Bitcoin Forum
December 06, 2016, 07:56:40 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Poll
Question: Should the minimum payout be reduced?
0.16 777216 BTC (currently $5-$6 USD) - 44 (53.7%)
1.00 BTC (currently $29-$35 USD) - 38 (46.3%)
Total Voters: 82

Pages: « 1 [2]  All
  Print  
Author Topic: Eligius pool POLL: New minimum payout  (Read 4667 times)
WNS
Jr. Member
*
Offline Offline

Activity: 39


View Profile
June 11, 2011, 01:58:52 AM
 #21

The password is not accessible without hacking pushpoold, and has obvious security issues. Using it is out of the question. Any kind of per-user configuration can wait for signmessage.

Okay, how about changing how the username is parsed? If a standard format string is added, say -1000 (dash+4 digits, mBTC) to the end of the username, just use everything before the dash as an account address, and set the payout if the number is in range.

16goksYouT6FofaaPMXBDgYC8oYsXkjdtk
1481054200
Hero Member
*
Offline Offline

Posts: 1481054200

View Profile Personal Message (Offline)

Ignore
1481054200
Reply with quote  #2

1481054200
Report to moderator
1481054200
Hero Member
*
Offline Offline

Posts: 1481054200

View Profile Personal Message (Offline)

Ignore
1481054200
Reply with quote  #2

1481054200
Report to moderator
1481054200
Hero Member
*
Offline Offline

Posts: 1481054200

View Profile Personal Message (Offline)

Ignore
1481054200
Reply with quote  #2

1481054200
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481054200
Hero Member
*
Offline Offline

Posts: 1481054200

View Profile Personal Message (Offline)

Ignore
1481054200
Reply with quote  #2

1481054200
Report to moderator
Wildfire
Newbie
*
Offline Offline

Activity: 2


View Profile
June 11, 2011, 05:26:02 AM
 #22

That's not a bad idea. Especially considering that it could be any amount of time before signmessage is implemented, if it ever is at all.
josell
Member
**
Offline Offline

Activity: 104


I have many stocks.


View Profile
June 11, 2011, 06:27:16 AM
 #23

Poll seems pretty straightforward. Please only vote if you mine on Eligius regularly, and actually understand the question.

Basically: should the pool pay you after you reach at least 0.16… BTC, or continue requiring a minimum of 1 BTC?
I think it would be cool if the user states the payount limit in the password field, which has no such function in your pool.
Artefact2
Full Member
***
Offline Offline

Activity: 124


View Profile WWW
June 11, 2011, 10:39:50 AM
 #24

Poll seems pretty straightforward. Please only vote if you mine on Eligius regularly, and actually understand the question.

Basically: should the pool pay you after you reach at least 0.16… BTC, or continue requiring a minimum of 1 BTC?
I think it would be cool if the user states the payount limit in the password field, which has no such function in your pool.

Did you even read this thread ? He said that's not an option.

The password is not accessible without hacking pushpoold, and has obvious security issues. Using it is out of the question. Any kind of per-user configuration can wait for signmessage.

Okay, how about changing how the username is parsed? If a standard format string is added, say -1000 (dash+4 digits, mBTC) to the end of the username, just use everything before the dash as an account address, and set the payout if the number is in range.

What's the difference ? It's still a mediocre solution to an already-solved problem. Just wait !  Wink

A pool-biased blockchain representation, by me: pident (WTFPL)
WNS
Jr. Member
*
Offline Offline

Activity: 39


View Profile
June 11, 2011, 02:50:31 PM
 #25

Okay, how about changing how the username is parsed? If a standard format string is added, say -1000 (dash+4 digits, mBTC) to the end of the username, just use everything before the dash as an account address, and set the payout if the number is in range.
What's the difference ? It's still a mediocre solution to an already-solved problem. Just wait !  Wink

Eligius is already committed to the elegant kludge of Address as username, I'm suggesting leveraging this out-of-band data space for an additional purpose, which could be taken to arbitrary extremes, but I don't think my suggestion does that.

In addition I would argue that the signmessage solution is likely more problematic, as it requires processing resources to verify the threshold setting requests. This is an unnecessary liability, since threshold really does not need to be secure, as long as it is defined within reasonable limits. It opens up an obvious DDoS vulnerability for the pool server(s) on top of all the potential security problems with signmessage itself, as has already been discussed elsewhere.

16goksYouT6FofaaPMXBDgYC8oYsXkjdtk
Man From The Future
Full Member
***
Offline Offline

Activity: 126


View Profile
June 11, 2011, 02:54:19 PM
 #26

The issue here is, someone else can screw up your payout value by mining witha  different setting with your address... which one should be used?
Artefact2
Full Member
***
Offline Offline

Activity: 124


View Profile WWW
June 11, 2011, 03:13:15 PM
 #27

Eligius is already committed to the elegant kludge of Address as username

You see that as a kludge. I see it as an elegant solution. Having to register to mine is not convenient and introduces another layer of potential bugs and security issues. If you don't trust me, see what happened to Deepbit a few weeks ago.

A pool-biased blockchain representation, by me: pident (WTFPL)
WNS
Jr. Member
*
Offline Offline

Activity: 39


View Profile
June 11, 2011, 05:07:43 PM
 #28

Eligius is already committed to the elegant kludge of Address as username
You see that as a kludge. I see it as an elegant solution.

I submit that it is both. The "right" way would be to modify the pool management daemon to not think in terms of username/password, but, as discussed, this has not been done. The daemon has instead been fooled into passing the address as username, a great worse-is-better solution, that solves the problem, without breaking anything, a brilliant kludge that does not need to be fixed.

Since the out-of-band data pathway has already been exploited, why stop there? We have one obvious piece of data that could be passed as well by using the same trick.

The issue here is, someone else can screw up your payout value by mining witha  different setting with your address... which one should be used?

I don't really see a problem here if the value is sensibly constrained, perhaps more than my original suggestion, say 2 digits from 0.1BTC to 9.9BTC. Use the last value that came with a share (so the trickster must actually pay you in shares for the privilege of changing your threshold), I would be interested in a scenario in which such a prank would matter to the recipient.

16goksYouT6FofaaPMXBDgYC8oYsXkjdtk
anodyne
Full Member
***
Offline Offline

Activity: 168


View Profile
June 13, 2011, 05:53:16 PM
 #29

Couldn't it somehow be possible to set up and track payout levels using the pool URL, by using different sub-domains for each level – with 05btc.mining.eligius.st, 1btc.mining.eligius.st and so on?

Bitcoins: solid enough to build pyramids.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!