vdice_io
|
|
November 09, 2016, 07:21:29 AM |
|
Decentralized app which rely on centralized services, this way it is not safe for players nor investor. You should postpone your ICO 'till you solve those issues which RHvar pointed out.
What we have here is some competitors saying wrong things and bad information about us. We expect this of course. When do competitors say good things. Everyone who reads this forum can really see that. So it's fine. They did disclose they are from competitor games, so it is OK.
|
|
|
|
|
|
|
|
"There should not be any signed int. If you've found a signed int
somewhere, please tell me (within the next 25 years please) and I'll
change it to unsigned int." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 09, 2016, 07:43:59 AM |
|
Decentralized app which rely on centralized services, this way it is not safe for players nor investor. You should postpone your ICO 'till you solve those issues which RHvar pointed out.
What we have here is some competitors saying wrong things and bad information about us. We expect this of course. When do competitors say good things. Everyone who reads this forum can really see that. So it's fine. They did disclose they are from competitor games, so it is OK. I'm not a competitor. I have no affiliation with any site. So please, just answer my question. Is this true or false: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize.
|
|
|
|
vdice_io
|
|
November 09, 2016, 05:27:49 PM |
|
Decentralized app which rely on centralized services, this way it is not safe for players nor investor. You should postpone your ICO 'till you solve those issues which RHvar pointed out.
What we have here is some competitors saying wrong things and bad information about us. We expect this of course. When do competitors say good things. Everyone who reads this forum can really see that. So it's fine. They did disclose they are from competitor games, so it is OK. I'm not a competitor. I have no affiliation with any site. So please, just answer my question. Is this true or false: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize. You spread lies everywhere.You paste images on social media. You spread lies generally. So dishonest.This was answered to the satisfaction of people much, much smarter than you, above. Maybe spend some time learning to understand the answer, instead of trolling Once again, in response to your question:- ---- 1- "Replay Risk" the very reason why the authenticated JSON-RPC APIs of random.org are used, is because of the "requestsLeft" field which is returned by each API call response ( https://api.random.org/json-rpc/1/signing ). This field content is tied to the API credentials specified in the query and is there to indicate how many requests are left in a given day. If we check all the TLSNotary proofs published on the blockchain (which contain the whole API response!), an independent auditor can verify whether any subsequent number in the "requestsLeft" fields is missing - when that happens, the auditor has a good indicator that something wrong happened (either on the Oraclize side - which sent more requests than expected - or by any external party knowing that specific API key (vDice itself & random.org)). Of course this doesn't say much about the intent in itself (can just be some failure in the HTTP request, which had to be sent again), but in general it provides some level of security against replay attacks. ---- 2- "setConfig" Oraclize are updating on-chain contracts in the coming days to support this. It's here for forward-compatibility and enables arbitrary Oraclize flags to be enabled/disabled. The very reason why the vDice contract needs it is to enable the "zero-confirmation query precomputation" feature. ----
|
|
|
|
Ggddtt
Member
Offline
Activity: 123
Merit: 12
|
|
November 09, 2016, 05:43:53 PM |
|
Decentralized app which rely on centralized services, this way it is not safe for players nor investor. You should postpone your ICO 'till you solve those issues which RHvar pointed out.
What we have here is some competitors saying wrong things and bad information about us. We expect this of course. When do competitors say good things. Everyone who reads this forum can really see that. So it's fine. They did disclose they are from competitor games, so it is OK. I'm not a competitor. I have no affiliation with any site. So please, just answer my question. Is this true or false: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize. it is very obvious they are beating around the bush TRUE
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 10, 2016, 06:48:59 AM |
|
Decentralized app which rely on centralized services, this way it is not safe for players nor investor. You should postpone your ICO 'till you solve those issues which RHvar pointed out.
