|
BitPotus
|
 |
April 04, 2018, 08:36:01 PM |
|
When Ocminer tells you that Shit hit the Fan, Shit hit the fucking fan.
Verge fanbois better listen the fuck up.
|
|
|
|
|
|
|
|
|
|
|
|
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
cchub
Full Member
 Offline
Activity: 560
Merit: 101
Migranet ITO
|
|
April 04, 2018, 08:38:08 PM |
|
if im not wrong they fixed it bug could be happen on any coin even bitcoin so lets not blame them for bug lets blame them for not fixing it so fast
It cannot happen in bitcoin because bitcoin doesn't have such a system. Instead, bitcoin relies on proof-of-work only. |
|
|
|
|
aciddude
|
|
April 04, 2018, 08:40:53 PM |
|
nice a new version of the famed timewarp attack.. very interesting.
yep.. we pushed a quick fix and most pools have already updated.. we're already working on a whole new block verification process. we're kinda glad this happened and that it wasn't as bad as it could have been. Hmm, you guys are aware that the "fix" you pushed actually IS a hardfork ? So your blockchain snapshot is not valid anymore, the wallet's won't sync up from scratch anymore and the current chain is simply not usable anymore with that new "fix" ? Your change simply disagrees with the attackers blocks, the first block I see from the attacker was 2007365 - so the wallets will stop syncing there and simply not progress any further. I remember your first forking dramas when trying to fork into Tor which failed 2 times IIRC. You should immediately refrain from that "fix" and set a proper fork-height (at least 48h) and the chain up until the fork block MUST accept blocks with the old timestamps and blocks after that fork block then only with the new timestamp. bumping this for awareness how can we verify the hardfork ? just download an updated wallet which includes the "fix" - then download the blockchain snapshot and try to sync up to the latest block...it will get stuck at 2007364 heh Yeah I'm building their wallet with the fix now. |
|
|
|
ChekaZ
Legendary
Offline
Activity: 1884
Merit: 1005
|
|
April 04, 2018, 08:41:18 PM |
|
Great post ocminer, thanks for this valuable information & awesome to see the newbie accounts pop up and say its fake and fud  |
BTC: 1Ges1taJ69W7eEMbQLcmNGnUZenBkCnn45
FTC: 6sxjM96KMZ7t4AmDTUKDZdq82Nj931VQvY
|
|
|
Polonex
Newbie
Offline
Activity: 213
Merit: 0
|
|
April 04, 2018, 08:49:26 PM |
|
How can one initiate an attack such as this?
Do you need step by step instructions? Yes |
|
|
|
|
IDCToken
Newbie
Offline
Activity: 7
Merit: 0
|
|
April 04, 2018, 08:54:14 PM |
|
Can confirm it is still exploitable, will not abuse it futher myself but fix this problem immediately I'll give Verge some hours to solve this otherwise I'll make this public and another unpatchable problem.
|
|
|
|
|
ico_fond
Newbie
Offline
Activity: 21
Merit: 0
|
|
April 04, 2018, 08:54:44 PM |
|
So if I transfer XVG from exchange to my wallet there's the risk that my coins will be lost due hardfork?
|
|
|
|
|
ChekaZ
Legendary
Offline
Activity: 1884
Merit: 1005
|
|
April 04, 2018, 08:59:41 PM |
|
Github XVG:
"justinvforvendetta replied 2 hours ago
i'm glad this happened now. it's got us working on a whole new method for block and transaction verification =]"
Yeah, maybe work on a new verification method for blocks if he dev doesnt even know that nMaxClockDrift is in seconds..
