Evil-Knievel
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
August 05, 2016, 01:08:24 PM Last edit: August 05, 2016, 01:20:46 PM by Evil-Knievel |
|
unvoid, cyberhacker ... I will try to address your suggestions very soon!
We all agreed a few weeks ago that we need some bug bounties to "stress test" the software in the testnet. In the end, Lannister will have to manage that, but as I do know the code best and you guys have very brilliant ideas, we could come up with a list of possible bounties to suggest.
As a first shot, I would come up with these possible bounties and these rules:
General rule: All attacks must be submitted using a proof of concept script which is easily executable. The attack must be reproducable and not use any kind of 0day attack, or any other vulnerability in Java, the Operating System, or other external pieces of software. The attack must result from a faulty implementation of Elastic itself. Every security hole must be only submitted once. When a bug submission is made, no other submissions are allowed until the bug has been fixed and confirmed to be fixed. All submissions that occur while another submission is not yet fixed are ignored and blacklisted from resubmission.
Invasion of the user's end system: Here, any attack that shows that a program, which is written in ElasticPL and executed in Elastic's VM can escape the sandbox and gain access to the end user system. Here, it is required that the attacker is able to extract sensitive information from the attacked system such as content of the memory (which is not part of Elastic's VM) or the content of the hard drive. Suggested Bounty: 10 BTC
Stealing user funds or causing loss of funds: Here, any attack that shows how other user's funds can be stolen or destroyed without access to the user's private key / passphrase. This attack has to work with arbitrary amounts, and does not include "rounding errors" where minimal amounts of XEL get lost. This also includes double spending a transaction without reorganizing the blockchain. Suggested Bounty: 5 BTC
Hard Forks: Here, any attack that shows how the blockchain can be forked in multiple chains that start coexisting and have no chance of being repaired are included. Suggested Bounty: 2 BTC
DOS Attacks: Here, any attacks that show how the Network can be DOS'ed are included. The DOS attack must have an efficiency of O(N^2) meaning that the negative impact on the network increases by the power of two compared to the resources invested. Suggested Bounty: 0.5 BTC
Rounding Errors: Demonstrate how XEL can be destroyed by exploiting rounding errors. Suggested Bounty: 0.5 BTC
What do you think? We need a few more bounties, and we have to rethink the amounts maybe.
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
PGPpfKkx
|
|
August 05, 2016, 01:22:53 PM |
|
can you update me please?
can I still donate and receive a proportion of the coins or we are past this block?
|
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 03:37:08 PM |
|
another question, what if xel sold out before the set block? again request you to increase the supply. thanks.
|
|
|
|
unvoid
|
|
August 05, 2016, 03:55:48 PM |
|
@Evil-Knievel nice bug bounty list. Wondering if rewards aren't too small.
currently owned XEL: 2,956,849.9301157 (I'm joining to cyber question: What if XEL are out before end? And what will happen with remaining XEL if we hit last block and there will be still some XEL left without owner?)
|
BTC: 1CMgHWx4wkAaAy2FfeCyPdedUExmhGhfi5 XEL: XEL-HCM8-KB6E-YFLK-8BWMF
|
|
|
BigBoom3599
|
|
August 05, 2016, 03:57:20 PM |
|
@Evil-Knievel nice bug bounty list. Wondering if rewards aren't too small.
currently owned XEL: 2,956,849.9301157 (I'm joining to cyber question: What if XEL are out before end? And what will happen with remaining XEL if we hit last block and there will be still some XEL left without owner?)
All the left over XEL left over at the end of the "donation" phase will be divided among all donators proportional to how much you donated.
|
|
|
|
Evil-Knievel
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
August 05, 2016, 03:58:53 PM |
|
@Evil-Knievel nice bug bounty list. Wondering if rewards aren't too small.
currently owned XEL: 2,956,849.9301157 (I'm joining to cyber question: What if XEL are out before end? And what will happen with remaining XEL if we hit last block and there will be still some XEL left without owner?)
Hi, This is what the terms and conditions say: The Elastic Coins (XEL) giveaway ends when Bitcoin block 425920 has passed or a total of 5 million Elastic Coins (XEL) have been given away. Any of these 5 million coins that are not given away, are distributed proportionally to all donators depending on the size of their donation. EDIT @BigBoom3599: aaaaah, seconds too late
|
|
|
|
unvoid
|
|
August 05, 2016, 04:12:31 PM |
|
~14 days left so I think all will be sold out distributed in exchange for donation before last block. small PHP script to see how much XEL is already taken:
|
BTC: 1CMgHWx4wkAaAy2FfeCyPdedUExmhGhfi5 XEL: XEL-HCM8-KB6E-YFLK-8BWMF
|
|
|
Evil-Knievel
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
August 05, 2016, 04:15:42 PM |
|
Regarding the supply: as long as we keep the proportions constant, there should be nothing speaking against rising the supply. But that means, if we leverage the supply from 5M to 10M, everyone will receive twice as many XEL. It has to stay fair and nobody should have any disadvantage at all!
The thing is, what would be the correct amount @unvoid, cyberhacker?
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 04:20:53 PM |
|
Regarding the supply: as long as we keep the proportions constant, there should be nothing speaking against rising the supply. But that means, if we leverage the supply from 5M to 10M, everyone will receive twice as many XEL. It has to stay fair and nobody should have any disadvantage at all!
