Bitcoin Forum
November 07, 2024, 02:04:21 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: [BOUNTY] Approx $20kUSD - 623,000 Syscoin -Hack the Syscoin Bridge to ETH [OPEN]  (Read 917 times)
ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 18, 2019, 01:59:15 AM
Last edit: July 22, 2019, 01:37:23 AM by ozBigPoppa
 #1

Background
Syscoin Website
White Papers

SYSCOIN BOUNTY - 623,000

As the community members keep adding to our Bounty, we are setting the following conditions taking into consideration the initial bounty was 200k raised by Sidhujag.

Bounty Reward:
High Severity - 300k

You are able to create/mint/double spend Syscoin or assets
Fork the network

Small - Medium - 50k
Logic errors that may cause issues to the network

If there are multiple submissions then bounty will be split based on severity, lower severity gets less coins and higher severity gets more coins. Minimum of 300k SYS for high severity even if many submissions we will ensure high severity takes at least 300k SYS.

DEADLINE
Aug 10, 2019 10 PM UTC

The Syscoin Team and Community members have come together to offer 300,000 edit: 623,000 Syscoin to anyone that can break the bridge between Syscoin and Ethereum that is currently functional on Testnet right now. Please try if you are able to use linux and cmd line consoles to build, run and interact with software. It is meant for those who have knack for breaking stuff (you know who you are) + software architects that want to try to make a quick buck or just learn about some cool new tech.

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents

Useful Links
Syscoin Testnet Setup
Syscoin Bridge
Testnet Explorer
SuperBlock Agents Rinkeby Explorer
SYSX Rinkeby Explorer

The rules are simple:
Situation #1: You win if you own tSYS that you shouldn't own with an attack.
Situation #2: You offer a way to fork the Testnet Network.

Conditions
Being a bad miner does not count as Testnet difficulty is low. But all else is fair game.

May the best hacker win!

Contributions
Sidhujag - 200k
Danosphere - 100k
Cryptoloot - 50k
BigPoppa - 45k
Zippyjetman - 5k
Babiko -5k
Nerzee - 4k
Locutus - 1k
Marys - 1k
Schlackyt - 2k
Johnp - 100k tbc/multisig wallet
Further 100k from Sidhujag
Coffeecupguru - 10k

Total:
623,000 Syscoin

Wallet Address:
3PvF2pmAJ3B1jtYUyuYwLbwL5cJWfPUqDE
danosphere
Legendary
*
Offline Offline

Activity: 1036
Merit: 1001


Syscoin- Changing the way people do business.


View Profile WWW
July 18, 2019, 05:55:23 AM
 #2

I'm throwing another 100k SYS onto this fire. Where are the hackers at?

Syscoin: Business on the Blockchain. - Buy and sell goods and services, send encrypted messages and more all secured by the blockchain.
Syscoin Website | Syscoin Whitepaper | Syscoin Team Price Peg
tribrzinec
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
July 18, 2019, 07:08:07 PM
 #3

Reward is keep increasing. I am also adding few thousands of SYS to reward.

Is there anyone who capable to hack SYS - ETH 2WP bridge without counterparty?

Is that solution for Ethereum scalability unhackable? Hmm ... Tongue
ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 18, 2019, 11:53:17 PM
 #4

Newest contributions. Thank you again to the community to getting behind this bounty!

Contributions
Danosphere - 100k
Zippyjetman - 5k
Babiko - 5k
Marys - 1k
Schlackyt - 2k
Johnp - 100k tbc/multisig wallet
hadarian
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
July 19, 2019, 01:03:18 AM
 #5

ETH bridge?
And what does it mean? Atomic swaps or something?
danosphere
Legendary
*
Offline Offline

Activity: 1036
Merit: 1001


Syscoin- Changing the way people do business.


View Profile WWW
July 19, 2019, 02:53:57 AM
 #6

ETH bridge?
And what does it mean? Atomic swaps or something?

Unrelated to atomic swaps. In a nutshell you burn Syscoins on the SYS blockchain and then use the the resulting proofs from that to mint SYSX ERC20 on the ETH chains through a series of contracts that validate the proof using SPV.

