gts476
|
|
May 20, 2014, 05:41:24 PM |
|
Since you seem to understand a lot about this, can you confirm something for me? Based on what I'm reading in here lately, the problem is that Mintpal wasn't staking, which allowed a 51% attack on the PoS model (NOT the PoW one) by people who owned far less than 51% of the coins but were 51%+ of what was being staked at the time. Is this right?
Correct, it seems the coin age and general apathy of coinholders was the main problem here. Ah, I wasn't aware of that possibility. This is a big problem with any coin, then, I'd say, because if an exchange is staking, they are effectively a partial reserve (people can't just withdraw when they want to). This seems like a pretty big flaw. It is and it isn't a problem. You could look at it as PoS doesn't work because of this problem with exchanges, or you could say that exchanges don't work because they are too lazy to adapt to PoS model. There is no reason that an exchange could not stake coins, and there is no reason that 100% of all coins need to be withdrawable 100% of the time. Exchanges have hot wallets which serve to meet the needs of consumer withdraw demands, the rest are usually in storage somewhere. This also prevents 100% loss if hacked. Just stake the cold storage wallet. Simples.
|
|
|
|
Ximp
Sr. Member
Offline
Activity: 336
Merit: 250
CS Student - BC Logo Guy
|
|
May 20, 2014, 05:41:41 PM |
|
Since you seem to understand a lot about this, can you confirm something for me? Based on what I'm reading in here lately, the problem is that Mintpal wasn't staking, which allowed a 51% attack on the PoS model (NOT the PoW one) by people who owned far less than 51% of the coins but were 51%+ of what was being staked at the time. Is this right?
Correct, it seems the coin age and general apathy of coinholders was the main problem here. Ah, I wasn't aware of that possibility. This is a big problem with any coin, then, I'd say, because if an exchange is staking, they are effectively a partial reserve (people can't just withdraw when they want to). This seems like a pretty big flaw. True, if I were to run an exchange like mintpal I would set up 33% to stake (to help protect the network) which is split up between holders of the coin on the exchange. The 33% coins would be split up every few days or so to keep enough coin age for staking. That way, unless there is a run on the proverbial bank, withdrawals should be able to happen without any problem. Also, unless I'm mistaken, it would be prudent for a limited max coin age to be set up. That way somebody with a few thousand coins can't let them sit for a year until attempting to take over the network. Also, it gives incentive to holders to help the network by staking their coins on a semi-regular basis (1 week or so at max).
|
|
|
|
gts476
|
|
May 20, 2014, 05:46:52 PM |
|
Since you seem to understand a lot about this, can you confirm something for me? Based on what I'm reading in here lately, the problem is that Mintpal wasn't staking, which allowed a 51% attack on the PoS model (NOT the PoW one) by people who owned far less than 51% of the coins but were 51%+ of what was being staked at the time. Is this right?
Correct, it seems the coin age and general apathy of coinholders was the main problem here. Ah, I wasn't aware of that possibility. This is a big problem with any coin, then, I'd say, because if an exchange is staking, they are effectively a partial reserve (people can't just withdraw when they want to). This seems like a pretty big flaw. True, if I were to run an exchange like mintpal I would set up 33% to stake (to help protect the network) which is split up between holders of the coin on the exchange. The 33% coins would be split up every few days or so to keep enough coin age for staking. That way, unless there is a run on the proverbial bank, withdrawals should be able to happen without any problem. Also, unless I'm mistaken, it would be prudent for a limited max coin age to be set up. That way somebody with a few thousand coins can't let them sit for a year until attempting to take over the network. Also, it gives incentive to holders to help the network by staking their coins on a semi-regular basis (1 week or so at max). +so so many.
|
|
|
|
gts476
|
|
May 20, 2014, 05:50:11 PM |
|
omg lol If you are staying at a hotel and an assassin comes and kills you, is the hotel management to blame for not having a tank and the army guarding the hotel? Does the hotel owe the victim blood money for his family? Of course not. At most, the hotel loses reputation, which is not to be taken lightly for any running bussiness, but nothing more. Mintpal is no different. Get off this big corporation / small farmer mentality.
