Bitcoin Forum
November 18, 2024, 10:44:52 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 »  All
  Print  
Author Topic: PROOF that XSPEC is a SCAM  (Read 2584 times)
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 06:35:50 AM
Last edit: March 03, 2018, 06:46:26 AM by preshpr1nce
Merited by allcryptominer (1), gunner833 (1)
 #1

So we've all been seeing a lot of hype around XSPEC on this forum, some members claiming it's a scam, others calling for proof, I've put this together to give my take as a senior software developer on what I feel proves it.

First off, a member on here under the name gunner833 found some interesting points about the xspec developer, you can view these findings here:
https://bitcointalk.org/index.php?topic=2839833.0

2 key points from this thread, the developer is in his 20s yet has claimed to have 20+ years experience, the developer also owned a bar for 2 years which wen't bankrupt, leaving him with $90,000 in tax debt... you can read his thread for more details, you can also see the shills claiming this isn't a big deal or just a small white lie, make your own mind up on this.

Now putting that aside, let's look at what xspec actually is:
It's a complete mirror copy of Shadow Cash and the Umbra wallet, they've changed some colours and the logo/name from the Umbra source code, picture below gives an idea


Shadow Cash is a dead project, initially XSPEC made no claims of their coin being a fork of this project, they've been called out for this and admit it is, but claim they're making improvements to ring signatures and have added obfs4 to the project.

Doing a bit more digging, I wanted to see what these improvement claims were and also wanted to see how they've implemented obfs4 to their coin, I was very shocked with what I found, even for what I consider a scam project they've done such little work it blows my mind.

Now remember, XSPEC is open source and their project is on github, you can view the full commit history of the project which also proves they only have 1 developer for any one questioning this, here is what I found by going through their code commits:

1. The "ehancements" made to ring signatures:
Here is a code snippet of the only changes in their source code relating to ring signatures, here is the original code from Shadow Cash

Quote
if (!wallet->AddAnonInputs(RING_SIG_2,

This bit of code uses a ring size of 2 in shadow cash, now let's look at the "enhancements" made by Spectrecoin

Quote
if (!wallet->AddAnonInputs(nRingSize == 1 ? RING_SIG_1 : RING_SIG_2,

So what we have here for those who can't read code, "if value of nRingSize is equal to 1 then use a ring size of 1 other wise use a ring size of 2"
So what has changed? pretty well nothing, they've allowed for a ring size of 1 which is a bad move, a ring size of 2 is stronger than a ring size of 1, Monero has a minimal ring size of 5 I believe.

Here is another code change commit by XSPEC, they've changed this from Shadow Cash

Quote
tr("Confirm send coins"), tr("Are you sure you want to send?\nRing size of one is not anonymous, and harms the network.").arg(formatted.join(tr(" and "))), QMessageBox::Yes|QMessageBox::Cancel, QMessageBox::Cancel);

To this

Quote
tr("Confirm send coins"), tr("Are you sure you want to send?\nRing size of one is not anonymous.").arg(formatted.join(tr(" and "))), QMessageBox::Yes|QMessageBox::Cancel, QMessageBox::Cancel);

They've removed this message from the warning alert "and harms the network"

So the so called enhancements to ring signatures are anything but, and to me it looks more like an absolute nothing change just for the sake of saying "I've changed it", he's made the anonymity weaker by reducing the ring size, perhaps he views transaction speed marketing as something more important than anonymity on a stealth coin, a smaller ring size = less secure but faster, larger = more secure but slower, this change could of been performed by a very junior developer in a few minutes, yet this downgrade is being pushed as one of the big changes

2. obfs4 implementation:
This is the second biggest point around XSPEC, they've implemented obfs4 which Shadow Cash did not have, you can find open source code online for obfs4 implementation so I wen't digging through the XSPEC code expecting to find this, what I found blew my mind, here is the code snippet which shows you the obfs4 implementation in XSPEC

