h1427096
Newbie
Offline
Activity: 2
Merit: 0
|
|
April 05, 2018, 01:37:04 PM |
|
so, do I understand it correctly: attacker keeps all his coins? 15.600.000+?
Yes ... It is 'his' chain that is now the main chain,so all the coins created in that chain are the 'legit' ones. VERY rich MF now! #crysx but ocminer said here https://bitcointalk.org/index.php?topic=3256693.msg33973629#msg33973629 that coins could be removed. The devs just don't care?
|
|
|
|
chrysophylax
Legendary
Offline
Activity: 2926
Merit: 1091
--- ChainWorks Industries ---
|
|
April 05, 2018, 01:38:13 PM |
|
So this attack was basically fixed, stop adding FUD.
Now talking about important matters:
will suprnova start mining xvg/lyra again? any ETA?
It was not fixed correctly. The hastily commited fix was actually causing even more problems. Stop patronizing people if you don't know what you are talking about. https://github.com/vergecurrency/VERGE/commit/a3dd53f40aaedd28bd4d0fc720f034492f7ded81actually it was committed, and is ready to roll. Awesome ... Thanks! #crysx
|
|
|
|
jl777B
|
|
April 05, 2018, 01:42:15 PM |
|
so, do I understand it correctly: attacker keeps all his coins? 15.600.000+?
Yes ... It is 'his' chain that is now the main chain,so all the coins created in that chain are the 'legit' ones. VERY rich MF now! #crysx but ocminer said here https://bitcointalk.org/index.php?topic=3256693.msg33973629#msg33973629 that coins could be removed. The devs just don't care? actually not doing a rollback over ~1% of coin supply is a good decision. I know some coins like to do rollbacks over even smaller amounts, but it is best to do rollbacks only if it presents a permanent danger to a coin.
|
|
|
|
chrysophylax
Legendary
Offline
Activity: 2926
Merit: 1091
--- ChainWorks Industries ---
|
|
April 05, 2018, 01:44:36 PM |
|
so, do I understand it correctly: attacker keeps all his coins? 15.600.000+?
Yes ... It is 'his' chain that is now the main chain,so all the coins created in that chain are the 'legit' ones. VERY rich MF now! #crysx but ocminer said here https://bitcointalk.org/index.php?topic=3256693.msg33973629#msg33973629 that coins could be removed. The devs just don't care? The devs CARE that is why they are doing what they can to protect the network. They cannot control everything though so to roll back a blockchain to before the attack and exclude the attackers blocks (which I think is what OCMiner was alluding to - and he is correct) ... if that is the case, well - they may as well rename the coin to ETH then! What has been done, has been done. Only my opinion of course, which isn't worth a pinch of salt if the Verge dev decides otherwise. #crysx
|
|
|
|
chrysophylax
Legendary
Offline
Activity: 2926
Merit: 1091
--- ChainWorks Industries ---
|
|
April 05, 2018, 01:45:38 PM |
|
so, do I understand it correctly: attacker keeps all his coins? 15.600.000+?
Yes ... It is 'his' chain that is now the main chain,so all the coins created in that chain are the 'legit' ones. VERY rich MF now! #crysx but ocminer said here https://bitcointalk.org/index.php?topic=3256693.msg33973629#msg33973629 that coins could be removed. The devs just don't care? actually not doing a rollback over ~1% of coin supply is a good decision. I know some coins like to do rollbacks over even smaller amounts, but it is best to do rollbacks only if it presents a permanent danger to a coin. Well put ... #crysx
|
|
|
|
abdulmad
|
|
April 05, 2018, 01:50:09 PM |
|
Well. Will these actions help to solve the problem so that it does not arise in the future. To break the chain it became impossible and the blocks met the conditions.
Highly unlikely ... Anyone that has enough hashpower and the knowledge to manipulate the blockchain in this way, CAN do this to almost any coin. Though I still believe that it could be miners that unwittingly set their farms to auto destruction mode and let loose. No one can blame the devs AND expect them to be responsible for it when the hashpower is completely out of their hands. The devs only method of defense is to write code that will 'try' and combat this issue. #crysx This is totally wrong. This exploit has been used with myriad and digibyte already and can be patched successfully Even after patching mate ... With the right amount of hashrate and knowhow, you can force the blockchain to do it all over again. #crysx @crysx I thought this was just a timewarp attack, are you alluding that its an actual 51% attack or both for it to get this result ? Yes ... Both as a single attack - if it actually was a dedicated attack. Some attack vectors can be patched out like OCMiner was saying, 51% can't. Without going into too much specific detail, as an attack handbook would, the prcedure is relatively simple if you have the hashpower behind you. - smash the network with MASSIVE hash skyrocketing the diff - mine to a local wallet or local pool withholding submission of shares tot he network for a period of time with VERY LOW hashrate - smash the network once again after your small time window to mine is done with MASSIVE hashrate again before the network has time to recover and submit ALL mined shares Your chain will be the longest chain and is the one accepted into the network as the main chain, forcing all other chains to follow suit, which 'reorganizes' the blockchains that everyone else has to the new 'main' chain, orphaning all previously mined blocks. Who has the developer knowledge and hashpower to do all this? Let's blame RUSSIA again, considering they are buying most of the ASIC's available today (I was kidding with the above sentence ... Well - the blame part anyway) #crysx Thanks for making this clear. Good luck team verge in rectifying the exploit.