Great analogy. How about, If I stay at a hotel and I put my shit in the hotel safe and because the hotel manager and his staff are from mintpal they allow a thief to steal my shit should they be liable? Er..... fuck yeah they should. wtflol. Ya they would be liable.... if mintpal was a safe that assured people that anything lost from the safe would be compensated. But an exchange is not a safe is it? Mintpal is not a bank. No it's not is it. But it is super competitive and cool! Which is why the dev team of every young PoS coin getting fucked atm out there should spend hours working on fixing issues that wouldn't exist if these clowns got their shit right. Tell me again about what gives mintpal their competitive edge? and why they shouldn't die as a buisness when they get fucked over for tens of thousands of their depositors $£? Edit* wait a second you two are trolling me right?
|
|
|
|
gts476
|
|
May 20, 2014, 05:58:14 PM |
|
omg lol If you are staying at a hotel and an assassin comes and kills you, is the hotel management to blame for not having a tank and the army guarding the hotel? Does the hotel owe the victim blood money for his family? Of course not. At most, the hotel loses reputation, which is not to be taken lightly for any running bussiness, but nothing more. Mintpal is no different. Get off this big corporation / small farmer mentality.
Great analogy. How about, If I stay at a hotel and I put my shit in the hotel safe and because the hotel manager and his staff are from mintpal they allow a thief to steal my shit should they be liable? Er..... fuck yeah they should. wtflol. Ya they would be liable.... if mintpal was a safe that assured people that anything lost from the safe would be compensated. But an exchange is not a safe is it? Mintpal is not a bank. No it's not is it. But it is super competitive and the dev team of every young PoS coin getting fucked atm out there should spend hours working on fixing issues that wouldn't exist if these clowns got their shit right. Tell me again about what gives mintpal their competitive edge? and why they shouldn't die as a buisness when they get fucked over for tens of thousands of their depositors $£? You assume that c2 @mintpal will become worthless, but that seems highly unlikely. 1. My C2 is in my wallet securing the blockchain CP7tPc3hu886FVuVcgLxj1PbU47ANFFzV6 so this is not about C2 value @ mintpal. But lets get this straight. MINTPAL DOESN'T HAVE ANY C2. so............... 50k satoshi price x the ammount of c2 that mintpal has = 0. C2 holders @ mintpal are only getting done right by the dev team who are creating a whole new coin to give to the guys who lost it due to mintpal imcompitance. IS MINTPAL GOING OUT THERE AND BUYING 22 MILLION C2 SO IT CAN HONOR THOSE MINTPAL USERS WHO PAID FOR C2 @ MINTPAL? NO IT ISN'T. THE DEV TEAM IS CREATING A WHOLE NEW COIN TO GIVE TO MINTPAL HOLDERS TO REPLACE C2 THAT MINTPAL DOESN'T HAVE! ITS MINTPAL BAIL OUT BY THE DEV TEAM! ITS QUANTITATIVE EASING! AND YOUR ACTUALLY SAYING MINTPAL HAS NO RESPONSIBILITY TO ITS DEPOSITORS?! R U WALL ST?
|
|
|
|
ranlo
Legendary
Offline
Activity: 1988
Merit: 1007
|
|
May 20, 2014, 06:01:53 PM |
|
Since you seem to understand a lot about this, can you confirm something for me? Based on what I'm reading in here lately, the problem is that Mintpal wasn't staking, which allowed a 51% attack on the PoS model (NOT the PoW one) by people who owned far less than 51% of the coins but were 51%+ of what was being staked at the time. Is this right?
