SuperClam (OP)
|
|
June 08, 2015, 07:39:19 AM |
|
Clams have always been experimental.. though due to increased community and associated value we greatly limit the experimental ideas. Some things work out some things don't, the lottery was a case of the latter. To suggest it represents a worrisome history of exploitation is a little misleading coming from you imo. We (the developers) never claimed to be perfect, In fact I'm sure you can find multiple posts we suggest were not and ask for help. We are however all very passionate about technology and cryptocurrency and most especially clams.
I know you aren't perfect and I really do think you try Xploited however that doesn't mean your system didn't get gamed by a person very high up the ladder. I'm not being misleading & ya it's slightly worrisome... to me this seems misleading: CLAM's history of being exploited by developers is worrisome. (I do believe you and xploited though)
CLAM has a history of being exploited by developers? Funny, you would think I would be aware of such things. Surely to god Creative is aware that tens of thousands of CLAMS were gamed through a lottery system that dooglus spotted and pushed for a fix. Why would she not be aware of such things? Please someone correct me if I'm wrong. I'm not perfect. None of this is new news. dooglus tracked down rat4, the perpetrator; but, I believe either xploited or tryphe noticed the exploit. Regardless, rat4 has never been a developer on the CLAM project. rat4 develop(s?ed?) for Blackcoin - an entirely different project upstream of our code base. Be clear in your accusations and wording. "CLAM's history of being exploited by developers is worrisome." This insinuates that the people who donate time to work on the CLAM project are involved in your "exploitations". That is not the case.
Further, I think this is all a bit disingenuous on your part. You claim to value decentralization; yet you worked tirelessly to express your opinion that the client was untrustworthy - despite volumes of evidence to the contrary. You spent hours recommending that users use the very service that currently controls the largest stake weight to insulate themselves from the "shady" client. The same "shady" client which makes up the backbone of the CLAM network and indeed represents the very software needed to create the decentralization you supposedly seek.
More importantly, you now rail against "developer exploitation", in the middle of a disagreement over your desire to earn advertising dollars. I think it is not a coincidence that you fail to mention this "developer" manages an entirely different project. Even worse, you condemn the "thousands" of CLAM staked during the short window of the exploit, despite the fact that those coins were apparently dumped during the time in which you accrued your personal share of CLAM - and proceeded to profit quite significantly from the same.
I think everyone, including me, likes you BAC. You've worked hard promoting CLAM and consistently been an evangelist for the project. That work has been priceless and is greatly appreciated. However, shame on you for the ad hominem attacks and disingenuous concern. I wish you would stop slapping babies in pursuit of a dime, and come back into the fold. The CLAM project could use you.
|
|
|
|
BayAreaCoins
Legendary
Offline
Activity: 3962
Merit: 1250
Owner at AltQuick.com
|
|
June 08, 2015, 08:05:45 AM |
|
Be clear in your accusations and wording.
He was a developer and he exploited CLAM. I even through in the bit that I don't think Xploited and yourself where in bed with him on it, but I can't prove you weren't. Further, I think this is all a bit disingenuous on your part. You claim to value decentralization; yet you worked tirelessly to express your opinion that the client was untrustworthy - despite volumes of evidence to the contrary. You spent hours recommending that users use the very service that currently controls the largest stake weight to insulate themselves from the "shady" client. The same "shady" client which makes up the backbone of the CLAM network and indeed represents the very software needed to create the decentralization you supposedly seek.
Where have I said the clam client is untrustworthy?? I just understand that people are sick of downloading wallet after wallet. I don't think I even called it shady either... I called it a private key sniffing wallet. Which I stand by. CLAM needs 7 mega services to decentralize properly IMO. Not every dipshit altcoiner in dipshit altcoin land running a CLAM wallet. That's a wasteful. Even worse, you condemn the "thousands" of CLAM staked during the short window of the exploit, despite the fact that those coins were apparently dumped during the time in which you accrued your personal share of CLAM - and proceeded to profit quite significantly from the same.
Timing eh? That lined up pretty perfectly I can't lie. However, shame on you for the ad hominem attacks and disingenuous concern.