What we have here is some competitors saying wrong things and bad information about us. We expect this of course. When do competitors say good things. Everyone who reads this forum can really see that. So it's fine. They did disclose they are from competitor games, so it is OK. I'm not a competitor. I have no affiliation with any site. So please, just answer my question. Is this true or false: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize. You spread lies everywhere.You paste images on social media. You spread lies generally. So dishonest.This was answered to the satisfaction of people much, much smarter than you, above. Maybe spend some time learning to understand the answer, instead of trolling Once again, in response to your question:- ---- 1- "Replay Risk" the very reason why the authenticated JSON-RPC APIs of random.org are used, is because of the "requestsLeft" field which is returned by each API call response ( https://api.random.org/json-rpc/1/signing ). This field content is tied to the API credentials specified in the query and is there to indicate how many requests are left in a given day. If we check all the TLSNotary proofs published on the blockchain (which contain the whole API response!), an independent auditor can verify whether any subsequent number in the "requestsLeft" fields is missing - when that happens, the auditor has a good indicator that something wrong happened (either on the Oraclize side - which sent more requests than expected - or by any external party knowing that specific API key (vDice itself & random.org)). Of course this doesn't say much about the intent in itself (can just be some failure in the HTTP request, which had to be sent again), but in general it provides some level of security against replay attacks. ---- 2- "setConfig" Oraclize are updating on-chain contracts in the coming days to support this. It's here for forward-compatibility and enables arbitrary Oraclize flags to be enabled/disabled. The very reason why the vDice contract needs it is to enable the "zero-confirmation query precomputation" feature. ---- What the hell? I quoted the third part audit that you posted. It's a simple question that you still have not answered. The reason you haven't answered it is because: If you lie and claim it's false: you would be disputing the results of the third party audit that you've been spamming all over the place. If you answer honestly, it would be even more obvious to more people that you either don't understand the concept of decentralization or you're a scammer. By the way, it was quite a shock when I saw your linkdin after all these blogs and press releases popping up that you deny paying for or writing yourself (assuming this is Jason, the CEO. It could be Barney, the " Social Media expert who spends all his time on the internet and is new to the blockchain" Even more shocking is that your simple dice site, which isn't even provably fair, is a piece of crap. Players can't verify rolls, it can take an hour to complete a single bet, and you've barely had 7k bets a month after launching. mikeyb @mikeyb Nov 07 08:17 @vDice_io_twitter What is the best way to validate/verify a bet? Doesn't seem like there is any info on easily replicating results. vDice.io @vDice_io_twitter Nov 07 09:27 Sure, that documentation is available through the support desk Just click the support tab on the site and contact them We'll get it live to the site as soon as we can Most of our devs front and back are focused on the ICO at the moment As you can imagine mikeyb @mikeyb Nov 07 09:46 Yeah but these are certainly things investors will want to see (like me, who is testing the system before investing) mikeyb @mikeyb Nov 07 09:55 And is it normal for it to take 30+ minutes for results on bets? Or is that due to the geth/parity swap? vDice.io @vDice_io_twitter Nov 07 10:52 Hi Mikey Understood I can leave a note for them to add this on the crowdsale site But it's best if you send them a message through the support tab I assume you mean when the results on bets are showing up in the UI And yeah, our front-end guys are upgrading the code for the custom APIs that power the UI As a result of the switch from geth to parity You should find that the bets themselves are being processed by the smart contract infrastructure in the standard timeframes mikeyb @mikeyb Nov 07 11:22 I am referring to the processing of the bet/game/round. When I send a transaction, it is taking over 30 minutes to send back to me either the winnings or 1 wei. https://i.gyazo.com/d133979710b4dd05c57b5335f2fae1e1.pnghttps://i.gyazo.com/6a468ce34f2fea71328c84ca1c32f871.pngroughly an hour to process and return the results I have submitted support ticket, but the response is pretty slow. Really wanting to talk with someone in realtime so I dont play support tag until the ICO starts It's time to come clean Jason. Or is it Barney?
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 10, 2016, 11:02:10 AM |
|
Is this true: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize.
|
|
|
|
vdice_io
|
|
November 10, 2016, 02:51:32 PM |
|
Is this true: Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize. Once again, here is the answer to your question below! I cannot help you if you do not understand the full answer. I do not have time to teach you technical skills or coding. I suggest perhaps this site: https://www.codecademy.com---- 1- "Replay Risk" the very reason why the authenticated JSON-RPC APIs of random.org are used, is because of the "requestsLeft" field which is returned by each API call response ( https://api.random.org/json-rpc/1/signing ). This field content is tied to the API credentials specified in the query and is there to indicate how many requests are left in a given day. If we check all the TLSNotary proofs published on the blockchain (which contain the whole API response!), an independent auditor can verify whether any subsequent number in the "requestsLeft" fields is missing - when that happens, the auditor has a good indicator that something wrong happened (either on the Oraclize side - which sent more requests than expected - or by any external party knowing that specific API key (vDice itself & random.org)). Of course this doesn't say much about the intent in itself (can just be some failure in the HTTP request, which had to be sent again), but in general it provides some level of security against replay attacks. ---- 2- "setConfig" Oraclize are updating on-chain contracts in the coming days to support this. It's here for forward-compatibility and enables arbitrary Oraclize flags to be enabled/disabled. The very reason why the vDice contract needs it is to enable the "zero-confirmation query precomputation" feature. ----
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 10, 2016, 02:55:44 PM |
|
It's a yes or no question that I think we both know the answer to.
Are participants in the vdice smart contract exposed to any risk from the ‘house’ being a bad actor, and/or from a bad actor internal to Oraclize.
Yes
or
No?
|
|
|
|
vdice_io
|
|
November 10, 2016, 07:45:03 PM |
|
It's a yes or no question that I think we both know the answer to.
