Anaximander (OP)
Newbie
Offline
Activity: 1
Merit: 0
|
|
March 13, 2014, 02:30:39 AM Last edit: March 13, 2014, 06:19:59 PM by Anaximander |
|
Update: To those whom are looking for the fix, you can PM CHAOSiTEC https://bitcointalk.org/index.php?action=pm;sa=send;u=223182 and he'll/she'll set you up. This week on the Darkcoin thread a fellow started posting screenshots of massive hashrates (400+MH/sec) using just a 4770k(Don't remember the exact model#) CPU. Through PM he revealed to me (and others) he was exploiting a bug in the Stratum protocol faulty implementation of the stratum protocol Here is a few quotes from the thread: Ok, to summarise, without disclosing too much info for others to try on other pools:
that guy with the huge "mining speed" was using a weakness in the stratum code, i noticed a weakness in the way the pool got the shares and set defences up to prevent that kind of cheating, in reality he did not have that kind of mining power, and his shares wasn't worth anything to the pools overall progress. if you look at all the blocks discovered, why did his miner not discover ANY blocks at all, we should have been getting loads of blocks with that kind of speed, so i investigated, together with evan we set up a fix, now, next time he tries, the system will automatically ban him for a week. he tried connection through a proxy but already he was unable to get that kind of speed that he had at first. so that tells me it works as it should.. i also banned his ips from the server. and disabled automatic payout from his account.
hrt Newbie * Online Online
Activity: 27
View Profile Personal Message (Online) Trust: 0: -0 / +0(0) Re: cpu hashrate « Sent to: sippsnapp on: March 11, 2014, 06:44:56 PM » « You have forwarded or responded to this message. » Reply with quoteQuote ReplyReply Remove this messageDelete I run through mining proxy with a changed code. it denies automatic difficulty adjustment on pool stratum server, assign to each share variable hash raws [not unfeigned] thus stratum server is incapable to make up authenticity of this shares. i have always calculated at 0 diff and got all shares accepted, earnings respectively Report To Admin hrt Newbie * Online Online
Activity: 27
View Profile Personal Message (Online) Trust: 0: -0 / +0(0) Re: cpu hashrate « Sent to: sippsnapp on: March 11, 2014, 08:50:38 PM » « You have forwarded or responded to this message. » Reply with quoteQuote ReplyReply Remove this messageDelete added several extensions while compiled from 1.3 version in open source i tried with different algos and at now proxy works on X11, groestl, qubit and sha256d. saying clearly sha256d is not so useful as 500-1000GH guys play. on sha256d i have 80 iterations per second each pick up a low diff share at speed 48000KH. Running 30 CPU is equal to 115GH if you are interested and there are other engaged people i can start a new topic with this on mind and share proxy for small donate although pulling out this in public would be risky as this is still cheating As I'm fat and lazy to the point of having that annoying fat-finger problem where I keep accidentally typing 4+ keys at a time, I'm not going to spend more time on this post, heres the Darkcoin thread link(Just goto page 428): https://bitcointalk.org/index.php?topic=421615.0This doesn't just effect Darkcoin pools, it likely effects any pool using Stratum (If configured improperly) Let me know if this sounds like a known bug/issue (Out of curiosity) Thanks!
|
|
|
|
|
|
Even in the event that an attacker gains more than 50% of the network's
computational power, only transactions sent by the attacker could be
reversed or double-spent. The network would not be destroyed.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
jgalt1
Newbie
Offline
Activity: 1
Merit: 0
|
|
March 13, 2014, 02:43:05 AM |
|
Very good of you to post this. I have been mining there and got cheated as a result of this.
The mining these days is tough enough without jerks like that.
Also, great work by whomever got the cheater to TALK!
He couldn't keep from bragging about his crimes just like most criminals!!
|
|
|
|
NUFCrichard
Legendary
Offline
Activity: 1218
Merit: 1003
|
|
March 13, 2014, 07:21:20 AM |
|
this might explain why someone was mining anime at 800MH a while back, people assumed it was a huge botnet.
|
|
|
|
bitcoyim
Member
Offline
Activity: 65
Merit: 10
|
|
March 13, 2014, 10:17:37 AM |
|
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 10:53:03 AM |
|
Do you know if this affects litecoin pools
|
Bitrated user: ahmedbodi.
|
|
|
bitcoyim
Member
Offline
Activity: 65
Merit: 10
|
|
March 13, 2014, 10:55:27 AM |
|
It effects all pools and all algorithms
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 10:58:02 AM |
|
It effects all pools and all algorithms
how do you know for sure? pooler patched litecoin already befor
|
Bitrated user: ahmedbodi.
|
|
|
bitcoyim
Member
Offline
Activity: 65
Merit: 10
|
|
March 13, 2014, 10:59:12 AM |
|
It effects all pools and all algorithms
how do you know for sure? pooler patched litecoin already befor Need to test this. Maybe some pool owners can be fixed this.
