NEM (XEM) Official Thread - 100% New Code - Easy To Use APIs

[Soloha]

The best (re)action "right now" is doing nothing.

Don't try to "help."  That is counterproductive.


I agree with him

[DenisZabar]

I wanted to send XEM today and the nano wallet showed me the message "failure timestamp to far in the future". What does it mean?
First I thought it is because the node I was connected to is not synchronized. But I switched a few times and each time the message arose.

Check you computer time or set it to automaticly sync with internet time

[Tehfiend]

To the people worried about fungibility, they need to remember that this blacklist via tagging is not centrally enforceable. It is an opt-in tool that exchanges can use to avoid stolen XEM at THEIR discretion. NEM foundation can not enforce this blacklist so it's not a problem in relation to centralization.

As far as how the tagging might work, I would assume they might exempt known legit addresses like exchanges or community funds etc which would be trivial to do. I also assume they will not flag small amounts. Any innocent accounts that receive stolen funds and are flagged could simply surrender the stolen funds they received to have the tag removed. They could even automate all of this.

1) An account receives say 100+ stolen XEM.
2) System then flags the account via mosaic and includes a link to a PSA about the tag in the transactions message.
3) The PSA (public service announcement) explains instructions on where to return the stolen funds.
4) Account holder sends stolen funds to recovery account.
5) Flag is removed from account. In reality they can't automatically remove the flag so they could set a second flag that designates the account was cleaned. Or they could be sent enough of the mosaic to allow it to be removed manually.

Definitely feasible and an interesting way to address the issue of stolen funds.

[LemonAndFriesOne]

All of you act like there won't be blockchain analysts hired by the exchanges and other people with heavy bags monitoring the movement of these coins.

Relax, it was the exchange's fault and any attempt at cashing out these coins will immediately reveal who it was. Might as well call these coins as good as burned.

[bizonglimang]

Im hoping that the price would be stable . NEM platform would be in full swing and should dapps adapt its platform, and this would drive developers swoop down and use it.

[Tehfiend]

any attempt at cashing out these coins will immediately reveal who it was

Nope. That's only true if every single exchange, ICO, etc that supports NEM is MANUALLY tracking the stolen XEM and manually blacklisting in real time which is simply not going to happen. Even if so, many exchanges don't require verification so it wouldn't reveal who attempted to cash out.

Even with the tagging system, chances are there will be some exchanges that won't utilize it.

[Red_Sanford]

Whoever managed this heist is probably smart enough to outwit a simple tagging system.

I agree that the NEM team should have learned from ETH's mistake in getting involved in a theft.

[Renko]

The way I see it, is that this was CoinCheck's fault and they want NEM to do a hardfork to save their asses. If you are the owner of an exchange, you should have your private keys secured in a hardware wallet, cold storage or whatever, not in a word document in your laptop.  NEM's blockchain works flawlessly and that's why I agree that they shouldn't do a hardfork, If something works good, don't touch it. They are helping them with that "Tag system" which is a good idea, but making a fork?? really??

[marketone]

Whoever managed this heist is probably smart enough to outwit a simple tagging system.

I agree that the NEM team should have learned from ETH's mistake in getting involved in a theft.

Theft has already happened and the people who sold the coin will dump in the market and really the price NEM will drop in the market. It is a very sad to people who are supporting the NEM coin.

[ruletheworld]

The way I see it, is that this was CoinCheck's fault and they want NEM to do a softfork to save their asses. If you are the owner of an exchange, you should have your private keys secured in a hardware wallet, cold storage or whatever, not in a word document in your laptop.  NEM's blockchain works flawlesly and that's why I agree that they shouldn't do a softfork, If something works good, don't touch it. They are helping them with that "Tag system" wich is a good idea, but making a fork?? really??

Can you explain how you think doing a softfork can reverse this?

[zoom_rich]

We might never know exactly what did lead to the loss of the coins from CC.

I know fungibility is one of the key facts in Crypto. But what are the actions right now ?

Sure the foundation could just do nothing and let the markets collapse when the hacker is selling, but how would that help anyone involved.

In a true decentralized way, there is no possibilty to just hardfork and move on like ETH did.

How I get it is, that the devs try to flag the accounts and make it at least harder to sell the stolen coins. They can just help sending those mosaics, but anyone could develop such a tool and send mosaics. Whether it helps the exchanges in the longrun is not in the hands of the foundation. But that´s a good thing. They can´t "solve" this issue, but doing their best.

I would love to hear your solution/way to do it better

The best (re)action "right now" is doing nothing.

Don't try to "help."  That is counterproductive.

Those who formerly had NEM on a vulnerable exchange deserve to lose their coins.  They are by definition weak hands for letting someone take their coins.