static const int64 nMaxClockDrift = 2 * 15; // fifteen minutes
|
BTC: 1Ges1taJ69W7eEMbQLcmNGnUZenBkCnn45
FTC: 6sxjM96KMZ7t4AmDTUKDZdq82Nj931VQvY
|
|
|
bitcoinwallet1972
Newbie
Offline
Activity: 6
Merit: 0
|
 |
April 04, 2018, 09:00:28 PM |
|
i,m just a little seed and dont have any tech skills,verge is really a sollid part of my portfolio. i have a question if the buck stops @ block 2007365 and will stop syncing there and not progress any further. then the blockchain will stop and payments will stop with it so wouldend there be a lot of spam in the telegram and discord from people who are not getting there transactions thrue? i hope i can get a anwser to my question because FUD is the right statement of my state of being right now and asking these questions in discord or telegram is like putting your head in a sling right about now....  i just want to protect my investment and really believe in what verge represents but my $$$ are more important greetings from a little seedling  |
|
|
|
|
OiMonetka
Newbie
Offline
Activity: 3
Merit: 0
|
|
April 04, 2018, 09:00:58 PM |
|
U can't fix it through time... Why wouldn't u fix it through the prefix of current readable algorythm? I don't know how hard is it to realise, but (1) u may call each reachable algorythm with the new block with the prefix. Like for the SHA-256 - 00A-, DH - 00B-, Crypt - 00C-, NightCrypt - 01N-, Keccak - 01K-, Lyra - 012-, X11 - 00D-, X15 - 01D-, Blake - 01B-, Quibit - 00Q-, Quark - 01Q-... etc
(2) Randomise it. (3) Implement Not-in-a-row accessable algorythm. Done. Too hard? - skip (1)
|
|
|
|
|
boxalex
Member
Offline
Activity: 420
Merit: 13
|
|
April 04, 2018, 09:01:44 PM |
|
Great post ocminer, thanks for this valuable information
Totally agree. ocminer should get rewarded with some bigger amount of XVG from Verge for showing them a lot of their problems. GJ ocminer. Rarely seen such informative and excelent described problems on a forum. Hope you keep up the good work. |
|
|
|
|
IDCToken
Newbie
Offline
Activity: 7
Merit: 0
|
|
April 04, 2018, 09:03:14 PM |
|
Hey Verge Team,
get some real developers and fix your code.
We have found another 2 exploits which can make quick hashes aswell.
The (soon) Bits Team.
|
|
|
|
|
phm87
Full Member
Offline
Activity: 172
Merit: 101
Mining pool operator @ https://www.unimining.net
|
|
April 04, 2018, 09:05:15 PM |
|
nice a new version of the famed timewarp attack.. very interesting.
yep.. we pushed a quick fix and most pools have already updated.. we're already working on a whole new block verification process. we're kinda glad this happened and that it wasn't as bad as it could have been. Hmm, you guys are aware that the "fix" you pushed actually IS a hardfork ? So your blockchain snapshot is not valid anymore, the wallet's won't sync up from scratch anymore and the current chain is simply not usable anymore with that new "fix" ? Your change simply disagrees with the attackers blocks, the first block I see from the attacker was 2007365 - so the wallets will stop syncing there and simply not progress any further. I remember your first forking dramas when trying to fork into Tor which failed 2 times IIRC. You should immediately refrain from that "fix" and set a proper fork-height (at least 48h) and the chain up until the fork block MUST accept blocks with the old timestamps and blocks after that fork block then only with the new timestamp. bumping this for awareness Thank you ocminer, I hope that dev coin team will fix this problem and warn pools in a timely manner if a fork should be done. i'd be happy that we revert the coins mined by the attacker. From what I know they won't roll back and just move on.. However, they still must do the hardfork in a proper way I'd prefer that XVG coin dev team decide to roll back to cancel the coins mined during the hack, it is better I think. What do you think guys ? |
|
|
|
SacredRonin
Newbie
Offline
Activity: 191
Merit: 0
|
|
April 04, 2018, 09:07:33 PM |
|
@OP
As an avid Verge supporter I'm actually glad you did what you did. Thanks for helping.
Don't listen to the radicals on both sides.