Correct, it seems the coin age and general apathy of coinholders was the main problem here. Ah, I wasn't aware of that possibility. This is a big problem with any coin, then, I'd say, because if an exchange is staking, they are effectively a partial reserve (people can't just withdraw when they want to). This seems like a pretty big flaw. True, if I were to run an exchange like mintpal I would set up 33% to stake (to help protect the network) which is split up between holders of the coin on the exchange. The 33% coins would be split up every few days or so to keep enough coin age for staking. That way, unless there is a run on the proverbial bank, withdrawals should be able to happen without any problem. Also, unless I'm mistaken, it would be prudent for a limited max coin age to be set up. That way somebody with a few thousand coins can't let them sit for a year until attempting to take over the network. Also, it gives incentive to holders to help the network by staking their coins on a semi-regular basis (1 week or so at max). How about you get an exchange up and running for us then? . We'll love you forever! I'd absolutely love being able to earn stake while doing trading; as it is, keeping coins in the wallet and going back and forth is just too much of a hassle.
|
|
|
|
42coin fever
|
|
May 20, 2014, 06:06:05 PM |
|
Actually Mintpal could help prevent disaster from happened to minimal by simply set the coin confirmation higher at 50+.
|
|
|
|
Ximp
Sr. Member
Offline
Activity: 336
Merit: 250
CS Student - BC Logo Guy
|
|
May 20, 2014, 06:09:30 PM |
|
How about you get an exchange up and running for us then? Smiley. We'll love you forever! I'd absolutely love being able to earn stake while doing trading; as it is, keeping coins in the wallet and going back and forth is just too much of a hassle. Haha, that's the last project in the world I am prepared to do. It's the type of thing only serious security and money transfer business experienced people should undertake. I am neither. I would be definitely be interested in an advisory role if somebody wants to hire me though *cough* mintpal *cough*.
|
|
|
|
42coin fever
|
|
May 20, 2014, 06:13:47 PM |
|
Also, Coin2.0 did have bugs that we failed to take action. One that is obvious is the data files will fill your hard drive regardless size, very fast, if you have large amt of coins staking and eventually cause the server/PC shut down. This may be one of the problem exchanges avoid staking the coins help fending security. To bypass it, like BTer, up the maturity to as high as 100 conformation.
My guess only.
I hope Joel should considering find a way to make sure folders will be auto reset, recycle as the Security Cameras server recycle the recording folder itself once reached it limited storage space.
|
|
|
|
Souldream
Legendary
Offline
Activity: 1110
Merit: 1000
|
|
May 20, 2014, 06:22:42 PM |
|
Also, Coin2.0 did have bugs that we failed to take action. One that is obvious is the data files will fill your hard drive regardless size, very fast, if you have large amt of coins staking and eventually cause the server/PC shut down. This may be one of the problem exchanges avoid staking the coins help fending security. To bypass it, like BTer, up the maturity to as high as 100 conformation.
My guess only.
I hope Joel should considering find a way to make sure folders will be auto reset, recycle as the Security Cameras server recycle the recording folder itself once reached it limited storage space.
Yes, we must be able to disable/enable debug.log , this file grows like hell and can easily fill a full SSD ... ;-) Or simply creating a Max file debug length ! Need to define something like cfg.max_log_size :-) static void switch_log(char *file, FILE **f, int32_t (*pfinit)(void)) { if(cfg.max_log_size && file) //only 1 thread needs to switch the log { if(*f != NULL && ftell(*f) >= cfg.max_log_size * 1024) { int32_t rc; char prev_log[strlen(file) + 6]; snprintf(prev_log, sizeof(prev_log), "%s-prev", file); fprintf(*f, "switch log file\n"); fflush(*f); fclose(*f); *f = (FILE *)0; rc = rename(file, prev_log); if(rc != 0) { fprintf(stderr, "rename(%s, %s) failed (errno=%d %s)\n", file, prev_log, errno, strerror(errno)); } else if(pfinit()) { fprintf(stderr, "Initialisation of log file failed, continuing without logging thread %8lX. Log will be output to stdout!", (unsigned long)pthread_self()); cfg.logtostdout = 1; } } } }
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
May 20, 2014, 06:55:31 PM |
|
PLEASE. SHUT FUCK UP ABOUT MINTY.
WE STILL NEED TO BE ON MINTY.
we are close to a solution, do not destroy it again.