I have no clue what that means, but this is what I honestly lay in bed worrying about. It's probably because I take my tin foil hat off to sleep, but o well! The partners of Clamcoin.org owned roughly 10% of all the CLAMS in existence up until not long ago... so of course I worried. I wish you would stop slapping babies in pursuit of a dime, and come back into the fold.
|
|
|
|
jd1959
|
|
June 08, 2015, 09:19:03 AM |
|
Chillax Guys while debate is good thing, there is a fine line that's best left uncrossed where it starts to look like an argument and losses focus. I've been watching this thread for months and I can speak no evil of Superclam or dooglus. Clams has been and continues to be an interesting and exciting experiment. Any how that's my 2 cents worth love to all. Jon
|
dICO Disguised Instant Cash Out
|
|
|
grouper fish
|
|
June 08, 2015, 10:23:21 AM |
|
Hi! Trying to import an old multibit wallet using the following steps, Download the CLAM Client, below. Open MultiBit. Click Tools -> Export Private Keys. Select "Do not password protect export file". Enter your wallet password, if any. Click "Export Private Keys". Find the multbit.key file (or whatever you named to exported keys). Copy it into the folder where you have the clam-qt.exe file. Open the CLAM Client. Click Help -> Debug window. Select the "Console" Tab. Type: importwallet multibit.key (or whatever you named to exported keys). Enjoy your CLAMS This gets me a "CDB : Error 2, can't open database (code -1)" message in the console. is there an easy way to convert the .wallet file to a .dat file? Or is there another way to import a .wallet (or .key) file directly? sorry if this is an old question, I'm new to CLAM.
|
|
|
|
blueshoe
Sr. Member
Offline
Activity: 277
Merit: 250
<space>
|
|
June 08, 2015, 11:57:41 AM |
|
Hi! is there an easy way to convert the .wallet file to a .dat file? Or is there another way to import a .wallet (or .key) file directly? sorry if this is an old question, I'm new to CLAM. console importprivkey 5xyzyourkeyxxxxx But what surprises me, there is no one who can prove that the private keys are safe? There must be someone who can explain that and why the keys are secure. There has to be a fact that exists or not. Where is the explanation?
|
|
|
|
grouper fish
|
|
June 08, 2015, 12:13:08 PM |
|
Hi! is there an easy way to convert the .wallet file to a .dat file? Or is there another way to import a .wallet (or .key) file directly? sorry if this is an old question, I'm new to CLAM. console importprivkey 5xyzyourkeyxxxxx But what surprises me, there is no one who can prove that the private keys are safe? There must be someone who can explain that and why the keys are secure. There has to be a fact that exists or not. Where is the explanation? Thank you. Not to worried about this key in particular (old empty wallet) but I will be following to see if there is a good explanation to what happens to the keys.
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
June 08, 2015, 06:06:20 PM |
|
But what surprises me, there is no one who can prove that the private keys are safe? There must be someone who can explain that and why the keys are secure. There has to be a fact that exists or not. Where is the explanation?
I can try to explain how it works... Replace BTC with LTC or DOGE throughout, because it applies to them just the same... for the sake of simplicity I'll assume you're importing a BTC private key. When the initial distribution was made, the CLAM developers looked at the BTC blockchain, and made a list of all the addresses that had funds. They converted each BTC address into the corresponding CLAM address. The only difference is the "version number" that is used to convert the RIPE-MD hash into an address - in BTC it's version 1 (which makes BTC addresses begin with a '1') and in CLAM it's version 137 (which makes CLAM addresses begin with an 'x'). Then they funded each of the corresponding CLAM addresses with 4.6 CLAMs. To spend those 4.6 CLAM outputs, you need the addresses' private keys. The private key for each CLAM address is the same as the corresponding BTC address' private key. To spend an output, you create a transaction that moves the value to a new address, and sign it using the private key. Then you broadcast the signed transaction to the network. The private key itself is only used for signing and isn't broadcast. Whether "the keys are secure" or not depends on whether the CLAM client software is trustworthy or not. You are giving it your private keys, and trusting it to only use them to sign a transaction that moves your 4.6 CLAMs for you. In theory it is possible that it could also check whether there is a balance at the corresponding BTC address. It could, in theory steal any such BTC. There have been no reports ever of the CLAM client software stealing anyone's BTC, so it's likely safe. Also the source code is open source. You can inspect it, and build the client for yourself from source. That's what I do. Incidentally, note that any random shitcoin wallet you download is just as able to steal your BTC. When you download and run a program, it can do whatever it wants on your computer. There's nothing to stop it looking in your bitcoin folder and uploading your BTC private keys to its author. There's nothing to stop it watching you type your wallet passphrase into the Bitcoin wallet, and then telling the passphrase to its owner. The message here is to be careful *whenever* you download and run programs from the Internet. Any program is potentially coin-stealing malware. This probably isn't what you were hoping to hear, but it's the truth. Downloading and running programs basically allows the program's author to do whatever he likes on your computer, whether or not that program has an "import wallet' menu entry. Personally I trust the CLAM client, and have imported wallets which have hundreds of BTC still in them without any issue.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
SuperClam (OP)
|
|
June 08, 2015, 06:40:03 PM |
|
But what surprises me, there is no one who can prove that the private keys are safe? There must be someone who can explain that and why the keys are secure. There has to be a fact that exists or not. Where is the explanation?