A few terms to be aware of:
Superblock chain (contract) - A two way sidechain between SYS and ETH. 'Agents' collect 60 minutes worth of block headers from the Syscoin chain and post them to a superblock contract on the Ethereum chain. Data from the superblock contract is used to validate proof-of-burn from the Syscoin chain using SPV proofs.
Agents - Nodes that are bonded by 3 ETH and are responsible for submitting SYS block headers to the superblock contract on ETH. These nodes are also responsible for challenging other's who are submitting block headers that do not match their own. This mismatch initializes a challenge/response game between the two. The loser loses their ETH. Agents also earn SYS ERC20 (SYSX) for submitting superblocks. They earn fees for all assets moving across the bridge.
Syscoin Relayer - A process that runs adjacent to syscoind and relays blocks from a local geth client to syscoin. This data is used to validate proof-of-burn from the Ethereum chain coming back to Syscoin using SPV.


There are probably multiple points of attack but i think the biggest opportunities, if any, would be in:
- Submitting bad data to the superblock contract and it not being challenged/declined by other agents
- The challenge response game in itself; DDoS of other agents, or other vectors in there.
- The Syscoin relayer, tricking it somehow maybe?

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents


Happy hacking Smiley

Syscoin: Business on the Blockchain. - Buy and sell goods and services, send encrypted messages and more all secured by the blockchain.
Syscoin Website | Syscoin Whitepaper | Syscoin Team Price Peg
ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 19, 2019, 02:56:17 AM
 #7

ETH bridge?
And what does it mean? Atomic swaps or something?

Hey hadarian,

Thanks for the questions.

You can checkout more information of the bridge here

But basically the bridge is a connection between Syscoin Assets and Ethereum ERC-20 tokens performed via a minting/burning process crosschecked by agents and validators, making it a trustless swap without any third-parties or P2P like atomic swaps. This enables ERC-20 tokens to come over to Syscoin and use it's protocol, and allows Syscoin Assets to move to ETH ERC-20 tokens to use it's protocol.

In a minting/burning fashion, the total supply will never increase/decrease, merely move between both chains.
For eg.
You have ERC20 token called CATS with 100k supply and you want to move over to Syscoin to use it's assets and Z-DAG(Zero Confirmation Transactions). You burn 50k(any amount) ERC20 + a fee, and move across to a Syscoin Asset called CATS. You will now have a 50k Supply on ERC-20 and a 50k supply on Syscoin side totalling the 100k. Then the same goes for moving back to ETH chain. You burn the 50k from SYS assets and move to the ETH ERC-20 side where CATS ERC20 is then minted again, bringing the ERC-20 supply back to 100k and Sys asset supply of CATS to 0.
CryptoJohn
Legendary
*
Offline Offline

Activity: 1680
Merit: 1003


Well, That's Crypto :-\


View Profile
July 19, 2019, 03:20:51 AM
 #8

ETH bridge?
And what does it mean? Atomic swaps or something?

Unrelated to atomic swaps. In a nutshell you burn Syscoins on the SYS blockchain and then use the the resulting proofs from that to mint SYSX ERC20 on the ETH chains through a series of contracts that validate the proof using SPV.

A few terms to be aware of:
Superblock chain (contract) - A two way sidechain between SYS and ETH. 'Agents' collect 60 minutes worth of block headers from the Syscoin chain and post them to a superblock contract on the Ethereum chain. Data from the superblock contract is used to validate proof-of-burn from the Syscoin chain using SPV proofs.
Agents - Nodes that are bonded by 3 ETH and are responsible for submitting SYS block headers to the superblock contract on ETH. These nodes are also responsible for challenging other's who are submitting block headers that do not match their own. This mismatch initializes a challenge/response game between the two. The loser loses their ETH. Agents also earn SYS ERC20 (SYSX) for submitting superblocks. They earn fees for all assets moving across the bridge.
Syscoin Relayer - A process that runs adjacent to syscoind and relays blocks from a local geth client to syscoin. This data is used to validate proof-of-burn from the Ethereum chain coming back to Syscoin using SPV.