|
|
|
|
testingtester
Newbie
Offline
Activity: 13
Merit: 0
|
|
April 05, 2018, 01:53:25 PM |
|
I understood it the way, it would NOT be a ROLL BACK, but more a FILTER OUT. at least the coins which would not have been moved away from the scammer addresses, what did not happen with the illegit blocks as I know, would be handled as if they never were created. this would be possible because the thieves did not allow any other transactions, so no one else would be hurt. correct?
|
|
|
|
Panadacoin
|
|
April 05, 2018, 01:56:07 PM |
|
so, do I understand it correctly: attacker keeps all his coins? 15.600.000+?
Yes ... It is 'his' chain that is now the main chain,so all the coins created in that chain are the 'legit' ones. VERY rich MF now! #crysx but ocminer said here https://bitcointalk.org/index.php?topic=3256693.msg33973629#msg33973629 that coins could be removed. The devs just don't care? The devs CARE that is why they are doing what they can to protect the network. They cannot control everything though so to roll back a blockchain to before the attack and exclude the attackers blocks (which I think is what OCMiner was alluding to - and he is correct) ... if that is the case, well - they may as well rename the coin to ETH then! What has been done, has been done. Only my opinion of course, which isn't worth a pinch of salt if the Verge dev decides otherwise. #crysx That is almost $1,000,000 worth. But I also see that in the ling range, it is less than 1% of market cap. It could go either way really. If they all get dumped it will definitely hurt things. But also rolling back may hurt things worse? Someone should be quick to release Verge Classic if a rollback happens.
|
|
|
|
Jedgar
Member
Offline
Activity: 219
Merit: 15
|
|
April 05, 2018, 01:59:38 PM |
|
But how can you manipulate the blockchain?
Well really attacking a blockchain could be done with a 51% attack but you need serious mining power. This way your mining rig is faster then anyone else mining at that moment and causes you to "win" all the blocks, something like that. The mentioned attack might be launched by a group of people with prior agreement. I have heard that the last attack has lasted around 13 hrs bringing a fortune of over one million dollars to those who organized it.
|
|
|
|
mpapageo
Newbie
Offline
Activity: 5
Merit: 0
|
|
April 05, 2018, 02:03:34 PM |
|
Nice discussion folks, been learning a lot here.
Does the fix not still leave the possibility of the forward clock timewarp idea? Or was that issue exclusive to POS "mode"?
|
|
|
|
cchub
Full Member
Offline
Activity: 560
Merit: 101
Migranet ITO
|
|
April 05, 2018, 02:07:25 PM |
|
How can an attacker get 1% out of mining? This attack must have taken much longer than a few hours like people were saying yesterday.
|
|
|
|
testingtester
Newbie
Offline
Activity: 13
Merit: 0
|
|
April 05, 2018, 02:09:25 PM |
|
How can an attacker get 1% out of mining? This attack must have taken much longer than a few hours like people were saying yesterday.
he was the only one mining, making 1 block per second
|
|
|
|
ktru19
Jr. Member
Offline
Activity: 181
Merit: 1
|
|
April 05, 2018, 02:09:52 PM |
|
is this safe to mine again? seeing its back up on yiimp pool
|
|
|
|
dailoc_au
Newbie
Offline
Activity: 71
Merit: 0
|
|
April 05, 2018, 02:11:35 PM |
|
XVG is a good coin? it is appropriate to BUY and HOLD long-term ? someone or give me advice. thanks
|
|
|
|
coinfoundry
Full Member
Offline
Activity: 292
Merit: 100
Miningcore
|
|
April 05, 2018, 02:11:47 PM |
|
So this attack was basically fixed, stop adding FUD.
Now talking about important matters:
will suprnova start mining xvg/lyra again? any ETA?
It was not fixed correctly. The hastily commited fix was actually causing even more problems. Stop patronizing people if you don't know what you are talking about. https://github.com/vergecurrency/VERGE/commit/a3dd53f40aaedd28bd4d0fc720f034492f7ded81actually it was committed, and is ready to roll. Have pool daemons to be synced from scratch or will they carry on with whatever state they had before being shutdown while the attack was going on?
|
|
|
|
aciddude
|
|
April 05, 2018, 02:13:55 PM |
|
How can an attacker get 1% out of mining? This attack must have taken much longer than a few hours like people were saying yesterday.