I can try to explain how it works... Replace BTC with LTC or DOGE throughout, because it applies to them just the same... for the sake of simplicity I'll assume you're importing a BTC private key. When the initial distribution was made, the CLAM developers looked at the BTC blockchain, and made a list of all the addresses that had funds. They converted each BTC address into the corresponding CLAM address. The only difference is the "version number" that is used to convert the RIPE-MD hash into an address - in BTC it's version 1 (which makes BTC addresses begin with a '1') and in CLAM it's version 137 (which makes CLAM addresses begin with an 'x'). Then they funded each of the corresponding CLAM addresses with 4.6 CLAMs. To spend those 4.6 CLAM outputs, you need the addresses' private keys. The private key for each CLAM address is the same as the corresponding BTC address' private key. To spend an output, you create a transaction that moves the value to a new address, and sign it using the private key. Then you broadcast the signed transaction to the network. The private key itself is only used for signing and isn't broadcast. Whether "the keys are secure" or not depends on whether the CLAM client software is trustworthy or not. You are giving it your private keys, and trusting it to only use them to sign a transaction that moves your 4.6 CLAMs for you. In theory it is possible that it could also check whether there is a balance at the corresponding BTC address. It could, in theory steal any such BTC. There have been no reports ever of the CLAM client software stealing anyone's BTC, so it's likely safe. Also the source code is open source. You can inspect it, and build the client for yourself from source. That's what I do. Incidentally, note that any random shitcoin wallet you download is just as able to steal your BTC. When you download and run a program, it can do whatever it wants on your computer. There's nothing to stop it looking in your bitcoin folder and uploading your BTC private keys to its author. There's nothing to stop it watching you type your wallet passphrase into the Bitcoin wallet, and then telling the passphrase to its owner. The message here is to be careful *whenever* you download and run programs from the Internet. Any program is potentially coin-stealing malware. This probably isn't what you were hoping to hear, but it's the truth. Downloading and running programs basically allows the program's author to do whatever he likes on your computer, whether or not that program has an "import wallet' menu entry. Personally I trust the CLAM client, and have imported wallets which have hundreds of BTC still in them without any issue. Well written; as always.
Incidentally, note that any random shitcoin wallet you download is just as able to steal your BTC. When you download and run a program, it can do whatever it wants on your computer. There's nothing to stop it looking in your bitcoin folder and uploading your BTC private keys to its author. There's nothing to stop it watching you type your wallet passphrase into the Bitcoin wallet, and then telling the passphrase to its owner. The message here is to be careful *whenever* you download and run programs from the Internet. Any program is potentially coin-stealing malware.
I think this portion deserves emphasis. If someone wanted to steal your BTC, LTC and/or DOGE - there are easier, less suspect, ways to go about it.
|
|
|
|
ShapeShift.io
|
|
June 09, 2015, 05:16:48 PM |
|
ShapeShift.io has released the first-ever cryptocurrency exchange app for iPhone. Buy or sell CLAMs instantly and on-the-go with the ShapeShift App. Download the app: http://apple.co/1FU6NjmLearn about the app in this Forbes article: http://onforb.es/1dtZqVXNOTE: ShapeShift will be adding their Android app soon. Stay tuned!
|
Follow us on our new profile: ShapeShift.com
Sign up for our closed beta waitlist: beta.shapeshift.com
|
|
|
richiela
|
|
June 09, 2015, 10:19:56 PM |
|
Can the dev team please get a hold of us? having some issues with the wallet richie@bittrex
|
|
|
|
richiela
|
|
June 10, 2015, 12:04:06 AM |
|
Can the dev team please get a hold of us? having some issues with the wallet richie@bittrex Thanks for the quick reply and assist... wallet is open again... richie@bittrex
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
June 10, 2015, 09:57:45 AM |
|
Can the dev team please get a hold of us? having some issues with the wallet richie@bittrex Thanks for the quick reply and assist... wallet is open again... richie@bittrex It seems the bittrex wallet got so full of dust outputs that it was unable to make any outgoing payments without exceeding the transaction size limit. I made a change to my CLAM repository which aims to prevent this from happening again in the future. It could do with some peer review and testing before it gets into the official releases.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
SuperClam (OP)
|
|
June 10, 2015, 05:06:33 PM |
|
CLAM v. 1.4.11 has been in the wild now for a bit.