There are probably multiple points of attack but i think the biggest opportunities, if any, would be in:
- Submitting bad data to the superblock contract and it not being challenged/declined by other agents
- The challenge response game in itself; DDoS of other agents, or other vectors in there.
- The Syscoin relayer, tricking it somehow maybe?

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents


Happy hacking Smiley
ETH bridge?
And what does it mean? Atomic swaps or something?

Hey hadarian,

Thanks for the questions.

You can checkout more information of the bridge here

But basically the bridge is a connection between Syscoin Assets and Ethereum ERC-20 tokens performed via a minting/burning process crosschecked by agents and validators, making it a trustless swap without any third-parties or P2P like atomic swaps. This enables ERC-20 tokens to come over to Syscoin and use it's protocol, and allows Syscoin Assets to move to ETH ERC-20 tokens to use it's protocol.

In a minting/burning fashion, the total supply will never increase/decrease, merely move between both chains.
For eg.
You have ERC20 token called CATS with 100k supply and you want to move over to Syscoin to use it's assets and Z-DAG(Zero Confirmation Transactions). You burn 50k(any amount) ERC20 + a fee, and move across to a Syscoin Asset called CATS. You will now have a 50k Supply on ERC-20 and a 50k supply on Syscoin side totalling the 100k. Then the same goes for moving back to ETH chain. You burn the 50k from SYS assets and move to the ETH ERC-20 side where CATS ERC20 is then minted again, bringing the ERC-20 supply back to 100k and Sys asset supply of CATS to 0.

Sounds pretty amazing!!!
hadarian
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
July 19, 2019, 03:26:35 AM
 #9

Interesting. I can see SYS project has been around for a couple of years, it has had its good and bad days but it seems it is quite legit. Thx ozBigPoppa and @danosphere

edit
60k TPS?? WTF? It has to be a one of the fastest blockchains  then

ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 19, 2019, 03:44:32 AM
 #10

Interesting. I can see SYS project has been around for a couple of years, it has had its good and bad days but it seems it is quite legit. Thx ozBigPoppa and @danosphere

edit
60k TPS?? WTF? It has to be a one of the fastest blockchains  then



We are surely up there at the very least. All verified by a Third-Party WhiteBlock. You can read the TPS reports here - WhiteBlock TPS Results
johnp
Hero Member
*****
Offline Offline

Activity: 575
Merit: 500


View Profile
July 19, 2019, 09:21:32 AM
 #11

Hmm Currently up around the $17K mark, not bad.

 *Image Removed*
danosphere
Legendary
*
Offline Offline

Activity: 1036
Merit: 1001


Syscoin- Changing the way people do business.


View Profile WWW
July 19, 2019, 06:34:49 PM
 #12

Bump for more hackers!

Syscoin: Business on the Blockchain. - Buy and sell goods and services, send encrypted messages and more all secured by the blockchain.
Syscoin Website | Syscoin Whitepaper | Syscoin Team Price Peg
ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 20, 2019, 01:11:40 AM
 #13

Another 100k Syscoin has been put up by Sidhujag and community member Coffeeshopguru has donated 10k.

Now bringing the total to 623,000 Syscoin.
qwe111
Newbie
*
Offline Offline

Activity: 80
Merit: 0


View Profile
July 20, 2019, 08:55:39 AM
 #14

PROOF OF AUTHENTICATING POST
Bitcointalk username : qwe111
Campaigns : facebook
beardedmage
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
July 21, 2019, 07:11:52 AM
 #15

Nice pile of 💰
ozBigPoppa (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
July 22, 2019, 01:38:03 AM
 #16

Updated OP with donation wallet. Waiting on one more donation of 10,000 Syscoin to come through.

Wallet Address:
3PvF2pmAJ3B1jtYUyuYwLbwL5cJWfPUqDE
blurryeyed
Full Member
***
Offline Offline

Activity: 670
Merit: 120


TIME TO BAN THE YOBIT SCAM!!


View Profile WWW
August 10, 2019, 09:55:46 AM
 #17

Why would anyone bother wasting their time hacking a worthless masternode shitcoin that is being constantly dumped by devs/masternode owners to pay off their debts/losses?