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:00:09 AM |
|
my personal belief. it affects other algorithm's where we do not have an accurate diff1
|
Bitrated user: ahmedbodi.
|
|
|
feeleep
Legendary
Offline
Activity: 1197
Merit: 1000
|
|
March 13, 2014, 11:04:09 AM |
|
my personal belief. it affects other algorithm's where we do not have an accurate diff1
this is my understanding also that pool ops have wrong diff1...
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:07:37 AM |
|
the big problem her is how to work it out. the only person i know who could do it is pooler.
|
Bitrated user: ahmedbodi.
|
|
|
feeleep
Legendary
Offline
Activity: 1197
Merit: 1000
|
|
March 13, 2014, 11:10:38 AM |
|
the big problem her is how to work it out. the only person i know who could do it is pooler.
i think this is a matter of changing diff1 in template_registry file
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:14:31 AM |
|
problem is what should the value be
|
Bitrated user: ahmedbodi.
|
|
|
feeleep
Legendary
Offline
Activity: 1197
Merit: 1000
|
|
March 13, 2014, 11:16:36 AM |
|
problem is what should the value be if we are talking about darkcoin - it should be the same as sha256 diff1 = 0x00000000ffff0000000000000000000000000000000000000000000000000000
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:20:33 AM |
|
hmmm. thats what i would expect. tbqh darkcoin i couldnt give a crap about. its an unsupported scenario as i dont officially have it in the CryptoExpert repo. so any flaws are up to the OP. so atm i only care about:
Scrypt/ScryptJane (Uses Pooler's diff1) Sha256 (Slush's Diff1) Quark (PR from someone) Skein (Uses SHA256 Diff1)
|
Bitrated user: ahmedbodi.
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:34:12 AM |
|
Okay back.
Done a test on stratum-mining and eloipool using the exploit documented above. Stratum-mining and eloipool in scrypt mode both reject these shares. This makes it almost 99% sure that it is a diff1 error and stratum-mining IS NOT at fault. the pool operator's are at fault for not using the correct diff1's for the algorithm
|
Bitrated user: ahmedbodi.
|
|
|
alani123
Legendary
Offline
Activity: 2394
Merit: 1415
Leading Crypto Sports Betting & Casino Platform
|
|
March 13, 2014, 11:41:52 AM |
|
But this doesn't really clarify how this exploit pays out. If he doesn't actually contribute to the pool but still gets credited for crazy amount of fake shares then where does the pool get the reward for those shares from?
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
bitcoyim
Member
Offline
Activity: 65
Merit: 10
|
|
March 13, 2014, 11:42:33 AM |
|
Okay back.
Done a test on stratum-mining and eloipool using the exploit documented above. Stratum-mining and eloipool in scrypt mode both reject these shares. This makes it almost 99% sure that it is a diff1 error and stratum-mining IS NOT at fault. the pool operator's are at fault for not using the correct diff1's for the algorithm
For example: If Coin hashrate: 200 , compile mining proxy with difficult ~150, and you will see accepted shares.
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:48:20 AM |
|
But this doesn't really clarify how this exploit pays out. If he doesn't actually contribute to the pool but still gets credited for crazy amount of fake shares then where does the pool get the reward for those shares from?
