the average in this case. That's not to say I don't trust a bank. The thing is, in some cases you don't have another option. Also, banks employ top security and reliability experts. They have regulatory obligations. Again, this discussion is not about banks in general, but: Most people don't have security concerns. Just imagine a simple runner as they are the main targets They don't care about the system. They trust it as much as they do with a bank. What bad could happen anyway? - they think. But let's examine the emotional side: A club runs for charity for a month to help raising money, but someone games the system and suddenly their coins are worth nothing.

"Made an account just so you can post here?" - Nope, I read the whole old thread and even posted twice. Those posts were also about security. I simply wanted to post my concerns here as you're extending the coin now. There is no problem with the issues as long as there are about 1000 people using it. That's 1000 * (daily limit) * (BTC trade price) * (BTC/USD price) per day (not considering multi-accounts) and it's not a huge amount. But if it's 100k people and BTC trade price is 100x the current one, it's significant money and it will be worth gaming the system. So yeah, I mainly posted it here so people stumble upon the truth hoping at least they scroll down reading the first page.

@barabbas: The reason I started with "Scam alert" is to get people's attention. Most wouldn't care about a long post otherwise.

@everyone: Reading again, my previous post looks a bit harsh and rude at some places, sorry for that.

Thank you for apologizing, that is very kind of you. I'm sorry for my reply to you as well, it came off a bit rude. I apologize.
You are right, the system would be worth gaming in the case that you described. But we won't be sitting around with thumbs up our behinds and wait for it. We are making changes every day, and we are moving towards a system that's worth everyone's time and investment. And we would like people to see this thread and this coin even now, stick around, give some nice suggestions and show support (not money-wise) and witness all the changes and the final incarnation that will be considered amazing. That's our dream, what we move towards. A lot of stuff needs solving on that road, yeah but we can all do it together. It's fun Smiley

Thanks for dropping by.

MINTER - WE MINT COINS AND CREATE THE INTERNET OF MONEY
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Telegram  |  Bip Wallet  |  Twitter
sorryforthat
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
October 27, 2015, 09:59:40 PM
 #20

My account keeps telling me that I am suspended for suspicious activity. I am doing nothing out of the ordinary and the motion is primarily from walking to and from class. It seems to be an ongoing problem as I have had it fixed by emailing in the past. Any idea on how I can stop this from happening and also if my account can be fixed once again?

Closed beta app. Should I transition to the other one?
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!