Please submit any major issues you have had with this new version.
If we don't see any major issues - CLAM v. 1.4.11 will be bumped to STABLE.
|
|
|
|
joele
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
June 11, 2015, 01:56:42 AM |
|
Wow, I just learned this CLAM on justdice today, it means I have some CLAMS!
|
|
|
|
SuperClam (OP)
|
|
June 11, 2015, 02:27:13 AM |
|
Wow, I just learned this CLAM on justdice today, it means I have some CLAMS! Glad to hear It is messages like that re-affirm we made the right decision with our distribution! Enjoy
|
|
|
|
ikal
|
|
June 11, 2015, 03:35:04 AM |
|
Thank you for getting in touch with us. Clam is currently experiencing a delay when it comes to processing transactions, especially withdrawals and will be repaired soon. Please be patient as we repair the issue and get your withdraw moving to you. If you want, you may have this withdrawal cancelled until the issue with this coin is resolved. Thank you kindly for your patience and understanding.
Sincerely, Marjorie Cryptsy.com
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
June 11, 2015, 05:09:37 AM |
|
Thank you for getting in touch with us. Clam is currently experiencing a delay when it comes to processing transactions, especially withdrawals and will be repaired soon. Please be patient as we repair the issue and get your withdraw moving to you. If you want, you may have this withdrawal cancelled until the issue with this coin is resolved. Thank you kindly for your patience and understanding.
Sincerely, Marjorie Cryptsy.com
I wonder if that's the same issue that bittrex was having yesterday. This is an untested change that I made yesterday, which I hope will stop the buildup of dust outputs in the wallet, and so prevent these issues from continuing to happen.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
SuperClam (OP)
|
|
June 11, 2015, 05:50:39 AM |
|
Thank you for getting in touch with us. Clam is currently experiencing a delay when it comes to processing transactions, especially withdrawals and will be repaired soon. Please be patient as we repair the issue and get your withdraw moving to you. If you want, you may have this withdrawal cancelled until the issue with this coin is resolved. Thank you kindly for your patience and understanding. Sincerely, Marjorie Cryptsy.com
I wonder if that's the same issue that bittrex was having yesterday. This is an untested change that I made yesterday, which I hope will stop the buildup of dust outputs in the wallet, and so prevent these issues from continuing to happen. Marjorie, Please feel free to stop in to the freenode IRC #clams channel - we would be happy to assist. Cheers!
|
|
|
|
Trent Russell
Full Member
Offline
Activity: 132
Merit: 100
willmathforcrypto.com
|
|
June 11, 2015, 08:28:35 AM |
|
If someone wants to claim their clams and doesn't want to trust the clam client with their private keys, here's a way that should work:
1. Download the client and one of dooglus' bootstrap files. Copy them to an offline ("airgapped") computer.
2. Start the client on the offline computer. Import your private keys there. Create and sign a transaction sending your clams to another clam address. (Maybe just a shapeshift address if you just want to convert them to BTC.)
3. Copy the long hex string of the signed transaction to an online computer.
4. Push the signed transaction onto the network. There may be a website that lets you push signed transactions onto the clam network. If not, just start the client online (without importing your private keys) and when it connects use "sendrawtransaction" with that long hex string.
I haven't done this myself, but it seems clear enough that it should work.
|
|
|
|
clipman77
Legendary
Offline
Activity: 1610
Merit: 1008
|
|
June 11, 2015, 08:32:45 AM |
|
If someone wants to claim their clams and doesn't want to trust the clam client with their private keys, here's a way that should work:
1. Download the client and one of dooglus' bootstrap files. Copy them to an offline ("airgapped") computer.
2. Start the client on the offline computer. Import your private keys there. Create and sign a transaction sending your clams to another clam address. (Maybe just a shapeshift address if you just want to convert them to BTC.)
3. Copy the long hex string of the signed transaction to an online computer.
4. Push the signed transaction onto the network. There may be a website that lets you push signed transactions onto the clam network. If not, just start the client online (without importing your private keys) and when it connects use "sendrawtransaction" with that long hex string.
I haven't done this myself, but it seems clear enough that it should work.
Well, I'll try this option, I hope that I will succeed.
|
|
|
|
|