Helping them with convoluted, unworkable tainting nonsense only encourages them to make the same mistake again.

They need tough love so they learn a lesson, not indulgence so they learn to depend on bailouts.

The best thing is for the stolen coins to be redistributed into stronger hands.  The attacker has already taken the first step by helping himself to the weaklings' coins.

The next step is to sell them off and hope NEM is antifragile enough to survive and emerge stronger from the harsh lessons in security and fungibility.

The hacker or whatever must be rewarded for finding the vulnerability, or it will discourage others from pen-testing.  The mechanism for that to happen is for those with empty bags to pay the hacker to refill them.  The re-buyers will thus have more skin in the game and not be so greedy and careless in the future.  That goes for the exchange as well as its customers.

NEM devs and community must also work on making their coin fungible and their network permissionless and decentralized.

But they don't want to do that.  Every architectural and organizational governance design decision shows NEM is fully intended to be the vanity project of one Satoshi-wannabe guy.

If Bitcoin can recover from dozens of MtGoxes and be stronger than ever WTF is NEM's excuse for treating its users like little babies who must be mollycoddled and protected from the consequences of their poor decisions?

Look to Bitcoin's history for an example of leaderless governance and antifragility to emulate.  Look to Monero for an example of 100% fungible (IE cannot be tainted) coins moving through a permissionless (IE can't be evil) network.

A little harsh, no? But your logic is damned sound. Harsh truths for a HODLer of my scale.

I’d like to see gentlemand’s response to this.

I do agree that the NEM team congratulating themselves on this is a bit ridiculous. But equally it isn’t their fault and they’re just trying to help. Remember that NEM is far more commercial a project than BTC and accordingly will have more sympathy and centralized governance you rail against.

What do others here think?

I just don't like the idea of not having compassion for those who lost their Nems. People will make human mistakes, especially when everything seems to be going good. It's not easy to lose money. But forget about crypto, the tone was like saying, "He was walking, got distracted because he noticed a full moon, a criminal saw his distraction, tripped him, landed face first and broke his face and got his wallet stolen. That's good for him for not paying attention, let the stronger one, the criminal that noticed his distraction have the money. He deserves it more."

[cryptonit]

beside support authorities tracking coins nothing that NEM foundation can and should do

all the responsibility is on the hacked exchange shoulders
and the shoulders of the people who did trust this exchange

blockchain got invented to remove trust out of exchange value
if people decide put trust back in by trust a exchange to protect their coins
then thats their own decision and they are responsible for the consequenses

never ever fork a coin because of external reasons

if i would be the  exchange i would offer the hacker 1 million $ as compensation for show them a security flaw
if he returns the coins

i guess its the only way he can monetize something
and it would be the most easy way situiation is resolved for all involved people

[vinci]

big exchanges will never accept the hacker's wallets
so A lot of you see it as 500 million XEM getting dumped but all I can see here is 1 person holding 500 milion xem for eternity 

[suky321]

big exchanges will never accept the hacker's wallets
so A lot of you see it as 500 million XEM getting dumped but all I can see here is 1 person holding 500 milion xem for eternity  

That's the way I see it as well, they're holding 500 million XEM and cannot exchange/sell them.  I would suggest that person approaches coincheck and makes a deal with them to return the funds for a monetary sum.  It would be in the interests of both parties.

[rigel]

Alexandra interviews Jeff McDonald about CoinCheck hack: https://www.youtube.com/watch?v=kAN0C3__5qU

[iCEBREAKER]

We might never know exactly what did lead to the loss of the coins from CC.

I know fungibility is one of the key facts in Crypto. But what are the actions right now ?

Sure the foundation could just do nothing and let the markets collapse when the hacker is selling, but how would that help anyone involved.

In a true decentralized way, there is no possibilty to just hardfork and move on like ETH did.

How I get it is, that the devs try to flag the accounts and make it at least harder to sell the stolen coins. They can just help sending those mosaics, but anyone could develop such a tool and send mosaics. Whether it helps the exchanges in the longrun is not in the hands of the foundation. But that´s a good thing. They can´t "solve" this issue, but doing their best.

I would love to hear your solution/way to do it better

The best (re)action "right now" is doing nothing.

Don't try to "help."  That is counterproductive.

Those who formerly had NEM on a vulnerable exchange deserve to lose their coins.  They are by definition weak hands for letting someone take their coins.

Helping them with convoluted, unworkable tainting nonsense only encourages them to make the same mistake again.

They need tough love so they learn a lesson, not indulgence so they learn to depend on bailouts.

The best thing is for the stolen coins to be redistributed into stronger hands.  The attacker has already taken the first step by helping himself to the weaklings' coins.