BE PATIENT AND WAIT SWAPPING INSTRUCTION, AND WE ARE GOOD SOON.
i hope
|
|
|
|
140hours
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 20, 2014, 07:18:15 PM |
|
omg lol If you are staying at a hotel and an assassin comes and kills you, is the hotel management to blame for not having a tank and the army guarding the hotel? Does the hotel owe the victim blood money for his family? Of course not. At most, the hotel loses reputation, which is not to be taken lightly for any running bussiness, but nothing more. Mintpal is no different. Get off this big corporation / small farmer mentality.
Great analogy. How about, If I stay at a hotel and I put my shit in the hotel safe and because the hotel manager and his staff are from mintpal they allow a thief to steal my shit should they be liable? Er..... fuck yeah they should. wtflol. Ya they would be liable.... if mintpal was a safe that assured people that anything lost from the safe would be compensated. But an exchange is not a safe is it? Mintpal is not a bank. No it's not is it. But it is super competitive and the dev team of every young PoS coin getting fucked atm out there should spend hours working on fixing issues that wouldn't exist if these clowns got their shit right. Tell me again about what gives mintpal their competitive edge? and why they shouldn't die as a buisness when they get fucked over for tens of thousands of their depositors $£? You assume that c2 @mintpal will become worthless, but that seems highly unlikely. 1. My C2 is in my wallet securing the blockchain CP7tPc3hu886FVuVcgLxj1PbU47ANFFzV6 so this is not about C2 value @ mintpal. But lets get this straight. MINTPAL DOESN'T HAVE ANY C2. so............... 50k satoshi price x the ammount of c2 that mintpal has = 0. C2 holders @ mintpal are only getting done right by the dev team who are creating a whole new coin to give to the guys who lost it due to mintpal imcompitance. IS MINTPAL GOING OUT THERE AND BUYING 22 MILLION C2 SO IT CAN HONOR THOSE MINTPAL USERS WHO PAID FOR C2 @ MINTPAL? NO IT ISN'T. THE DEV TEAM IS CREATING A WHOLE NEW COIN TO GIVE TO MINTPAL HOLDERS TO REPLACE C2 THAT MINTPAL DOESN'T HAVE! ITS MINTPAL BAIL OUT BY THE DEV TEAM! ITS QUANTITATIVE EASING! AND YOUR ACTUALLY SAYING MINTPAL HAS NO RESPONSIBILITY TO ITS DEPOSITORS?! R U WALL ST? I'm one of the holders of C2 at Mintpal, and I applaud the Devs heroic gesture to make sure none of us Mintpal customers with C2 in their accounts get hosed. The question is, when this storm has passed, a show of hands as to which exchange will give the coin, and its holders, the best and most secure trading platform? Hmmmm.....
|
|
|
|
42coin fever
|
|
May 20, 2014, 07:30:53 PM |
|
PLEASE. SHUT FUCK UP ABOUT MINTY.
WE STILL NEED TO BE ON MINTY.
we are close to a solution, do not destroy it again.
BE PATIENT AND WAIT SWAPPING INSTRUCTION, AND WE ARE GOOD SOON.
i hope
It's good to mention it so Joel and team could simply find a solution solve it all at once. Although may delay a little but worth the effort in near future.
|
|
|
|
KingArbinV
Legendary
Offline
Activity: 1078
Merit: 1000
|
|
May 20, 2014, 08:21:51 PM |
|
Ok I've been quiet mostly for a few days thinking about this, don't know what the rest of the board thinks really, but its my opinion mintpal does have some kinda responsibility to this. Wouldn't if the network was getting attacked, mintpal should have noticed on day #1. Instead, they ignored it or knew about it, and it went on for 3 days. I've been a little out of it a few days so I picked up bits and pieces of what went down, mintpal doesn't really affect me as I have nothing there and wasn't excited about them to begin with. Now thought from what I hear, we were attacked, and now they are holding your C2 until they are compensated, saying they aren't held responsible for what happened that someone attacked and the devs are...
