Bitcoin Forum
November 08, 2024, 03:36:15 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 [48] 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 »
  Print  
Author Topic: Re: Mining pools list  (Read 794 times)
wizkid057
Legendary
*
Offline Offline

Activity: 1223
Merit: 1006


View Profile
May 05, 2015, 04:58:11 PM
 #941

Confirming that eloipool is not vulnerable and that Eligius hasn't been subject to this attack I scanned the share database for duplicates since the last database cleanup (~week ago) and found no duplicate work credited.

Tips: 1LDQrLr6dPVqNJmpZm82eZVKqDFRk7ERW8
Operator of the Eligius Mining Pool - 0% Fee, SAPPLNS, GBT, Stratum, IRC+Phone Support, Share Market (coming soon), Generation payouts, and more.
Don't feed the trolls. Science Confirms: Internet Trolls Really Are Narcissistic, Psychopathic, and Sadistic (1)
Balthazar
Legendary
*
Offline Offline

Activity: 3108
Merit: 1359



View Profile
May 05, 2015, 05:02:05 PM
 #942

Confirming that eloipool is not vulnerable and that Eligius hasn't been subject to this attack I scanned the share database for duplicates since the last database cleanup (~week ago) and found no duplicate work credited.
Congratulations. By the way, I have always seen eligius as an example of good work. Wink
Luke-Jr
Legendary
*
Offline Offline

Activity: 2576
Merit: 1186



View Profile
May 05, 2015, 05:03:03 PM
 #943

FWIW, I also checked CKPool, and (as expected) it is not affected either.

kha0S
Full Member
***
Offline Offline

Activity: 186
Merit: 100



View Profile
May 05, 2015, 05:06:38 PM
 #944

We use eloipool too, so we are not affected. I found the problem in nodejs stratum. It was an easy patch.



GIVE-ME-COINS.com - The Professional Multicoin Pool -BTC LTC PPC FTC VTC

KHORE Pool - The biggest & fastest NVC pool

Balthazar
Legendary
*
Offline Offline

Activity: 3108
Merit: 1359



View Profile
May 05, 2015, 05:09:52 PM
 #945

We use eloipool too, so we are not affected. I found the problem in nodejs stratum. It was an easy patch.



I've seen an issue notification in the project... Was it yours?
kha0S
Full Member
***
Offline Offline

Activity: 186
Merit: 100



View Profile
May 05, 2015, 05:15:30 PM
 #946

Nope.
But I read about it a long time ago:

https://github.com/simplecrypto/powerpool/issues/128

I assumed everyone had patched already.

We use eloipool too, so we are not affected. I found the problem in nodejs stratum. It was an easy patch.



I've seen an issue notification in the project... Was it yours?

GIVE-ME-COINS.com - The Professional Multicoin Pool -BTC LTC PPC FTC VTC

KHORE Pool - The biggest & fastest NVC pool

eleuthria
Legendary
*
Offline Offline

Activity: 1750
Merit: 1007



View Profile
May 05, 2015, 06:58:13 PM
 #947

BTC Guild isn't affected as you mentioned.  The BTC Guild stratum server was actually written before Stratum even existed when I was working on a different mining protocol solution to prepare for ASICs.  Stratum was close-enough to my protocol proposal that it took just a few hours to adapt it to match stratum syntax.

Quite alarmed that such a simple bug is in the "official" stratum branch, I'm pretty sure I remember this same type of exploit existing in the early days of getwork mining servers.

RIP BTC Guild, April 2011 - June 2015
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
May 06, 2015, 02:11:42 AM
 #948

There is a vulnerability found in the majority of stratum mining protocol implementations. I've published the disclosure of this bug few weeks ago.
Why did you make a public disclosure in Russian of a security bug in software written and maintained by people who probably don't understand Russian?
The proper procedure for such things is to privately get in touch with the maintainers so they have an opportunity to fix it before public disclosure - especially for bugs easily exploited.

Balthazar contacted me a few days ago, mentioning the possibility of this bug causing poor 'luck' for GHash. I suggested posting an English translation on the pools board so I could see if there was a consensus that the attack was valid. I didn't even think about disclosure to GHash, but it should have been my first suggestion. Hassle me about that, not him. I'll certainly be forwarding GHash this discussion and see if that finally gets a response.

Nope.
But I read about it a long time ago:

https://github.com/simplecrypto/powerpool/issues/128

I assumed everyone had patched already.

Your link is from 21 days ago and uses the same example as Balthazar. Was there something from longer ago?

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
kano
Legendary
*
Offline Offline

Activity: 4620
Merit: 1851


Linux since 1997 RedHat 4


View Profile
May 06, 2015, 02:44:34 AM
 #949

https://github.com/slush0/stratum-mining/pull/12

Pool: https://kano.is - low 0.5% fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
The ONLY active original developer of cgminer. Original master git: https://github.com/kanoi/cgminer
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
May 06, 2015, 04:50:26 AM
 #950


That's from March, so I guess this is still based on Balthazar's initial post? Nothing earlier than that?

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
kano
Legendary
*
Offline Offline

Activity: 4620
Merit: 1851


Linux since 1997 RedHat 4


View Profile
May 06, 2015, 06:36:39 AM
 #951


That's from March, so I guess this is still based on Balthazar's initial post? Nothing earlier than that?
https://bitcointalk.org/index.php?topic=704756.msg11084506#msg11084506
That is April.
Or are you referring to something else?

March usually comes before April Smiley

https://github.com/slush0/stratum-mining/pull/12
is 42 days ago.

Pool: https://kano.is - low 0.5% fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
The ONLY active original developer of cgminer. Original master git: https://github.com/kanoi/cgminer
ghash.io
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile WWW
May 06, 2015, 01:17:55 PM
 #952

GHash.IO was vulnerable to this exploit, but it is already fixed. Thanks to everybody for cooperation.