Quote
  if (stat("obfs4proxy.exe", &sb) == 0 && sb.st_mode & S_IXUSR) {
      clientTransportPlugin = "obfs4 exec obfs4proxy.exe";
    }
#else
    if ((stat("obfs4proxy", &sb) == 0 && sb.st_mode & S_IXUSR) || !std::system("which obfs4proxy")) {
      clientTransportPlugin = "obfs4 exec obfs4proxy";

To sum up what this small block of code does, it executes the obfs4proxy.exe process, there is absolutely no code in XSPEC for the obfs4 other than executing an exe file, now let's take a look where this .exe file came from

Quote
\Tor Browser\Browser\Tor\Pluggable Transports\obfs4proxy.exe

So if you install TOR on your computer, you'll find the obfs4proxy.exe file in the TOR Pluggable Transports folder, so this great obfs4 implentation by XSPEC is nothing more than taking an executable file from TOR which runs along with the wallet, just like it does the TOR browser

That alone is enough to prove to me this is a very very shady project, so I've dug through pretty well all of their commits to see if they've actually done any work over the last year, extremely surprised no one has brought this up yet, but their changes are as follow:

1. Changing wallet colour, version numbers, the name and logo
2. Upgrading to newer versions of libraries
3. Executing the TOR obfs4 executable
4. Allowing for an insecure ring size of 1

All up the above changes are less than a days work for even a mid level developer, the interesting part of going through their commits is there are actually examples of nothing commits, cutting code, moving it up a few lines and recommitting just to increment the number of changes shown on GitHub.

The biggest body of work they've done is their donation platform and website.. very shady if you've got time to setup a donation platform but do no work on the actual coin.

Also the developer has made claims of big things coming in Feb, here we are in March and we see no changes on Github, no new version, no changes, just the prior things I've listed above.

The other concerning thing is the poor spread on this coin, you can view it's richlist and see the top 10 hold over 30% of XSPEC and the top 20 hold over 40%.

We will see shills in here trying to pick at the most minor detail of this post, but let me just start off by asking for some one to explain the above code findings? If you've come here to defend this coin then realise the code findings are what this thread is mostly about, so I want to see some points around that rather than the typical garbage from the XSPEC shills.
Ceballos
Sr. Member
****
Offline Offline

Activity: 621
Merit: 288


WPP ENERGY - BACKED ASSET GREEN ENERGY TOKEN


View Profile
March 03, 2018, 06:41:05 AM
 #2

You did a fantastic job dude.
I totally agree with you and xpec is scam for me too. Also they are trying to get some money from spectre.ai investers cause of name.

﹏﹏﹋﹌﹌ WPP ENERGY ﹌﹌﹋﹏﹏
≈ WORLD POWER PRODUCTION ≈

██████████████████████
██████████████████████████████
██████████████████████████████████
████████████████████████████████████████
██████████████████████████████████████████
██████████████████████████████████████████████
███████████████████████████████████████████████
██████████████████████████████████████████████████
████████████████████████████████████████████████████
█████████████████████████████████████████████████████
████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
███████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████
███████████████████████████████████████████████████████
██████████████████████████████████████████████████████
████████████████████████████████████████████████████
██████████████████████████████████████████████████
████████████████████████████████████████████████
██████████████████████████████████████████████
██████████████████████████████████████████
████████████████████████████████████████
██████████████████████████████████
██████████████████████████████
██████████████████████
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 08:53:27 AM
 #3

You did a fantastic job dude.
I totally agree with you and xpec is scam for me too. Also they are trying to get some money from spectre.ai investers cause of name.

Thanks mate, interesting to hear about spectre.ai attempts, will read in to this.
scotty0312
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
March 03, 2018, 09:40:38 AM
 #4

Spectrecoin are in the process of adding more devs to the team.There will also be a white paper released very soon.
scotty0312
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
March 03, 2018, 09:53:33 AM
 #5

It also clearly states on coin wiki this

HISTORY

SpectreCoin was created in 2016 to improve on the concept of ShadowCash (SDC)

Since April 2017, the ShadowCash project has been abandoned for a new project of the ShadowCash developers called Particl, which ultimately stopped the accusations of SpectreCoin being a ShadowCash clone.

