testingtester
Newbie
Offline
Activity: 13
Merit: 0
|
|
April 05, 2018, 07:41:55 AM |
|
So did I get it right: The devs just need to fix this timestamp bug and reset to the last legit block? The hacker(s) even cannot move their illegit coins? (btw: binance has blocked transfers to it, anyways)
It's actually not so hard to get it fixed and even the hackers coins removed: Simply exclude all blocks from the blockchain mined with a "bad timestamp" e.g. don't accept blocks where the next block is more than an hour ahead of the previous one. By doing it this way, you'd already see from the beginning which blocks "belong" to the attacker and which blocks are legit. Then you would simply set checkpoints to exclude the malicious chain and only include legit blocks again. It's definitely possible.. it requires some work but it's possible.. Definitely better than letting one person get away with > 20 Million XVG ... That's good news. So just a matter of time. Thanx for answer and I'm gonna return to your x17-xvg pool as soon as it is up again.
|
|
|
|
comingforthatbooty
Newbie
Offline
Activity: 20
Merit: 0
|
|
April 05, 2018, 07:42:32 AM |
|
here is the best piece of advice i can give to anyone.... BUY THE FN DIP!!!!....
Go buy that Centra and BitConnect dip while you're at it.
|
|
|
|
platinum4
|
|
April 05, 2018, 07:53:50 AM |
|
This is a pretty interesting event going on here. Attack vector of sopping up all seconds of time during a set block of time is pretty cool.
|
|
|
|
phm87
Full Member
Offline
Activity: 172
Merit: 101
Mining pool operator @ https://www.unimining.net
|
|
April 05, 2018, 08:00:20 AM |
|
Hello, The XVG wallet address you mentionned is UniMining XVG wallet. UniMining is a public pool where the miners mine together on a pool. All earnings that are generated by pool are sent to miners. Can you show me some proofs that I am the attacker ? I'd like to understand the issue to prevent any wrong use of UniMining. I complained also about this issue so I don't think that I'd be using my public pool to do this: https://bitcointalk.org/index.php?topic=3256693.msg33927153#msg33927153Thank you for ocminer help on this problem/attack, Best Regards, phm87
|
|
|
|
freemind1
Legendary
Offline
Activity: 1526
Merit: 1014
|
|
April 05, 2018, 08:04:16 AM |
|
If the developers do not solve it as soon as possible the way it says ocminer this can be terrible for the project
|
|
|
|
grinbuck
|
|
April 05, 2018, 08:11:23 AM |
|
so is there another fork coming? due to the flaw
There's going to have to be. Verge Dev Team will fix it quickly as they don't want anything to interfere with their upcoming partnership. Nobody is spreading fud about an attack that actually happened. There's proof that has been presented to everyone here. OCMiner is a *highly* respected member of the mining community, has been for years. Multiple pool operators have agreed with the assessment. Please save the attacks on him or the mining community at large. THAT is unproductive. Lol, what's next, claiming Mother Theresa kicked the terminally ill children she cared for? 'Teresa'. Not Theresa.
|
BTC: 37x5L8wq3pRxjDof6g2CnwgSrt34C5cFHy
|
|
|
invisiblefriend321
Member
Offline
Activity: 174
Merit: 10
|
|
April 05, 2018, 08:13:15 AM |
|
Yes but not sure how this attack works because it showed I was still earning. Just no payment happening.
The attack works like this: The attacker replaces the legit blockchain, with legit high difficulty blocks, with his low diff blocks, invalidating all legit blocks (orphans). That means no coins can be moved but his... He's not accepting any other transactions... He'd need to stop in order to get the coins moved again. The rest of the details is in post 1 much respect for explanation namaste
|
|
|
|
BlackPrapor
|
|
April 05, 2018, 08:13:24 AM |
|
The first thing to do to stop the attack would be blocking all exchange wallets for XVG, then exclude all hacker's blocks, then resume chain with a fix. Problem would be 100% solved, no harm done.
|
There is no place like 127.0.0.1 In blockchain we trust
|
|
|
trickymicky
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 05, 2018, 08:14:00 AM |
|
Wow, thanks for info guys.
|
|
|
|
bluejeanballa
Newbie
Offline
Activity: 6
Merit: 0
|
|
April 05, 2018, 08:15:52 AM |
|
Hello, The XVG wallet address you mentionned is UniMining XVG wallet. UniMining is a public pool where the miners mine together on a pool. All earnings that are generated by pool are sent to miners. Can you show me some proofs that I am the attacker ? I'd like to understand the issue to prevent any wrong use of UniMining. I complained also about this issue so I don't think that I'd be using my public pool to do this: https://bitcointalk.org/index.php?topic=3256693.msg33927153#msg33927153Thank you for ocminer help on this problem/attack, Best Regards, phm87 It appears that idolism made that post right when the attack stopped and doesn't realize how to identify the malicious blocks. All of the time stamps to your address appear to be legit, at a quick glance.
|
|
|
|
invisiblefriend321
Member
Offline
Activity: 174
Merit: 10
|
|
April 05, 2018, 08:16:30 AM |
|
do not be fooled by the FUD
real huge things happening -- this is a coin that has grown and worked hard from infancy ! growing pains r ok --- we see it with the top 3 tokens -- yet it slides -- plus the larger coins have such a pocket of money to grab from without true regulation --
verge does it for truth n honor and true change !
maybe not the most professional marketing team -- but id rather them not waste money on fake marketing ! until they r ready - which is finally gunna happen after so many years !
well deserved !
true product !
respect n namaste
|
|
|
|
invisiblefriend321
Member
Offline
Activity: 174
Merit: 10
|
|
April 05, 2018, 08:17:20 AM |
|
The first thing to do to stop the attack would be blocking all exchange wallets for XVG, then exclude all hacker's blocks, then resume chain with a fix. Problem would be 100% solved, no harm done.