Are participants in the vdice smart contract exposed to any risk from the ‘house’ being a bad actor, and/or from a bad actor internal to Oraclize.
Yes
or
No?
It's not at all. Though I understand what you are trying to do. We've seen you do it on many other forums, to many other game operators. To what end, who knows? Namely it is an attempt to discredit both our brand and the brand of Oraclize, and the technology that powers the game. That question in the audit was specifically addressed by many, many developers in the community. It has been answered in detail over and over above. Please elaborate on exactly what you think the 'risk' is and the incentives and the possible attack vectors. I will respond to each possible attack vector, with a proof that will conclusively prove no such risk, as you are trying to insinaute, exists. Look forward to receiving the possible attack vectors from anywhere...and will gladly address them. Feel free to list them all. Cherry picking a sentence from a code audit, to try and build a straw man argument, will not work.
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 11, 2016, 02:07:37 AM |
|
It's a yes or no question that I think we both know the answer to.
Are participants in the vdice smart contract exposed to any risk from the ‘house’ being a bad actor, and/or from a bad actor internal to Oraclize.
Yes
or
No?
It's not at all. Though I understand what you are trying to do. We've seen you do it on many other forums, to many other game operators. To what end, who knows? Yeah, I've called out a bunch of different sites on their bullshit. Now I'm calling out yours. Seems as if vDice.io will be joining the my list including Betcoin.ag, Fortunejack, Betcoin.tm, btc-casino.io, and pocektdice. That's worthy of a $49 press release, right? Namely it is an attempt to discredit both our brand and the brand of Oraclize, and the technology that powers the game. It's an attempt to make the truth known to those who might otherwise give their money to scumbags. That question in the audit was specifically addressed by many, many developers in the community.
It has been answered in detail over and over above. It wasn't a question. It was a statement of fact. Participants in the vdice smart contract bear a small amount of risk from the ‘house’ being a bad actor, and from a bad actor internal to Oraclize. Please elaborate on exactly what you think the 'risk' is and the incentives and the possible attack vectors.
I will respond to each possible attack vector, with a proof that will conclusively prove no such risk, as you are trying to insinaute, exists.
Look forward to receiving the possible attack vectors from anywhere...and will gladly address them. Feel free to list them all. I'm asking you whether you consider the statement to be true or false. Cherry picking a sentence from a code audit, to try and build a straw man argument, will not work.
lol. You got me. My cherries are never out of context or manipulated though. I do have some other questions by the way: - Who are you? (The person behind the forum account I mean)
- When did you launch? I know it's been at least 5 months. What are your numbers like? Is the 7k bets listed life time?
- What happened to your lead developer, James Groton?
- Who is James Groton? His Github is new, can't find much of anything about him.
- Did your team go to china for the devcon? There was a bunch of blogs (that you probably paid for) about vDice becoming a Devcon sponsor. Then just nothing for a few weeks, then ICO time...
- These people seem to have no history on the internet.
Kinda weird for a social media expert that's online all day... And this is Jason Colby really? Looks more like this guy (who interviewed Jason) than the guy from the group picture in Miami:
|
|
|
|
davis196
|
|
November 11, 2016, 10:19:03 AM |
|
Decentralised Gambling Game vDice Announces Crowdsale NewsBTC recently got the opportunity to interview Jason Colby, the lead developer of vDice, the world’s first fully decentralised gambling game. As we dwelled into the conversation, Colby introduced us with many aspects of their new platform... LinkWhat is a Crowdsale?I really don`t know. What is a decentralized game?A p2p software which people download that connects them? Is this something like uTorent?
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 12, 2016, 03:37:35 AM |
|
Decentralised Gambling Game vDice Announces Crowdsale NewsBTC recently got the opportunity to interview Jason Colby, the lead developer of vDice, the world’s first fully decentralised gambling game. As we dwelled into the conversation, Colby introduced us with many aspects of their new platform... LinkWhat is a Crowdsale?I really don`t know. What is a decentralized game?A p2p software which people download that connects them? Is this something like uTorent? Crowdsale = They are looking for investors. A "100% fully decentralized game" implies that there is no central authority controlling any aspect of the game during game play. vDice is not decentralized. RHaver explained why better than I could: So the tldr is:
The site has an extremely weak trust model, significantly weaker than existing bitcoin gambling sites:
* random.org can undetectably cheat (by picking any number they want) * cloudflare can cheat, but if they do random.org will be able to detect it (and it'll be CFs word against random.org) * oraclize can cheat, but it's semi-detectable (there's no tooling offered to detect it, but it's checkable, and oraclize has plausible deniability)
It is centralized by every meaningful definition. It uses a decentralized contract, to communicate with a centralized oraclize server, which sends a message through a centralized CDN (cloudflare) to communicate with a centralized random number generator (api.random.org).