Hi guys.

Read an article yesterday, and I think I know why some pools are so "unlucky".

In fact they're not unlucky, they're attacked through share multiplication issue. There is a vulnerability found in the majority of stratum mining protocol implementations. I've published the disclosure of this bug few weeks ago.

Vulnerability is caused by incorrect algorithm of verification for uniqueness. Instead of checking raw solutions, most of the pools are doing this through checking the hex-encoded representation. This allows miner to create multiple versions of the same share through applying uppercase function to hex encoded solution.

Quote
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31ee"]}
{"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31eE"]}
{"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31Ee"]}
{"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31EE"]}
{"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0aD31ee"]}
{"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}

This vulnerability seems as intentionally made i.e. backdoor. Simplest workaround is to use lower() method:

Code:
@@ -192,7 +192,12 @@ def submit_share(self, job_id, worker_name, session, extranonce1_bin, extranonce
    # Check nonce
    if len(nonce) != 8:
        raise SubmitException("Incorrect size of nonce. Expected 8 chars")

+    # normalize the case to prevent duplication of valid shares by the client
+    ntime = ntime.lower()
+    nonce = nonce.lower()
+    extranonce2 = extranonce2.lower()
+
    # Check for duplicated submit

As far I know, stratum-mining/eloipool/node-stratum-pool are vulnerable. Example of affected pools is ghash.io... Some pools like BtcGuild are not affected for unclear reason. Probably because they're using proprietary software.


kano
Legendary
*
Offline Offline

Activity: 4620
Merit: 1851


Linux since 1997 RedHat 4


View Profile
May 06, 2015, 06:04:31 PM
 #953


That's from March, so I guess this is still based on Balthazar's initial post? Nothing earlier than that?
https://bitcointalk.org/index.php?topic=704756.msg11084506#msg11084506
That is April.
Or are you referring to something else?

March usually comes before April Smiley

https://github.com/slush0/stratum-mining/pull/12
is 42 days ago.
I will add, yet again, that this is highly unlikely to make up for their luck statistics.

It would depend on the % of the pool that were external miners and those miners % of shares submitted using this.

Blaming their luck on nefarious miners requires a high % of external miners and a high % of them withholding or doing this.

As stated before, if it was withholding, they would have the information already about who was doing it since the amount of withholding would need to be large enough to make it clear who was doing it and they would need to be external miners and a large % of the pool.
If it was this, then they'd have the share information to see who did it since it would be a LOT of such shares by a LOT of external miners who would have to be a large external % of the pool.

Pool: https://kano.is - low 0.5% fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
The ONLY active original developer of cgminer. Original master git: https://github.com/kanoi/cgminer
cinnamon_carter
Legendary
*
Offline Offline

Activity: 1148
Merit: 1018


It's about time -- All merrit accepted !!!


View Profile WWW
May 06, 2015, 10:11:15 PM
 #954

I am late on this, can't believe as much as I read on the forum I missed it....  thanks to the heavy hitters here who put the time/research in and disclosed this.

Check out my coin Photon
Merge Mine 5 other Blake 256 coins - 6x your hash power  https://www.blakecoin.org/

The obvious choice is not always the best choice.

LOOK DEEPER - Look into the Blake 256 Family -- CC
bitsolutions
Sr. Member
****
Offline Offline

Activity: 261
Merit: 257



View Profile
May 07, 2015, 04:33:41 PM
 #955

FYI the coinbase tag "/pool34/" and address 15rQXUSBQRubShPpiJfDLxmwS8ze2RUm4z are mined by 21E6/21 Inc's private pool.

Mining Software Developer.
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
May 07, 2015, 09:32:28 PM
 #956

FYI the coinbase tag "/pool34/" and address 15rQXUSBQRubShPpiJfDLxmwS8ze2RUm4z are mined by 21E6/21 Inc's private pool.

Source?

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
bitsolutions
Sr. Member
****
Offline Offline

Activity: 261
Merit: 257



View Profile
May 08, 2015, 01:47:10 AM
 #957

FYI the coinbase tag "/pool34/" and address 15rQXUSBQRubShPpiJfDLxmwS8ze2RUm4z are mined by 21E6/21 Inc's private pool.

Source?

The big fat copyright notice at the bottom of their pool server webpage(its offline now). BTW they switched mining addresses to 1CdJi2xRTXJF6CEJqNHYyQDNEcM3X7fUhD and removed the coinbase tag.

Mining Software Developer.
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
May 08, 2015, 02:13:13 AM
 #958

FYI the coinbase tag "/pool34/" and address 15rQXUSBQRubShPpiJfDLxmwS8ze2RUm4z are mined by 21E6/21 Inc's private pool.

Source?

The big fat copyright notice at the bottom of their pool server webpage(its offline now). BTW they switched mining addresses to 1CdJi2xRTXJF6CEJqNHYyQDNEcM3X7fUhD and removed the coinbase tag.

Thanks for the info. I'll see if I can get independent confirmation.

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
denis2342
Newbie
*
Offline Offline

Activity: 29
Merit: 0



View Profile WWW
May 10, 2015, 08:03:41 PM
 #959

Hi

Reported this back in march, but nobody seemed to care.

https://bitcointalk.org/index.php?topic=1001603.0

Denis
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
May 10, 2015, 10:08:48 PM
 #960

Hi

Reported this back in march, but nobody seemed to care.

https://bitcointalk.org/index.php?topic=1001603.0

Denis


Thanks for posting, Denis. I guess if you'd posted it in the pools board (which more miners read) as well as the more applicable "mining software" board, it may have gotten more traction - I haven't been to the mining software board in a very long time.

How did you notice this? Did you post it elsewhere?

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 [48] 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!