|
Jabulon
|
 |
April 02, 2014, 12:53:07 PM |
|
Wow great job rat4 on finding this... while others tried to turn a blind eye to the subject to protect the image of their dear coin, you pointed out the flaws so that they could hopefully fix them.
Great dev!!
Hear hear! This is a true act of community-service, a contribution of enormous value to the evolution of safe and legitimate cryptocurrency. It speaks for itself, from far above the maddening crowd, and partisan mudslinging based on ignorance and greed. |
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
PhilippeStevens
|
|
April 02, 2014, 12:54:49 PM |
|
I expect some apologies from people in here calling fud when he was trying to help other coins..
|
|
|
|
|
|
|
mgburks77
|
|
April 02, 2014, 12:59:58 PM |
|
I expect some apologies from people in here calling fud when he was trying to help other coins..
looks like the fud is still happening, I wouldn't hold your breath |
|
|
|
|
brokedummy
Legendary
 Offline
Activity: 980
Merit: 1004
|
|
April 02, 2014, 01:04:26 PM |
|
Wow great job rat4 on finding this... while others tried to turn a blind eye to the subject to protect the image of their dear coin, you pointed out the flaws so that they could hopefully fix them.
Great dev!!
Hear hear! This is a true act of community-service, a contribution of enormous value to the evolution of safe and legitimate cryptocurrency. It speaks for itself, from far above the maddening crowd, and partisan mudslinging based on ignorance and greed. This should NOT have been publicly exposed. If rat4 was truly a good guy he would have communicated this privately with the mintcointeam so that they could work on a fix before all was revealed. Not cool. |
|
|
|
|
rat4 (OP)
Full Member
Offline
Activity: 324
Merit: 197
Two-way squared
|
|
April 02, 2014, 01:06:39 PM |
|
Told OP it was a bad idea, was ignored by OP in the Blackcoin thread. If you don't understand the code you're modifying, don't muck with it.
These attacks are not applicable to BlackCoin. Guess why. |
|
|
|
|
maarx
|
|
April 02, 2014, 01:09:21 PM |
|
Wow great job rat4 on finding this... while others tried to turn a blind eye to the subject to protect the image of their dear coin, you pointed out the flaws so that they could hopefully fix them.
Great dev!!
Hear hear! This is a true act of community-service, a contribution of enormous value to the evolution of safe and legitimate cryptocurrency. It speaks for itself, from far above the maddening crowd, and partisan mudslinging based on ignorance and greed. This should NOT have been publicly exposed. If rat4 was truly a good guy he would have communicated this privately with the mintcointeam so that they could work on a fix before all was revealed. Not cool. That was done. This was posted 18 hours after notifying the mintcoin dev's. |
|
|
|
|
mgburks77
|
|
April 02, 2014, 01:10:00 PM |
|
Wow great job rat4 on finding this... while others tried to turn a blind eye to the subject to protect the image of their dear coin, you pointed out the flaws so that they could hopefully fix them.
Great dev!!
Hear hear! This is a true act of community-service, a contribution of enormous value to the evolution of safe and legitimate cryptocurrency. It speaks for itself, from far above the maddening crowd, and partisan mudslinging based on ignorance and greed. This should NOT have been publicly exposed. If rat4 was truly a good guy he would have communicated this privately with the mintcointeam so that they could work on a fix before all was revealed. Not cool. That is what someone who is honest would have done, but he went and got a bunch of people from the BC thread to come to this thread and the mintcoin thread to spread FUD We don't know even if there was actually a successful attack or not yet, that hasn't been confirmed. I certainly didn't notice any attack. |
|
|
|
|
|
|
|
mgburks77
|
|
April 02, 2014, 01:12:05 PM |
|
Perhaps now is the time for additional helpful security testing of blackcoin?
|
|
|
|
|
|
Soepkip
|
|
April 02, 2014, 01:16:25 PM |
|
Perhaps now is the time for additional security testing of blackcoin?
We welcome you to, really. We are talking about systems that keeps track of people's money. People invest in coins with their hard earned money or do it via mining with their expensive equipment. If the coin's system is at risk this is a risk for everyone involved. If you are successfull, have the same decency as us and report it to the devs. We did for MintCoin and you do not want to read their response. That is the sole reason it has been posted here. We too have money invested in other crypto's and would like them to be as secure as possible, that's why we checkout other coins security and report security risks immediatly. |
|
|
|
|
mgburks77
|
|
April 02, 2014, 01:18:53 PM |
|
Perhaps now is the time for additional security testing of blackcoin?