Seems the issue is fixed, let's all move on and be happy this happened now and not later.
Finally! A VALID response from VergeFam! Thanks Ragnarok for posting something of value! |
|
|
|
|
OneNattyLitecoin
Sr. Member
Offline
Activity: 356
Merit: 335
If you don’t believe, why are you here?
|
|
April 04, 2018, 09:18:57 PM |
|
nice a new version of the famed timewarp attack.. very interesting.
yep.. we pushed a quick fix and most pools have already updated.. we're already working on a whole new block verification process. we're kinda glad this happened and that it wasn't as bad as it could have been. Hmm, you guys are aware that the "fix" you pushed actually IS a hardfork ? So your blockchain snapshot is not valid anymore, the wallet's won't sync up from scratch anymore and the current chain is simply not usable anymore with that new "fix" ? Your change simply disagrees with the attackers blocks, the first block I see from the attacker was 2007365 - so the wallets will stop syncing there and simply not progress any further. I remember your first forking dramas when trying to fork into Tor which failed 2 times IIRC. You should immediately refrain from that "fix" and set a proper fork-height (at least 48h) and the chain up until the fork block MUST accept blocks with the old timestamps and blocks after that fork block then only with the new timestamp. bumping this for awareness Thank you ocminer, I hope that dev coin team will fix this problem and warn pools in a timely manner if a fork should be done. i'd be happy that we revert the coins mined by the attacker. From what I know they won't roll back and just move on.. However, they still must do the hardfork in a proper way I'd prefer that XVG coin dev team decide to roll back to cancel the coins mined during the hack, it is better I think. What do you think guys ? A rollback? XVG will be judged accordingly. |
|
|
|
|
Dogedarkdev
Legendary
Offline
Activity: 1708
Merit: 1009
$XVG - The Standard in Crypto as a Currency!
|
|
April 04, 2018, 09:33:16 PM |
|
we are not doing a rollback and we are preparing a fork to patch this up.
|
_///// [$XVG] ★★★★★WE ARE ON THE VERGE ★★★★★ [MULTI-ALGO] /////_
|
|
|
|
bitcoinwallet1972
Newbie
Offline
Activity: 6
Merit: 0
|
|
April 04, 2018, 09:36:25 PM |
|
sorry tryd to make a quote from my last post.... but made a qoute from some one else here i just made a paymen from Binance : Completed XVG9.9 2018-04-04 23:20:54 Address: DLv25ww5CipJngsKMYemBTBWH14CUpucxX to the verge fundraise adress : 4th Apr 2018 23:23:52 d9480b0f0b95bb5ec8a066d93b54fcd8b97c7b7c0ee83effe4ad95b80f004a83 + 9.90000000 so i think my investment is safe for now,i was really hoping to get a fair reaction from one of you  thanks anyway for making a contribution in making the verge blockchain more reliable good luck and happy trading(mining) to you |
|
|
|
|
|
aciddude
|
|
April 04, 2018, 09:39:03 PM |
|
nice a new version of the famed timewarp attack.. very interesting.
yep.. we pushed a quick fix and most pools have already updated.. we're already working on a whole new block verification process. we're kinda glad this happened and that it wasn't as bad as it could have been. Hmm, you guys are aware that the "fix" you pushed actually IS a hardfork ? So your blockchain snapshot is not valid anymore, the wallet's won't sync up from scratch anymore and the current chain is simply not usable anymore with that new "fix" ? Your change simply disagrees with the attackers blocks, the first block I see from the attacker was 2007365 - so the wallets will stop syncing there and simply not progress any further. I remember your first forking dramas when trying to fork into Tor which failed 2 times IIRC. You should immediately refrain from that "fix" and set a proper fork-height (at least 48h) and the chain up until the fork block MUST accept blocks with the old timestamps and blocks after that fork block then only with the new timestamp. bumping this for awareness how can we verify the hardfork ? just download an updated wallet which includes the "fix" - then download the blockchain snapshot and try to sync up to the latest block...it will get stuck at 2007364 Confirmed. client stalls at block 2007364  |
|
|
|
Dogedarkdev
Legendary
Offline
Activity: 1708
Merit: 1009
$XVG - The Standard in Crypto as a Currency!