I'm quoting @OCminer from a previous post https://bitcointalk.org/index.php?topic=3256693.msg33956498#msg33956498The attack started on block 2007365 and ended on block 2010039 = 2674 blocks, okay lets say 2500 blocks... One Block makes about 1560 coins, so you have 2500 * 1560 = 3,900,000 "extra" coins generated (at least!) .... - This means the attack lasted for enough time to allow 3.9 Million XVG to be created illegally. That's 32.72 BTC at current prices or $223,902 USD
|
|
|
|
testingtester
Newbie
Offline
Activity: 13
Merit: 0
|
|
April 05, 2018, 02:22:46 PM |
|
look 1st post: "... EDIT: On 05. April the attacker started again and mined about 12k blocks again: I skimmed the logs and saw the attacker started the new attack at around block 2014060 and stopped just now at block 2026196 .. 12k blocks this time Lets say 10k... so additional 10.000 + 1560 = 15.600.000 " How can an attacker get 1% out of mining? This attack must have taken much longer than a few hours like people were saying yesterday.
I'm quoting @OCminer from a previous post https://bitcointalk.org/index.php?topic=3256693.msg33956498#msg33956498The attack started on block 2007365 and ended on block 2010039 = 2674 blocks, okay lets say 2500 blocks... One Block makes about 1560 coins, so you have 2500 * 1560 = 3,900,000 "extra" coins generated (at least!) .... - This means the attack lasted for enough time to allow 3.9 Million XVG to be created illegally. That's 32.72 BTC at current prices or $223,902 USD
|
|
|
|
The Hitman
Newbie
Offline
Activity: 17
Merit: 0
|
|
April 05, 2018, 02:23:51 PM |
|
XVG is a good coin? it is appropriate to BUY and HOLD long-term ? someone or give me advice. thanks
RUN!!
|
|
|
|
aciddude
|
|
April 05, 2018, 02:26:51 PM |
|
look 1st post: "... EDIT: On 05. April the attacker started again and mined about 12k blocks again: I skimmed the logs and saw the attacker started the new attack at around block 2014060 and stopped just now at block 2026196 .. 12k blocks this time Lets say 10k... so additional 10.000 + 1560 = 15.600.000 " How can an attacker get 1% out of mining? This attack must have taken much longer than a few hours like people were saying yesterday.
I'm quoting @OCminer from a previous post https://bitcointalk.org/index.php?topic=3256693.msg33956498#msg33956498The attack started on block 2007365 and ended on block 2010039 = 2674 blocks, okay lets say 2500 blocks... One Block makes about 1560 coins, so you have 2500 * 1560 = 3,900,000 "extra" coins generated (at least!) .... - This means the attack lasted for enough time to allow 3.9 Million XVG to be created illegally. That's 32.72 BTC at current prices or $223,902 USD Ha I just saw that as I went back to check the mined addresses. We are now looking at a total of ~ 3.9 Million + 15.6 Million ~19,500,000 XVG have been created illegally Equals to 166.725 BTC or around $1,147,034.43 USD
|
|
|
|
CA_TD_investor
Newbie
Offline
Activity: 41
Merit: 0
|
|
April 05, 2018, 02:34:33 PM |
|
Let us know if there's anything we can do to help, our coin was also recently attacked, by individuals who then tried to explain how mining exploits aren't really attacks, and the attacker "deserves" the blocks lol (even if they've taken over 100% of the network). All I can say when this stuff happens is relax, be calm, let the devs do their jobs, and give them the time to do it right. You want a good fix that will last, and one that can be shared with the open source community so that we can all learn from to be better. I personally have a lot of faith in verge and have followed them closely. The better you become, the more of a target you become. And with each attack and adversity faced, the better still you become. Coins that claim to have not been attacked ever are mostly either not paying attention or covering up. Verge will get this sorted and the whole crypto community will be better for it if it's done right. And they will be remembered not for the attack, but for how they handled it. We are all learning and getting better. Good luck! http://safecoin.orgIt seems you are still claiming what happened to unSAFE was an attack, contrary to what you agreed. You also didnt fix all the issues in unSAFE yet. It was not an attack.... they're idiots. I love reading how these SAFECOIN guys still try and defend their ineptitude. I'm not a developer, and yet a simple understanding of the KOMODO ecosystem shows that they didn't know what they were doing. The continually orchestrated effort of forum posts and slander is the only recourse they have... because you know.... who wants to apologize, accept fault and fix their own problems right? Safecoin... get your shit together and stop taking offense and start taking help... everyone needs it.
|
|
|
|
|