Bottlecaps 2.1 UPDATE REQUIRED - HARDFORK JULY 4 2014 to 200% Annual PoS

[Turrican]

dam ! i give up this to understand  ... hope this attack is save for HBN ?

[vampirus]

In CAP block trust calculated that PoW block means nothing. It was only PoS attack.
And now only one chain.

+51% Netweightattack ? ...

the pow hash go from 8 to 540 ? is not a POW attack ?

From log file:

Code:

11/03/17 16:31:18 received block 000000005956997051c2
11/03/17 16:31:18 SetBestChain: new best=000000005956997051c2  height=3243672  trust=174047872442947  date=11/02/17 03:23:41
11/03/17 16:31:18 ProcessBlock: ACCEPTED
11/03/17 16:31:18 received block 000000002af2445b7cbb
11/03/17 16:31:18 SetBestChain: new best=000000002af2445b7cbb  height=3243673  trust=174047872442958  date=11/02/17 03:24:00
11/03/17 16:31:18 ProcessBlock: ACCEPTED

PoW block trust = 11

Code:

11/03/17 16:31:20 received block 8784a3e53e87b0cac857
11/03/17 16:31:20 SetBestChain: new best=8784a3e53e87b0cac857  height=3243680  trust=174048433060033  date=11/02/17 03:24:56
11/03/17 16:31:20 ProcessBlock: ACCEPTED
11/03/17 16:31:20 received block 1c1b102a4eab14165f56
11/03/17 16:31:20 SetBestChain: new best=1c1b102a4eab14165f56  height=3243681  trust=174048714892937  date=11/02/17 03:25:57
11/03/17 16:31:20 ProcessBlock: ACCEPTED

PoS block trust = 281832904

At current PoW difficulty 1 PoS block more valuable then 25621172 PoW blocks.
 

[almightyruler]

At current PoW difficulty 1 PoS block more valuable then 25621172 PoW blocks.

This is a common problem with many PoW+PoS coins. PoS has an incredible amount of weight when compared to PoW, as you've pointed out, so if there's no staking by others it is trivial to override a sequence of PoW blocks.

When I was considering running my own exchange, one idea I had was for the exchange wallet (or perhaps a separate hot wallet controlled by the exchange) to automatically stake when a customer's deposit arrived, to help lock it in. It's not perfect, since a 'private staker' with enough weight could still overtake the chain, but it's much better than relying on 20 or 30 PoW blocks as confirmation of a deposit.

[paramind22]

My stakes are coming in like 1/10th of what they usually are.

[vancefox]

My stakes are coming in like 1/10th of what they usually are.

Your stakes won't matter once the roll back occurs... I'm still running it just to maintain the network but that's it...  If they fork it... then I'll have a few extra coins.

[vancefox]

Appears my wallet and Cryptsy aren't on a single connection possibly.. lost several coins.. never arrived.

I call on the community to start reporting these clowns... look at the post history and if it's obvious that they're posting to do nothing more than build post count, report to moderator...

[paramind22]

My stakes are coming in like 1/10th of what they usually are.

Your stakes won't matter once the roll back occurs... I'm still running it just to maintain the network but that's it...  If they fork it... then I'll have a few extra coins.

So, any projected date from the team about a solution to the problem at Cryptopia?   

Also, we could use another exchange.  Coinsmarkets.com is taking coins that seem to need a place pretty easily.

Here is another list:

Bittrex: support@bittrex.com
Poloniex: https://poloniex.com/coinRequest
c-cex: https://c-cex.com/?id=vote#suggest
Novaexchange: https://novaexchange.com/addcoin/
Bter: https://bter.com/voting
Hitbtc: https://hitbtc.com/about-us
xBTCE: https://support.xbtce.info/Tickets/Submit
OpenLedger: https://bitshares.openledger.info
Liqui.io: support@liqui.io
exmo: https://support.exmo.com/hc/en-us/requests/new
Livecoin: https://www.livecoin.net/en/coin-listing
Bleutrade: https://bleutrade.com/voting
Cryptonarium: https://cryptonarium.com/en/support/
BloomBit: support@bloombit.net
Chameleon.bit: admin@chameleonbit.trade
alcurex: https://bitcointalk.org/index.php?topic=458732
SouthXchange: support@southxchange.com
Tux Exchange: https://tcx.freshdesk.com/support/home
Bittylicious: support@bittylicious.com

[TangentC]

Already listed here:

https://tradesatoshi.com/Exchange/?market=CAP_BTC

[shtako]

Any updates?

Have someone been in contact with cryptopia? Is someone working on the hard fork?

[vancefox]

Any updates?

Have someone been in contact with cryptopia? Is someone working on the hard fork?

Not that I've seen so far... I'm sure everyone would like to know what's going on.

[paramind22]

Already listed here:

https://tradesatoshi.com/Exchange/?market=CAP_BTC

Wallet status is OK here.   Looks like Cryptopia needs some emailing.

[ReydeApio]

Any updates?

Have someone been in contact with cryptopia? Is someone working on the hard fork?

Not that I've seen so far... I'm sure everyone would like to know what's going on.