|
|
April 04, 2018, 09:50:06 PM |
|
nice a new version of the famed timewarp attack.. very interesting.
yep.. we pushed a quick fix and most pools have already updated.. we're already working on a whole new block verification process. we're kinda glad this happened and that it wasn't as bad as it could have been. Hmm, you guys are aware that the "fix" you pushed actually IS a hardfork ? So your blockchain snapshot is not valid anymore, the wallet's won't sync up from scratch anymore and the current chain is simply not usable anymore with that new "fix" ? Your change simply disagrees with the attackers blocks, the first block I see from the attacker was 2007365 - so the wallets will stop syncing there and simply not progress any further. I remember your first forking dramas when trying to fork into Tor which failed 2 times IIRC. You should immediately refrain from that "fix" and set a proper fork-height (at least 48h) and the chain up until the fork block MUST accept blocks with the old timestamps and blocks after that fork block then only with the new timestamp. bumping this for awareness how can we verify the hardfork ? just download an updated wallet which includes the "fix" - then download the blockchain snapshot and try to sync up to the latest block...it will get stuck at 2007364 Confirmed. client stalls at block 2007364 yeah we removed that, and we're doing a full fork update with extra block verifications. will be ready by tmrw =] |
_///// [$XVG] ★★★★★WE ARE ON THE VERGE ★★★★★ [MULTI-ALGO] /////_
|
|
|
|
boxalex
Member
Offline
Activity: 420
Merit: 13
|
|
April 04, 2018, 09:51:16 PM |
|
we are not doing a rollback and we are preparing a fork to patch this up.
Sorry to mess up this thread and topic a bit, but after i do not get for hours an answer on twitter, neither does the email function on the Verge homepage work, nor does someone respond on the Verge Bitcoin thread i have to try my luck here. I visited some hours ago the official Verge Twitter profil to read the news about the hash hack. While reading the tweed i noticed several messages offering a compensation for the attack by Verge. Send x Eth and you get some bonus back. Sounded legit to me as it was affilated to the hash attack and i suffered from it as well having had some hours only orphaned blocks on all my baikals, hence i fall victim to this damn scam on the official twitter page. Now, while i have myself for sure some vault for this i'am seriously angry about how on the official verge twitter page 100s of scams and fake messages that say they got the ETH back are tolerated and nobody cares about it?!?! How is this possible. After i realized i got scammed i even made a post in this tweet that its a scam and to remove it asap, nothing happened and people still fall after that scam. Only on that scam by now 12+ Eth have been transfered the last hours. Damn, i'am not a twitter guy and very rarely use it, but from an official Verge twitter profil i personal await its clean and at very least if this for some reason is not possible that there are warning messages about these scams!!!! But no, nothing, the whole official Verge Twitter profil is FULL of scams that are tolerated and people like me, fall victims to it. Fine, i lost some 1.8 ETH, but hourly these scams seems to collect a huge amount of ETH that way and nobody there at Verge cares? Seriously, so far i wondered about the twitter decision to ban crypto, but i begin to understand the decision. They must get shitload of complains from victims like me..... And what makes me even more angry ... no response: - Messaged some hours ago verge on twitter .... nothing, scams are staying and getting more and more - Put a tweet on the Verge tweet to remove the scams .... nothing, scams are just staying there - posted in the official bitcointalk Verge thread, nothing ...... - tried to email Verge about the ongoing scams .... email function on the homepage isn't even working, it just loads forever. And after 5 attempts to load it still loads after 2 hours, lol. I'am writting this as a XVG miner and lover, but this all makes me really sad and angry ..... |
|
|
|
|
|