We welcome you to, really. We are talking about systems that keeps track of people's money. People invest in coins with their hard earned money or do it via mining with their expensive equipment. If the coin's system is at risk this is a risk for everyone involved. If you are successfull, have the same decency as us and report it to the devs. We did for MintCoin and you do not want to read their response. That is the sole reason it has been posted here. We too have money invested in other crypto's and would like them to be as secure as possible, that's why we checkout other coins security and report security risks immediatly.You mean same decency and also helpfully inform all mintholders to go to BC thread and spread FUD? No, I won't be doing that. |
|
|
|
|
XbladeX
Legendary
Offline
Activity: 1302
Merit: 1002
|
|
April 02, 2014, 01:27:30 PM |
|
Perhaps now is the time for additional security testing of blackcoin?
We welcome you to, really. We are talking about systems that keeps track of people's money. People invest in coins with their hard earned money or do it via mining with their expensive equipment. If the coin's system is at risk this is a risk for everyone involved. If you are successfull, have the same decency as us and report it to the devs. We did for MintCoin and you do not want to read their response. That is the sole reason it has been posted here. We too have money invested in other crypto's and would like them to be as secure as possible, that's why we checkout other coins security and report security risks immediatly.You mean same decency and also helpfully inform all mintholders to go to BC thread and spread FUD? No, I won't be doing that. Sry mgburks77 but Soepkip just answered because some people accuse BC developers Soepkip is one of them... He is not just random hater, flamer or FUDer...I just believe him he proved his trustworthy and transparency so far. |
Request / 26th September / 2022 APP-06-22-4587
|
|
|
rat4 (OP)
Full Member
Offline
Activity: 324
Merit: 197
Two-way squared
|
|
April 02, 2014, 01:28:37 PM |
|
Zero difficulty PoW is open door and cannot be trusted. One of possible fixes is to disable PoW. |
|
|
|
|
mgburks77
|
|
April 02, 2014, 01:32:30 PM |
|
I just believe him he proved his trustworthy and transparency so far. he's one of the one's so helpfully spreading FUD so no, that is not the type of attention he is attracting Zero difficulty PoW is open door and cannot be trusted. One of possible fixes is to disable PoW. Thank you. I wondered if that was a possibility or not. |
|
|
|
|
tacotime
Legendary
Offline
Activity: 1484
Merit: 1005
|
|
April 02, 2014, 01:32:58 PM |
|
Zero difficulty PoW is open door and cannot be trusted. One of possible fixes is to disable PoW.
Or you can have PoW with a reasonable subsidy and use it to secure the network, but then you just have PeerCoin. Unsurprisingly, Peercoin works because of this and not in spite of this. Now you've simply opened yourself to all the catastrophic bugs in PeerCoin's PoS system that you refuse to acknowledge. There are easy applied fixes for hybrid PoW/PoS with low subsidy that involve adjusting the trust of the timestamping of PoW blocks and content of PoW blocks in general -- but again, there are the same PoS bugs which already exist in PeerCoin, which are non-trivial. |
XMR: 44GBHzv6ZyQdJkjqZje6KLZ3xSyN1hBSFAnLP6EAqJtCRVzMzZmeXTC2AHKDS9aEDTRKmo6a6o9r9j86pYfhCWDkKjbtcns |
|
|
|
|
|
mgburks77
|
|
April 02, 2014, 02:05:46 PM |
|
So basically the claim is that because of this vulnerability it is possible to complete a 51% attack.
Is that or is that not also a possibility with pure PoS coins?
I'm not seeing how the security status of blackcoin is any different than the security status of mintcoin, as both are supposedly vulnerable to this attack. Which from what i gather is quite expensive to launch successfully and therefore highly unlikely in the first place.
|
|
|
|
|
tacotime
Legendary
Offline
Activity: 1484
Merit: 1005
|
|
April 02, 2014, 02:07:42 PM |
|
So basically the claim is that because of this vulnerability it is possible to complete a 51% attack.
Is that or is that not also a possibility with pure PoS coins?
I'm not seeing how the security status of blackcoin is any different than the security status of mintcoin, as both are supposedly vulnerable to this attack. Which from what i gather is quite expensive to launch successfully and therefore highly unlikely in the first place.
In the event of a fork, whether the fork is accidental or a malicious attempt to rewrite history and reverse a transaction, the optimal strategy for any miner is to mine on every chain, so that the miner gets their reward no matter which fork wins. Thus, assuming a large number of economically interested miners, an attacker may be able to send a transaction in exchange for some digital good (usually another cryptocurrency), receive the good, then start a fork of the blockchain from one block behind the transaction and send the money to themselves instead, and even with 1% of the total stake the attacker's fork would win because everyone else is mining on both. |
XMR: 44GBHzv6ZyQdJkjqZje6KLZ3xSyN1hBSFAnLP6EAqJtCRVzMzZmeXTC2AHKDS9aEDTRKmo6a6o9r9j86pYfhCWDkKjbtcns |
|
|
|
noerc
|
|
April 02, 2014, 02:08:51 PM |
|
Thanks a lot, this is very interesting. To problem #1: What exactly is meant with consensus failure and how does it affect network security? So if I have a faked time stamp that is t seconds in the future, how much less coins do I need to perform a 51% attack? |
|
|
|
|
|