Heres how it works Miner connects to pool, authorises and subscribes for work Miner conencts sets their own diff and starts doing work. work is calculated by a DIFF1. (what the difficulty of a difficulty 1 share should be). Now if a miner hashes away at their hardcoded diff and ignores the diff the pool is sending. so the pool would increase their difficulty on the pools end to the max set (depends on the pool) and the pool wouldnt know that the miner is ignoring it. since the diff1 is wrong on the pool the pool would accept the difficulty the miner says it is and wouldnt check what the actual difficulty is. This means stratum thinks the diff == (theoretic scenario of 2048) while the miner is submitting a diff of (theoretic scenario of 0.001) so the miner will get paid for hundreds of shares with a diff of 2048 when really it should be 0.001
|
Bitrated user: ahmedbodi.
|
|
|
flower1024
Legendary
Offline
Activity: 1428
Merit: 1000
|
|
March 13, 2014, 11:51:32 AM |
|
hu? arent pools supposed to check that the supplied share does meet thier diff requirements?
|
|
|
|
ahmed_bodi
|
|
March 13, 2014, 11:53:37 AM |
|
they are and the stratum and sha algorithm's do. these idiot's using stratum without checking the diff1 are at fault and its their responability. it 100% isnt a fault in my code at all. i take responsability for scrypt and sha any other algo is up the user as i dont know myself how to calc what a diff1 value should be
|
Bitrated user: ahmedbodi.
|
|
|
bitcoyim
Member
Offline
Activity: 65
Merit: 10
|
|
March 13, 2014, 11:57:05 AM |
|
they are and the stratum and sha algorithm's do. these idiot's using stratum without checking the diff1 are at fault and its their responability. it 100% isnt a fault in my code at all. i take responsability for scrypt and sha any other algo is up the user as i dont know myself how to calc what a diff1 value should be
this is absolutely right
|
|
|
|
BorisTheSpider
|
|
March 13, 2014, 10:57:40 PM |
|
Hello everyone, I'm trying to understand this stratum exploit better, and something is confusing me. The lowest difficulty is defined by the biggest target. So if we look at the nBits of the genesis block, we then convert to hex (from the compact representation) to get the diff 1 targets. In BTC, genesis.nBits = 0x1d00ffff; https://en.bitcoin.it/wiki/Difficulty suggests we convert to a hex representation like: so the hex target is 0x00ffff * 2**(8*(0x1d - 3)) or 0000 0000 ffff 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 Which matches https://github.com/Crypto-Expert/stratum-mining/blob/master/lib/template_registry.py where for sha256 diff1 = 0x00000000ffff0000000000000000000000000000000000000000000000000000 Now looking at a scrypt coin, eg LTC: 0x1e0ffff0 is the genesis block nbits so the hex target is 0x0ffff0 * 2**(8*(0x1e - 3)) or 0000 0fff f000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 Which doesn't match stratum-mining if settings.COINDAEMON_ALGO == 'scrypt' or 'scrypt-jane': diff1 = 0x0000ffff00000000000000000000000000000000000000000000000000000000 ie. the stratum-mining code has 4 leading zeros in the 64 byte hex representation of the target, wheras I get 5 leading zeros when doing the conversion from the compact to the full hex representation of the max difficulty. I'm sure stratum-mining must be correct - where am I going wrong?
|
|
|
|
azhago
|
|
March 15, 2014, 03:38:36 PM Last edit: March 15, 2014, 03:52:44 PM by azhago |
|
On stablehash Groestl, someone take 99% of all rewards, sending thousands shares while other send 5 or 6.. Look at the invalide rate too.. I don't think this guy find any block too, but in anonymous, we can't verify.. There is some exploit out there..
|
|
|
|
Coindgr
|
|
March 15, 2014, 04:52:48 PM |
|
On stablehash Groestl, someone take 99% of all rewards, sending thousands shares while other send 5 or 6.. Look at the invalide rate too.. I don't think this guy find any block too, but in anonymous, we can't verify.. There is some exploit out there.. Pool owners should ban this kind of hashrate. If it was real, he could be solomining.
|
|
|
|
doge94
|
|
March 16, 2014, 01:55:34 AM |
|
On stablehash Groestl, someone take 99% of all rewards, sending thousands shares while other send 5 or 6.. Look at the invalide rate too.. I don't think this guy find any block too, but in anonymous, we can't verify.. There is some exploit out there.. Pool owners should ban this kind of hashrate. If it was real, he could be solomining. This person has been banned. He only made ~30k MYR before I banned him.
|
|
|
|
thekidcoin
Sr. Member
Offline
Activity: 308
Merit: 250
FlutterCoin Developer
|
|
March 17, 2014, 12:59:34 PM |
|
Could something like this combined with say a pool with 50% + of the network hashrate (at times up to 75%) cause a blockchain to stall, say for 1 1/2 hours at times with no found block?
At my last straw here LOL
|
1MYL967PR52xiNtqSP9WphRvPzKZDjBdxn
|
|
|
|