The thing is, what would be the correct amount @unvoid, cyberhacker?
as i recall, all increasing supply tactic just psychological strategy to increase liquidity. just as bitshare did 2 years ago, increasing by 200 times. quite shocking to newbies, but actually make marketcap rise easily. I know the most important thing is delivery of promised development, but as XEL is ready to go, it is no harm to increase supply and make xel easily stand among most legit coins. 100* or 200* of current supply is quite reasonable for future user expansion. glad to hear from you. cheers.
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 04:22:09 PM |
|
@Evil-Knievel nice bug bounty list. Wondering if rewards aren't too small.
currently owned XEL: 2,956,849.9301157 (I'm joining to cyber question: What if XEL are out before end? And what will happen with remaining XEL if we hit last block and there will be still some XEL left without owner?)
All the left over XEL left over at the end of the "donation" phase will be divided among all donators proportional to how much you donated. I think 5 million will be sold out before the set block.
|
|
|
|
unvoid
|
|
August 05, 2016, 04:26:34 PM |
|
Regarding the supply: as long as we keep the proportions constant, there should be nothing speaking against rising the supply. But that means, if we leverage the supply from 5M to 10M, everyone will receive twice as many XEL. It has to stay fair and nobody should have any disadvantage at all!
The thing is, what would be the correct amount @unvoid, cyberhacker?
NXT quantity. That means 5m * 200 = 1b ( 1,000,000,000 ). Proven quantity that worked well with NXT and nothing should surprise if we talking about code. All distributed equally. That means everyone should get 200x as much as he would get in case of 5m. NEM has 9b and this decision ended very, very well for them.
|
BTC: 1CMgHWx4wkAaAy2FfeCyPdedUExmhGhfi5 XEL: XEL-HCM8-KB6E-YFLK-8BWMF
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 04:29:36 PM |
|
Regarding the supply: as long as we keep the proportions constant, there should be nothing speaking against rising the supply. But that means, if we leverage the supply from 5M to 10M, everyone will receive twice as many XEL. It has to stay fair and nobody should have any disadvantage at all!
The thing is, what would be the correct amount @unvoid, cyberhacker?
NXT quantity. That means 5m * 200 = 1b ( 1,000,000,000 ). Proven quantity that worked well with NXT and nothing should surprise if we talking about code. All distributed equally. That means everyone should get 200x as much as he would get in case of 5m. vote for this. easy for adoption.
|
|
|
|
unvoid
|
|
August 05, 2016, 04:37:58 PM Last edit: August 05, 2016, 04:49:50 PM by unvoid |
|
@Evil-Knievel please find some time to brainstorm "forger set fee" and "forger set block find reward share" with @Lannister in coming days. This could be really Holy Grail for XEL. If it comes to fees, just keep this in mind: https://en.wikipedia.org/wiki/Laffer_curveLower fees = more transactions = more transactions = more fees. People will be more convinced to give tips on forums, in giveaways more people will get coins (I'm writing only about initial stage of first, most important year for XEL). There are many votes that NXT fee is too high (for regular people who bought 1000 of NXT and want to make transactions ~10NXT). And finally more network transactions increasing probability to forge something. It's important for MOST of network users who have average ~10 000 coins and forge once per month. Right now in NXT network there is more probability that you forge block with 0 fees than with >0. This is really disapointing for them when they waited long for their first forge and see nothing. If they even could see 0.001 from block generation they will be much more glad that they have any coin and feel useful with their node. Crypto leader BTC has fees about .5 cent as a result of full blocks and there is already loud voices to boycott BTC (and mass flow to ETH). I'm going to vacation in coming week but later I'll fork XEL repo and try to help in any way.
|
BTC: 1CMgHWx4wkAaAy2FfeCyPdedUExmhGhfi5 XEL: XEL-HCM8-KB6E-YFLK-8BWMF
|
|
|
ImI
Legendary
Offline
Activity: 1946
Merit: 1019
|
|
August 05, 2016, 04:40:16 PM |
|
i have no issues with supply multiplication. 1.000.000 might be bit steep but no problem with that.
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 04:41:36 PM |
|
i have no issues with supply multiplication. 1.000.000 might be bit steep but no problem with that.
you must mean 1 billion.
|
|
|
|
ImI
Legendary
Offline
Activity: 1946
Merit: 1019
|
|
August 05, 2016, 04:45:37 PM |
|
i have no issues with supply multiplication. 1.000.000.000 might be bit steep but no problem with that.
fmp
|
|
|
|
palawan
|
|
August 05, 2016, 04:49:34 PM |
|
If we are discussing changing the number of XEL; I think Lannister has to ok this?
|
halu
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
August 05, 2016, 04:52:45 PM |
|
If we are discussing changing the number of XEL; I think Lannister has to ok this?
yeah, hope he will be ok with this. we can start from 7 sats rather than 1400 sats. this coin is for the people, so 7 sats is easier for adoption just in psychological sense. hope i am right.
|
|
|
|
bspus
Legendary
Offline
Activity: 2165
Merit: 1002
|
|
August 05, 2016, 05:18:14 PM |
|
If we are discussing changing the number of XEL; I think Lannister has to ok this?
yeah, hope he will be ok with this. we can start from 7 sats rather than 1400 sats. this coin is for the people, so 7 sats is easier for adoption just in psychological sense. hope i am right. You mean 14000 sat I hope.
|
|
|
|
|