SIMPLE TRUTH - NAMASTE ! NO MORE DRAMA
|
|
|
|
|
SafeCoins
|
|
April 05, 2018, 08:26:28 AM |
|
Let us know if there's anything we can do to help, our coin was also recently attacked, by individuals who then tried to explain how mining exploits aren't really attacks, and the attacker "deserves" the blocks lol (even if they've taken over 100% of the network). All I can say when this stuff happens is relax, be calm, let the devs do their jobs, and give them the time to do it right. You want a good fix that will last, and one that can be shared with the open source community so that we can all learn from to be better. I personally have a lot of faith in verge and have followed them closely. The better you become, the more of a target you become. And with each attack and adversity faced, the better still you become. Coins that claim to have not been attacked ever are mostly either not paying attention or covering up. Verge will get this sorted and the whole crypto community will be better for it if it's done right. And they will be remembered not for the attack, but for how they handled it. We are all learning and getting better. Good luck! http://safecoin.org
|
|
|
|
platinum4
|
|
April 05, 2018, 08:30:26 AM |
|
Let us know if there's anything we can do to help, our coin was also recently attacked, by the codes partial creator, no less (j1777) who then tried to explain how mining exploits aren't really attacks, and the attacker "deserves" the blocks lol (even if they've taken over 100% of the network). All I can say when this stuff happens is relax, be calm, let the devs do their jobs, and give them the time to do it right. You want a good fix that will last, and one that can be shared with the open source community that we can all learn from to be better. I personally have a lot of faith in verge and have followed them closely. The better you become, the more of a target you become. And with each attack and adversity faced, the better still you become. Coins that claim to have not been attacked ever are mostly either not paying attention or covering up. Verge will get this sorted and the whole crypto community will be better for it if it's done right. We are all learning and getting better. Good luck! http://safecoin.orgThere is a fairness aspect to letting an attacker keep spoils of an exploit, if it wasn't exploitable, it wouldn't be motivated to have been found for profit. In essence this is a bug bounty paid involuntarily in XVG to the miner. It's not a theft per se. If it wrecks the coin it's not even that miner/attacker's fault-- shouldn't have been available to exploit in such a fashion in the first place. There is a testnet.
|
|
|
|
AnabolicRampage
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 05, 2018, 08:31:12 AM |
|
I don't have thousands upon thousands of dollars of verge. But shit happens. Look at how long ETN took to get their shit together. And did it moon? Sure as hell did. Did the community lose faith in ETN? Hell no.
Hahaha, worst example ever. Electroneum's shit is far from 'together' and it's sitting at around ICO price..go into their subreddit and tell me that the sentiment about the project isn't turning more negative by the day. Spoken like a blind verge fan boy. They're like Jehovah witness going door to door to spread b.s.. Their mods should not be kicking people from their social media for asking questions. If vendetta didn't blow this off like nbd, it would be different. ETN is hardly a crypto to brag about.. 1506 coins a second for 12+ hours is a big deal. Then you lie to everyone and tell them they're orphan blocks? Pathetic
|
|
|
|
oddstake
Newbie
Offline
Activity: 39
Merit: 0
|
|
April 05, 2018, 08:31:49 AM |
|
Devs' incompetency... What devs ?
|
|
|
|
AnabolicRampage
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 05, 2018, 08:38:15 AM |
|
do not be fooled by the FUD
real huge things happening -- this is a coin that has grown and worked hard from infancy ! growing pains r ok --- we see it with the top 3 tokens -- yet it slides -- plus the larger coins have such a pocket of money to grab from without true regulation --
verge does it for truth n honor and true change !
maybe not the most professional marketing team -- but id rather them not waste money on fake marketing ! until they r ready - which is finally gunna happen after so many years !
well deserved !
true product !
respect n namaste
You mean the company that takes money from its community, jokes about buying an island, then doesn't believe it's network is getting attacked, then blows off the miner won showed them, then says it's not a big deal, then tries to fix, then accidently hard forks, then rolls it back, then waits over 24 hours after 132 million coins have been mined to release a patch? They can shut down the exchanges for now.... there's still going to be over 132 million verge coins to flood the market at some point. Just like mt. Gox exec. Selling off bitcoin and flooding the market. Good thing verge has a community of people who bought ATH for their first crypto and don't want to admit their money is down the drain
|
|
|
|
SafeCoins
|
|
April 05, 2018, 08:38:33 AM |
|
There is a fairness aspect to letting an attacker keep spoils of an exploit, if it wasn't exploitable, it wouldn't be motivated to have been found for profit.
In essence this is a bug bounty paid involuntarily in XVG to the miner. It's not a theft per se. If it wrecks the coin it's not even that miner/attacker's fault-- shouldn't have been available to exploit in such a fashion in the first place. There is a testnet.
Disagree with you, the only time that would be deemed ethical is if the bug has been reported to the devs, and ignored, or the devs refused to fix an exploit which has been shared with them. Which could turn out to be the case. But realistically there are holes in almost every coin out there right now. We all know it, they just haven't all been found yet but history clearly shows this. So "should" becomes irrelevant when faced with the reallity that code is written by humans. In any case, for those of you worrying that this will be the end of verge, far from the case. They will be respond and be more secure for it.
|
|
|
|
Motngay2002
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 05, 2018, 08:40:09 AM |
|
When mining XVG oke ?
|
|
|
|
|