During summer 2017, SpectreCoin founder mandica started facing serious health issues and finally handed over the project leadership to lead developer jbg, who is now developing the coin.

Aug 9, 2017, SpectreCoin version 1.3.0 was released by jbg. This update fixed a lot of issues in the old codebase, updated Tor, included a 32-bit binary for Windows and added support for the OBFS4 obfuscation protocol. Also, a new website was created on https://spectreproject.io/ with updated information and a new, clean design to display the philosophy of the new project leadership.

From Aug 20 to Aug 25, 2017, the community raised ~37,500 XSPEC and 1 BTC (which was about ~$4000 USD at that time) to fund development, which allowed jbg to quit his job and work as a full-time developer for SpectreCoin.

Sept 10, 2017, an ex-colleague of jbg, @brycel, joined the project as a cryptographer in order to improve the stealth transaction mechanism, so that it could be used as the default transaction mechanism in future versions. Brycel was initially paid by Mandica from her own pocket to work for 1 month.

Sept 11, 2017, wallet version 1.3.1 was released by jbg, which addressed a visual bug in previous wallet versions that had become known as the infamous zero-balance bug, because it made the users balance appear as zero. Furthermore, this release was the first to include a binary for Apple MacOS. A change to the stealth transaction mechanism was introduced so that the wallet allows for non-anonymous ring signatures with only 1 or 2 members. The reason for this was that at that stage, the network often did not have enough participants for ring signatures to do a full ring signature transaction. On the same day, version 1.3.2 was released that fixed a minor bug in version 1.3.1.

Sept 12, 2017, version 1.3.3 was released, which fixes some further GUI issues, and brings faster wallet startup and sync performance.

During October 2017, the community raised additional funding for Brycel so that he could continue working on the project.

Wallet version 1.3.4 with an updated Tor version, updated node list and a new "staking reward donation system" was to be released on Jan 8, 2018, but got delayed due to a leveldb transition issue and a Qt4 bug on Windows. The decision was made to skip 1.3.4 and instead port the wallet to Qt5, which would become version 1.3.5.

Jan 16, 2018, wallet version 1.3.5 got released. With this release, a new project funding mechanism was introduced, that allows users to donate a certain percentage of their staking rewards to the developers of Spectrecoin. The donation is probabilistic, and by default 5% of the staking rewards are donated, which means that on average, every 20th staking reward will be accounted to the official donation address instead of the user's address. By donating up to 100% of their staking rewards, users can decide to financially support the development team on an ongoing basis, in order for them to be able to grow the team and hire additional full-time developers.
allcryptominer
Full Member
***
Offline Offline

Activity: 336
Merit: 102


View Profile
March 03, 2018, 10:03:25 AM
 #6

I've known from the first time I read about XSPEC that it was a completly useless shitcoin. And not to talk about all the spamming going on here on bitcointalk. For ones and for all can we just let this shitcoin die.
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 10:07:57 AM
 #7

Spectrecoin are in the process of adding more devs to the team.There will also be a white paper released very soon.


Ok so here we have a prime example of an XSPEC shill, let's take a look
https://bitcointalk.org/index.php?action=profile;u=1764701;sa=showPosts

4 Posts, all 4 about XSPEC.

Also your coin wiki post proves nothing, your comment about "what's to come" proves nothing.

Bryce has improved nothing and probably doesn't exist, looking through gunners thread there was 1 example of Bryce talking to the community, this was probably jbg with a different account.

I have explained via code examples what the OBFS4 feature is, it's calling the TOR executable, it's not part of the code itself
I have shown what the so called "encryption improvements" are, allowing a ring size of 1 (not an improvement)

I have explained that all of the work has gone in to a system which allows you to donate to jbg while pretty well no work has gone in to the coin.

Like I said in my first post, fault the code findings please, hiring more developers = bs, in 1 year hes done under a days work on the coin and only implemented a feature that allows you to send him money.

Here is the "improvement to wallet startup" change

Original Shadow cash code
Quote
setTimeout(connectSignals, 500);

The big improved feature from XSPEC!
Quote
setTimeout(connectSignals, 200);

Changed the connectSignals function initiation time from 500 milliseconds to 200 milliseconds, he changed 500 to 200 and now claims he's made a big improvement again, nice try, more meaningless change being pushed as a meaningful change, no one will notice a difference between 500 vs 200 milliseconds and it just proves my point more.