Hey all - Cryptopia has been contacted. I'm syncing up the blockchain for the checkpoint server - no bootstrap.

maxsonII@bottlecaps-chk:/$ bottlecapsd getinfo
{
    "version" : "v2.2.2.0-g418187240-Caps2.0",
    "protocolversion" : 70004,
    "walletversion" : 60002,
    "balance" : 0.00000000,
    "newmint" : 0.00000000,
    "stake" : 0.00000000,
    "blocks" : 2732428,
    "moneysupply" : 123621318.85863601,
    "connections" : 8,
    "proxy" : "",
    "difficulty" : 0.88787579,
    "testnet" : false,
    "keypoololdest" : 1510604498,
    "keypoolsize" : 101,
    "paytxfee" : 0.00100000,
    "mininput" : 0.00100000,
    "errors" : ""
}

As you know this part takes awhile - when there's more to share you'll see it here first.

[vancefox]

Any updates?

Have someone been in contact with cryptopia? Is someone working on the hard fork?

Not that I've seen so far... I'm sure everyone would like to know what's going on.

Hey all - Cryptopia has been contacted. I'm syncing up the blockchain for the checkpoint server - no bootstrap.

maxsonII@bottlecaps-chk:/$ bottlecapsd getinfo
{
    "version" : "v2.2.2.0-g418187240-Caps2.0",
    "protocolversion" : 70004,
    "walletversion" : 60002,
    "balance" : 0.00000000,
    "newmint" : 0.00000000,
    "stake" : 0.00000000,
    "blocks" : 2732428,
    "moneysupply" : 123621318.85863601,
    "connections" : 8,
    "proxy" : "",
    "difficulty" : 0.88787579,
    "testnet" : false,
    "keypoololdest" : 1510604498,
    "keypoolsize" : 101,
    "paytxfee" : 0.00100000,
    "mininput" : 0.00100000,
    "errors" : ""
}

As you know this part takes awhile - when there's more to share you'll see it here first.

Options are:
- To roll back the chain past the first attack. We are looking at a loss of multiple days, most client will have issues will cause a lot of stress.  But damage is already done.
- Create a fork, that will credit Cryptopia address the coins that were lost. Assuming they were the one targeted.

To prevent this, we need a checkpoint server or much higher confirmations and difficulty.

I can run a checkpoint server, but I can't foot the bill for a VPS to run it. So I would need the community to help with that, or I can give the key to someone else to run. But if that someone does not understand the security,responsibility and how to safety use it, it could kill the chain.

I'm guessing that Cryptopia isn't going to reopen the market until they're made whole... checkpoint or not...  but that's just my guess.

I take it there has been a decision on either option in Tranz's post above... don't know which one... but I'm guessing a simple fork would be the easier and less code intensive...

And I'm guessing ReydeApio has the checkpoint key?

[bitmaster1x]

I'm curious as to how the attack on CAP was actually done. Since it didn't require someone to have 51% , but merely to generate faster blocks, how exactly did the attacker accomplish this?

Are there any other possible theoretical attacks we haven't seen on a POS network?

I'd like to see more the community have more discussions about this in order to minimize potential issues in the the future.

[vancefox]

I'm curious as to how the attack on CAP was actually done. Since it didn't require someone to have 51% , but merely to generate faster blocks, how exactly did the attacker accomplish this?

Are there any other theoretical attacks we haven't seen on a POS network?

I don't know... apparently this is a first for me... didn't even really know it was happening until someone pointed out the negative balance address.

I'll have to learn a bit more about it.

[sacskate]

I'm curious as to how the attack on CAP was actually done. Since it didn't require someone to have 51% , but merely to generate faster blocks, how exactly did the attacker accomplish this?

Are there any other possible theoretical attacks we haven't seen on a POS network?

I'd like to see more the community have more discussions about this in order to minimize potential issues in the the future.

it was explained above a bit... I was under the same impression about 51%. I believe this was actually a double spend attack

[Tranz]

I'm curious as to how the attack on CAP was actually done. Since it didn't require someone to have 51% , but merely to generate faster blocks, how exactly did the attacker accomplish this?

Are there any other possible theoretical attacks we haven't seen on a POS network?

I'd like to see more the community have more discussions about this in order to minimize potential issues in the the future.

it was explained above a bit... I was under the same impression about 51%. I believe this was actually a double spend attack

Yes just a double spend attack. Cryptopia shares some of the blame by only getting 20 confirmations.

[vampirus]

PoS attack very easy, but better not explain step by step for everyone, or more users may try it.
About Cryptopia, I think attacker not only sell CAP and get bitcoins, but also take all CAP from exchange to 3 top address in richlist and now have 38M coins.

[vampirus]

I analyze tx from that 3 address. All belong to attacker on Cryptopia and it was not first attack.
Previous was October 8,9,10.
Admins from Cryptopia, it is hacker addresses:
EvkWsGkW1xFhNxCMDMFG7rHjF4vc23xy2D
F4GqUVjQAu2dQJeUejisw5HxbooP5CjFCJ
EyViNxLswJm8Ar8KT3MTPm6hfMrjXHmtCW

Summary hacker stole 36M CAP from Cryptopia.

PS. Better solution will be create new coin (Hyperstake clone) and send all premine to current addresses, except  hackers 82 to 160 in rich list.

[bitmaster1x]

PoS attack very easy, but better not explain step by step for everyone, or more users may try it.
About Cryptopia, I think attacker not only sell CAP and get bitcoins, but also take all CAP from exchange to 3 top address in richlist and now have 38M coins.

I'll private message you.