I think they lost their damn minds... no one is responsible really, the devs can't be blamed for this simply because on a POS system in order for the network to be secure the holders need to at least be staking something, some of you are doing this, most of you are not. Mintpal can't really be blamed other than they are trying to rob us, think about it, the rich list that was made recently, we have narrowed the attackers address down with it, thanks to this thread and you guys pointing him out. We know it says he had 28 mil total at one point, but he only has 1.6 mil left now, there are a total of 54mil real coins across the rich list. At 60 million if we were to pay them what they want, I think it was somewheres around the 20 mil range, we would be hurting you, but they don't care. I agree it was their poor security that allowed this, if their confirmations has been higher to transfer there, the coins that had been created on the other blockchain would have been nulled before they transfered.
Ok long story short, mintpal is trying to screw us, my opinion only. ---------------------------------------------------------------- A) The community PAID to get on there, something at like 40 votes * whatever they charge to vote. B) They are trying to go over the limit of coins to hurt you guys. C)There are 61 mil total C2 thanks to stake, they want 20mil, across the rich list it says there are 100 addresses containing 54mil, most of those belong to holders. Where does that 20mil come in?
Mintpal has no right to treat the C2 holders like this and especially try to lay blame on us.
|
World without fiats!
|
|
|
nrigo
|
|
May 20, 2014, 08:42:34 PM |
|
Ok I've been quiet mostly for a few days thinking about this, don't know what the rest of the board thinks really, but its my opinion mintpal does have some kinda responsibility to this. Wouldn't if the network was getting attacked, mintpal should have noticed on day #1. Instead, they ignored it or knew about it, and it went on for 3 days. I've been a little out of it a few days so I picked up bits and pieces of what went down, mintpal doesn't really affect me as I have nothing there and wasn't excited about them to begin with. Now thought from what I hear, we were attacked, and now they are holding your C2 until they are compensated, saying they aren't held responsible for what happened that someone attacked and the devs are...
I think they lost their damn minds... no one is responsible really, the devs can't be blamed for this simply because on a POS system in order for the network to be secure the holders need to at least be staking something, some of you are doing this, most of you are not. Mintpal can't really be blamed other than they are trying to rob us, think about it, the rich list that was made recently, we have narrowed the attackers address down with it, thanks to this thread and you guys pointing him out. We know it says he had 28 mil total at one point, but he only has 1.6 mil left now, there are a total of 54mil real coins across the rich list. At 60 million if we were to pay them what they want, I think it was somewheres around the 20 mil range, we would be hurting you, but they don't care. I agree it was their poor security that allowed this, if their confirmations has been higher to transfer there, the coins that had been created on the other blockchain would have been nulled before they transfered.
Ok long story short, mintpal is trying to screw us, my opinion only. ---------------------------------------------------------------- A) The community PAID to get on there, something at like 40 votes * whatever they charge to vote. B) They are trying to go over the limit of coins to hurt you guys. C)There are 61 mil total C2 thanks to stake, they want 20mil, across the rich list it says there are 100 addresses containing 54mil, most of those belong to holders. Where does that 20mil come in?
Mintpal has no right to treat the C2 holders like this and especially try to lay blame on us.
I agree with you about MintPal responsability and we have no exact report from MintPal about the attack to confirm the 20 millions range... The team of development even does not know the exact figures. What's to be done with that?
|
|
|
|
42coin fever
|
|
May 20, 2014, 09:00:04 PM |
|
King was right. The question is what shall we do about it. Frankly, I don't mind the lost coins to do what Coin2 ought to do.
If such incidentincident, product happened to be Bitcoin, Mintpal will be held full responsible. Is it double standard or bully?
In real world, All exchanges and brokerage firms would be held responsible for something like that. In Cryptos world, exchanges happen also a brokerage firm. Should held responsible for their's clients.
From my point of view, Coin2 and Minpal's coin2 holding clients have been rob, not by the theif but rather Mintpal.
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
May 20, 2014, 09:03:19 PM |
|
Ok I've been quiet mostly for a few days thinking about this, don't know what the rest of the board thinks really, but its my opinion mintpal does have some kinda responsibility to this. Wouldn't if the network was getting attacked, mintpal should have noticed on day #1. Instead, they ignored it or knew about it, and it went on for 3 days. I've been a little out of it a few days so I picked up bits and pieces of what went down, mintpal doesn't really affect me as I have nothing there and wasn't excited about them to begin with. Now thought from what I hear, we were attacked, and now they are holding your C2 until they are compensated, saying they aren't held responsible for what happened that someone attacked and the devs are...