AFAICT this isn't even a serious project, some low-hanging fruit like checking api.random.org's signature is not checked (which would remove the possibility of cloudflare being able to cheat). They also are buying reddit upvotes for 0.006 BTC each, and a bunch of "press releases" to promote the ICO.
Good luck, I guess.
I couldn't find a number to call, so I sent an email to info@ethereum.org Do have a number I should call? The list of questions goes on and on...how about some more answers? Why are you ignoring these? - Who are you? (The person behind the forum account I mean)
- When did you launch? I know it's been at least 5 months. What are your numbers like? Is the 7k bets listed life time?
- What happened to your lead developer, James Groton?
- Who is James Groton? His Github is new, can't find much of anything about him.
Latest vDice.io chat, cause for concern: ananteris @ananteris 10:22 If you win a bet is there some process you have to follow to withdraw funds or is the ETH just sent back to the same address
mikeyb @mikeyb 10:23 eth.sendTransaction({from: eth.accounts[0], to: "...", gasPrice: "180000"}) should do the trick It will auto send you back your winnings within a few minutes usually If you lose you should see 1wei returned, if you win, you should see the win amount returned without any further interaction
ananteris @ananteris 10:24 Wow, should probably take down the instructions for the mist client then as with the current version anyone who does that will lose all their funds even if they win
mikeyb @mikeyb 10:25 what is one of your transactions that didnt come back? (ive never used mist so I cant speak on its usage) also know that I have seen it take up to an hour for a winning payment when they are futzing with their backend clients
ananteris @ananteris 10:27 0x4bb039a2350be141f2b0x4bb039a2350be141f2bde4b6ce6be9e0a1d7aeee1a7e9817500133f8 ed66f97cde4b6ce6be9e0a1d7aeee1a7e9817500133f8ed66f97c 2 hours back end clients what? What back end clients? Payouts aren't initiated from the contract itself?
mikeyb @mikeyb 10:33 what are hte last 4 or first 4 of the address you sent from?
ananteris @ananteris 10:38 c8a457b87b0bd4671a67ceef9445f63583dc76e9
vDice.io @vDice_io_twitter 11:47 hey guys any tech related support requests please to the help desk some like it and some hate it but needs to be that way for systems we are developing people who can deal with such issues are rarely watching this gitter as we gear towards ICO and such best way to them is through the support desk they will respond as soon as they can...just bear with us as a lot of them team are focused on ico atm anyway we always get back as soon as we can thanks for understanding i will try and assist where I can, im barney the social media guy
ananteris @ananteris 15:04 I don't think my issue really is a "support request", i guess maybe asking to take down the instructions for mist is but those tickets don't appear public and it seems pretty important that other people know that following those instructions will cause you to lose all of your money no matter what.
|
|
|
|
Ggddtt
Member
Offline
Activity: 123
Merit: 12
|
|
November 12, 2016, 04:49:11 AM |
|
Checkmate ts?
|
|
|
|
vdice_io
|
|
November 12, 2016, 11:50:11 AM |
|
Checkmate ts?
How so It's just tech. issue we're working through on gitter. It happens. Our formal bet proof verification is already published, as above.
|
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2298
|
|
November 16, 2016, 03:55:13 AM |
|
Unless and until you make your game probably fair, I would suggest that you remove any references to being provably fair on your website.
A smart contract might be a pretty cool idea of a way to fund an established gambling site's bankroll provided that the site's management has decided to distribute bankroll profits that cause the bankroll to grow above xBTC every week/month/ect., however I don't think it is a good idea to allow shareholders to own a company/site as most jurisdictions do not allow for anon shareholders.
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 16, 2016, 04:56:08 AM |
|
Unless and until you make your game probably fair, I would suggest that you remove any references to being provably fair on your website.
A smart contract might be a pretty cool idea of a way to fund an established gambling site's bankroll provided that the site's management has decided to distribute bankroll profits that cause the bankroll to grow above xBTC every week/month/ect., however I don't think it is a good idea to allow shareholders to own a company/site as most jurisdictions do not allow for anon shareholders.
Oh you must of missed it: DISCLAMER vDice.io owns itself It is an autonomous entity, executing as code on the Ethereum p2p network. It lives in the 'Ether'; in the realm of ideas and magic. Enjoy it.
|
|
|
|
TwitchySeal
Legendary
Offline
Activity: 2520
Merit: 2015
Join the world-leading crypto sportsbook NOW!
|
|
November 17, 2016, 11:43:24 PM |
|
Does this sound like a provably fair, decentralized dice site? Source: VSlice AuditNovember, 2016. Authored by Peter J Vessenes and Dennis Peterson.
|
|
|
|
|