If anyone did bother with this pointless/worthless exercise, danosphere would simply delete/censor the result anyway like he does every post on the official SYS thread. Take a look at the unofficial thread & find out why this masternode shitcoin is in so much trouble:

https://bitcointalk.org/index.php?topic=4748031.0

GameCredits Unofficial: https://bitcointalk.org/index.php?topic=5254720.0   Funniest/stupidest shit list thread ever:  https://bitcointalk.org/index.php?topic=1064824.msg20344174#msg20344174 - The ultimate example of trust abuse by exposed scammer craslovell...
blurryeyed
Full Member
***
Offline Offline

Activity: 670
Merit: 120


TIME TO BAN THE YOBIT SCAM!!


View Profile WWW
August 12, 2019, 03:36:25 PM
 #18

To prove my point, danosphere the censorship king deletes another post:

Quote from: Bitcoin Forum
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave.

You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations.

Quote
SYS remains my favorite team in crypto.

Why? Because you enjoy the constant dumping? You're happy that your coins have become worthless? Or maybe you like the censorship? Or maybe you're pleased about the dev getting banned from BCT? Or perhaps you like being lied to constantly?

This is the worst performing masternode shitcoin out there & it's your favorite. You need to rethink your investment strategy.

Maybe danosphere could explain why between 100 - 80% of his "decentralized" network is owned by one address:

https://chainz.cryptoid.info/sys/extraction.dws?24697.htm

Would that be a BCF wallet address by any chance? The Syscoin network is about as decentralized as the FED, the only difference is that the FED don't dump as hard as BlockChainFoundry.

GameCredits Unofficial: https://bitcointalk.org/index.php?topic=5254720.0   Funniest/stupidest shit list thread ever:  https://bitcointalk.org/index.php?topic=1064824.msg20344174#msg20344174 - The ultimate example of trust abuse by exposed scammer craslovell...
Negcreep
Newbie
*
Offline Offline

Activity: 59
Merit: 0


View Profile
August 16, 2019, 10:17:58 AM
Last edit: August 16, 2019, 12:49:10 PM by Negcreep
 #19

To prove my point, danosphere the censorship king deletes another post:

Quote from: Bitcoin Forum
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave.

You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations.

Quote
SYS remains my favorite team in crypto.

Why? Because you enjoy the constant dumping? You're happy that your coins have become worthless? Or maybe you like the censorship? Or maybe you're pleased about the dev getting banned from BCT? Or perhaps you like being lied to constantly?

This is the worst performing masternode shitcoin out there & it's your favorite. You need to rethink your investment strategy.

Maybe danosphere could explain why between 100 - 80% of his "decentralized" network is owned by one address:

https://chainz.cryptoid.info/sys/extraction.dws?24697.htm

Would that be a BCF wallet address by any chance? The Syscoin network is about as decentralized as the FED, the only difference is that the FED don't dump as hard as BlockChainFoundry.

That's a BTC mining pool address, SYS is merge mined with BTC and also via 1600 masternodes around the world. That address holds only 2.2 million SYS, that's <0.4% of the total supply. Apparently there used to be another major pool participating but for unknown reasons it has dropped off. This is a side effect of market price I think. When things improve for SYS, decentralisation will also improve. i.e it'll be worth the effort for more pools to support merge mining.  
blurryeyed
Full Member
***
Offline Offline

Activity: 670
Merit: 120


TIME TO BAN THE YOBIT SCAM!!


View Profile WWW
August 16, 2019, 12:54:04 PM
 #20

That's a BTC mining pool address...

That's got to be the most stupidest statement ever, but not surprising coming from a bought/hacked account for Syscoin/BlockChainFoundry: 2 posts 18 months - both for SYS/BCF - I presume that's you @danosphere. Answer the question using your real account & stop censoring posts on your thread.

It's a SYS address, not a BTC address - or are you trying to say the SYS block explorer lists BTC addresses?.....lol

GameCredits Unofficial: https://bitcointalk.org/index.php?topic=5254720.0   Funniest/stupidest shit list thread ever:  https://bitcointalk.org/index.php?topic=1064824.msg20344174#msg20344174 - The ultimate example of trust abuse by exposed scammer craslovell...
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!