I think they lost their damn minds... no one is responsible really, the devs can't be blamed for this simply because on a POS system in order for the network to be secure the holders need to at least be staking something, some of you are doing this, most of you are not. Mintpal can't really be blamed other than they are trying to rob us, think about it, the rich list that was made recently, we have narrowed the attackers address down with it, thanks to this thread and you guys pointing him out. We know it says he had 28 mil total at one point, but he only has 1.6 mil left now, there are a total of 54mil real coins across the rich list. At 60 million if we were to pay them what they want, I think it was somewheres around the 20 mil range, we would be hurting you, but they don't care. I agree it was their poor security that allowed this, if their confirmations has been higher to transfer there, the coins that had been created on the other blockchain would have been nulled before they transfered.
Ok long story short, mintpal is trying to screw us, my opinion only. ---------------------------------------------------------------- A) The community PAID to get on there, something at like 40 votes * whatever they charge to vote. B) They are trying to go over the limit of coins to hurt you guys. C)There are 61 mil total C2 thanks to stake, they want 20mil, across the rich list it says there are 100 addresses containing 54mil, most of those belong to holders. Where does that 20mil come in?
Mintpal has no right to treat the C2 holders like this and especially try to lay blame on us.
i understand there is no way to get 20 million. my suggestion: 1. confirm the lost 2. share the responsibility, certain lost shall be covered by mintpal 3. the remaining lost covered by top100 by certain percentage. i know ppl will be hurt, buy by this way we can easily and quickly solve the problem. (no more screenshot i guess, and exchanges can do the work) of course, we have already identified the attacker's address, and the loss amount shall minus the 1.6 million. if all ppl accept the solution, let dev and exchanges do the math. don't blame me, i just want a fast solution.
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
May 20, 2014, 09:11:17 PM |
|
for example.
if the lost is 20million.
20-1.6=18.4 million
1. mintpal cover 5 million 2. 13.4 million shall be covered by top100. as you said total supply around 61 million, so every top100 contribute around 20% for coin revival. (top100 only allowed to swap coins on mintpal)
maybe we lost 20% now, but we can get back on track and with all developing projects.
total supply still remain the same number as before.
C2 will get stronger if we agree to sacrifice.
|
|
|
|
nrigo
|
|
May 20, 2014, 09:16:37 PM |
|
for example.
if the lost is 20million.
20-1.6=18.4 million
1. mintpal cover 5 million 2. 13.4 million shall be covered by top100. as you said total supply around 61 million, so every top100 contribute around 20% for coin revival. (top100 only allowed to swap coins on mintpal)
maybe we lost 20% now, but we can get back on track and with all developing projects.
total supply still remain the same number as before.
C2 will get stronger if we agree to sacrifice.
Or MintPal could simply increase trading fees to 1% to cover the loss.
|
|
|
|
cyberhacker
Legendary
Offline
Activity: 1330
Merit: 1000
|
|
May 20, 2014, 09:20:06 PM |
|
for example.
if the lost is 20million.
20-1.6=18.4 million
1. mintpal cover 5 million 2. 13.4 million shall be covered by top100. as you said total supply around 61 million, so every top100 contribute around 20% for coin revival. (top100 only allowed to swap coins on mintpal)
maybe we lost 20% now, but we can get back on track and with all developing projects.
total supply still remain the same number as before.
C2 will get stronger if we agree to sacrifice.
Or MintPal could simply increase trading fees to 1% to cover the loss. what ever it is, we have to cooperate with mintpal. otherwise we are in a impasse. i am among top100. i do not risk my investment. i keep faith in the dev team and also want this rising platform. i am willing to sacrifice if we have no other solution. just make it quick and same amount. if we can sort it out, C2 will give more confidence to potential development. together we will survive and thrive. so please, devs. avoid war, we want smooth solution. ask other guys among top100. i hope they can understand and all for this proposal.
|
|
|
|
|