Not even a good attempt sorry, lets see what the other shills try.
SnapFX
Jr. Member
*
Offline Offline

Activity: 588
Merit: 1


View Profile WWW
March 03, 2018, 10:12:39 AM
 #8

It is good that you wrote about a scam of this project. Now I will know that you shouldn't enter it.
I came into the Otho project recently too it appeared scam.

☉☉☉ ARTCOIN.AI ☉☉☉
▐| BLOCKCHAIN ART GALLERY SYSTEM |▌ (https://www.artcoin.ai/)
aceptamosbitcoin
Hero Member
*****
Offline Offline

Activity: 981
Merit: 503


View Profile
March 03, 2018, 10:13:30 AM
 #9


Spectrecoin are in the process of adding more devs to the team.There will also be a white paper released very soon.

I kind of like XSPEC because it's more private than even more hyped Onion.

But how are people investing in something what even doesn't have a simple Whitepaper?!
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 10:30:03 AM
 #10


Spectrecoin are in the process of adding more devs to the team.There will also be a white paper released very soon.

I kind of like XSPEC because it's more private than even more hyped Onion.

But how are people investing in something what even doesn't have a simple Whitepaper?!

I hope this thread has changed your mind some what, I've not dug as deep in to Onion but from the little research I've done it's another I would avoid.
waaat?
Full Member
***
Offline Offline

Activity: 574
Merit: 104


View Profile
March 03, 2018, 12:16:57 PM
 #11


Spectrecoin are in the process of adding more devs to the team.There will also be a white paper released very soon.

I kind of like XSPEC because it's more private than even more hyped Onion.

But how are people investing in something what even doesn't have a simple Whitepaper?!

I hope this thread has changed your mind some what, I've not dug as deep in to Onion but from the little research I've done it's another I would avoid.
Excellent jobs preshpr1nce! Intuitively I don't want to buy despite all PR with this coin. But now I saw some more solid arguments. Excellent. Will looking for developing. But now XSpec not looks so good for purchase
scotty0312
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
March 03, 2018, 12:23:21 PM
 #12

Your post on here means stuff all buddy. Your on the outside looking in, where on the inside looking out. You really shouldn't be posting absolute rubbish and FUD about something you know nothing about. Im shilling nothing, i'm telling no one to invest in spectrecoin as its entirely up to them to decide where their hard earned cash goes. The guys on the inside of this project know exactly where its at and where its heading. Just in the last few days there have been 3 new devs to come on board and offer their support. All i can suggest to the people reading your garbage is to watch all the new updates and releases about to come out in the coming days and weeks.You will than realize that the bloke who wrote this article has no credibility at all other than to be a troll!
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 12:39:04 PM
 #13

Your post on here means stuff all buddy. Your on the outside looking in, where on the inside looking out. You really shouldn't be posting absolute rubbish and FUD about something you know nothing about. Im shilling nothing, i'm telling no one to invest in spectrecoin as its entirely up to them to decide where their hard earned cash goes. The guys on the inside of this project know exactly where its at and where its heading. Just in the last few days there have been 3 new devs to come on board and offer their support. All i can suggest to the people reading your garbage is to watch all the new updates and releases about to come out in the coming days and weeks.You will than realize that the bloke who wrote this article has no credibility at all other than to be a troll!

So lets see now, I've provided evidence through code and even broke it down for the non coders, can you not understand or see this as evidence? what have you done other than make claims with 0 backing?

FUD? absolute rubbish? let others decide where their cash goes?

I am far far more concerned about people being mislead and buying in to lies than I am hurting your bias view, I do not FUD, I am just a person who wants to see blockchain and crypto as a whole succeed, these type of projects do nothing positive for this space and it's usually the new traders who get pulled in to it, I would much rather a new trader tell his friends the success he had with crypto vs how he was scammed and lost all his money.

Please, you made this account purely to promote XSPEC, you're now on here dribbling with no basis to your claims, you're upset.. It's ok, build a bridge.

I am more than happy to post links to the source files from the XSPEC GitHub where I've taken these snippets from, no made up stories here, would you like me to do this?
scotty0312
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
March 03, 2018, 01:01:44 PM
 #14

People will decide when they see whats about to be released this month and year. Thats the proof! Whats coming out of your mouth is just pure diarrhea. I will no longer be replying to this thread as its pathetic. To anyone reading this i urge you to get on to github over the coming weeks and month to decide for yourself.
preshpr1nce (OP)
Member
**
Offline Offline

Activity: 266
Merit: 60


View Profile
March 03, 2018, 01:26:41 PM
 #15

People will decide when they see whats about to be released this month and year. Thats the proof! Whats coming out of your mouth is just pure diarrhea. I will no longer be replying to this thread as its pathetic. To anyone reading this i urge you to get on to github over the coming weeks and month to decide for yourself.

So if you read gunners thread posted in my first post, you'll see he spoke to the XSPEC developer who also made him false promises about what's coming in Feb, he failed on this and nothing has happened, early march and nothing, so I'm not going to take your word on this.
I would stop posting too if I were in your shoes.
KimJungUn
Newbie
*
Offline Offline

Activity: 76
Merit: 0


View Profile
March 03, 2018, 03:58:38 PM
 #16

Thank you for taking the time out put this together.  It truly shows how much of a scam XPSEC is.
AshCoins
Full Member
***
Offline Offline

Activity: 336
Merit: 102


View Profile
March 03, 2018, 05:18:35 PM
 #17

Thanks for all your hardwork on this.  If I had merit to give, I would send you some.  I was initially going to ignore this thread as I figured it would just be another idiot claiming abc coin is a scam with no evidence.

So I sold out of XSPEC and doubled up on SUMO.  Would love to see you dig into some other low cap privacy coins, like Deeponion and Aeon.  I've always been weary of those.  And I'm pretty confident in SUMO but would love to see some validation from a programmer.
julianAm
Full Member
***
Offline Offline

Activity: 392
Merit: 100



View Profile
March 03, 2018, 05:28:11 PM
 #18

Thank you for taking the time out put this together.  It truly shows how much of a scam XPSEC is.
I saw somebody month ago who said about XSpec. And he said similar - XSpec scam. Were you? Also from North Korea. But I think same. And great thanks for those great job. Also will watch for thread

paeackk
Newbie
*
Offline Offline

Activity: 75
Merit: 0


View Profile
March 03, 2018, 05:45:27 PM
 #19

Thank you so much! It's really got me thinking. You did the titanic labors for us, but unfortunately i have no sendable merit to you  Cry 
I'm going to follow your further posts.
delirious_
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
March 03, 2018, 05:48:14 PM
 #20

Thanks a lot for posting your findings, now I only have to add a small piece about "obfs4 support' in Spectre.

Almost everywhere, "Tor+OBFS4 support" in SpectreCoin comes following words like native, integrated and built-in. The tool-tip in the GUI says Tor+OBFS4 connection online.

In the meantime, at least on Windows, to enable obfs4 support in SpectreCoin client you have to at the very least download obfs4proxy.exe and edit torrc manually to add the bridge. And there are three funny things to it:

  • First, spectre is able to recognize obfs4proxy in its data dir. It then strips the path and only passes the file name to Tor. Tor, in turn, attempts to find the executable in its own directory since it doesn't have the full path, and fails to do it.
  • Second, there used to be an obfs4 setup guide on the official Spectre site (it may still be there somewhere but having just had a quick look I couldn't find it), which did not result in obfs4 actually working, because of the combination of the points above and below this one
  • Third and my favourite, SpectreClient adds ClientTransportPlugin configuration option to Tor if it finds obfs4proxy executable but not the actual bridge config line; meaning Tor is aware that it can and needs to use obfs4 but isn't told how to connect to the bridge providing the functionality itself.

So much for native, integrated and built-in obfs4 support.
Pages: [1] 2 3 4 5 6 7 8 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!