The next step is to sell them off and hope NEM is antifragile enough to survive and emerge stronger from the harsh lessons in security and fungibility.

The hacker or whatever must be rewarded for finding the vulnerability, or it will discourage others from pen-testing.  The mechanism for that to happen is for those with empty bags to pay the hacker to refill them.  The re-buyers will thus have more skin in the game and not be so greedy and careless in the future.  That goes for the exchange as well as its customers.

NEM devs and community must also work on making their coin fungible and their network permissionless and decentralized.

But they don't want to do that.  Every architectural and organizational governance design decision shows NEM is fully intended to be the vanity project of one Satoshi-wannabe guy.

If Bitcoin can recover from dozens of MtGoxes and be stronger than ever WTF is NEM's excuse for treating its users like little babies who must be mollycoddled and protected from the consequences of their poor decisions?

Look to Bitcoin's history for an example of leaderless governance and antifragility to emulate.  Look to Monero for an example of 100% fungible (IE cannot be tainted) coins moving through a permissionless (IE can't be evil) network.

A little harsh, no? But your logic is damned sound. Harsh truths for a HODLer of my scale.

I’d like to see gentlemand’s response to this.

I do agree that the NEM team congratulating themselves on this is a bit ridiculous. But equally it isn’t their fault and they’re just trying to help. Remember that NEM is far more commercial a project than BTC and accordingly will have more sympathy and centralized governance you rail against.

What do others here think?

I just don't like the idea of not having compassion for those who lost their Nems. People will make human mistakes, especially when everything seems to be going good. It's not easy to lose money. But forget about crypto, the tone was like saying, "He was walking, got distracted because he noticed a full moon, a criminal saw his distraction, tripped him, landed face first and broke his face and got his wallet stolen. That's good for him for not paying attention, let the stronger one, the criminal that noticed his distraction have the money. He deserves it more."

What ideas you like or don't like have zero bearing on the facts of the matter.

Nobody denied that "people will make human mistakes."  The debate is about the best way to go forward given that completely obvious and undisputed fact.

Your cherry-picked analogy is idiotic.  Buying NEM because you are a greedy moonchild and choosing to keep it on an exchange is nothing like walking and being distracted.

Please try to stick to the actual highly technical subject matter instead of retreating into lazy, derpy generalizations and obviously misleading, self-pitying, irrelevant nonsense about victimology.

The topic of this thread is NEM and the reported hack of an exchange.  If you cannot participate in that discussion in a meaningful way, shut the hell up and listen to the adults talk.

Better yet, go read some Nassim Taleb and come back when you are ready to accept responsibility for your regrettable decisions instead of demanding bailouts and sympathy.

Your fragile little emotions are not important.  Nobody cares how you feel, especially when you mewl for "compassion" like a goddamn infant.  This is crypto, not day care.  Grow up and learn to function in the harsh realities of the real world.  Or perish.  Bitcoin doesn't care one way or the other, and neither do I.

[nzminer]

Its totally coinchecks fault, and cointelegraph incorrectly reported that NEM has no multisig in the news article, hence the hack happened.

The truth is that Coincheck were the ones lazy and had no multisig contract.

foolsih for an exchange not to use this.
Anyway, NEM technology has proven itself as secure.

[jkoil]

To the people worried about fungibility, they need to remember that this blacklist via tagging is not centrally enforceable. It is an opt-in tool that exchanges can use to avoid stolen XEM at THEIR discretion. NEM foundation can not enforce this blacklist so it's not a problem in relation to centralization.

As far as how the tagging might work, I would assume they might exempt known legit addresses like exchanges or community funds etc which would be trivial to do. I also assume they will not flag small amounts. Any innocent accounts that receive stolen funds and are flagged could simply surrender the stolen funds they received to have the tag removed. They could even automate all of this.

1) An account receives say 100+ stolen XEM.
2) System then flags the account via mosaic and includes a link to a PSA about the tag in the transactions message.
3) The PSA (public service announcement) explains instructions on where to return the stolen funds.
4) Account holder sends stolen funds to recovery account.
5) Flag is removed from account. In reality they can't automatically remove the flag so they could set a second flag that designates the account was cleaned. Or they could be sent enough of the mosaic to allow it to be removed manually.

Definitely feasible and an interesting way to address the issue of stolen funds.

good procedure ... maybe there are involved the "humans" I was needing

4b) If the Accont holder does not send, then the flag remains in his account ?

[jkoil]

beside support authorities tracking coins nothing that NEM foundation can and should do

all the responsibility is on the hacked exchange shoulders
and the shoulders of the people who did trust this exchange

blockchain got invented to remove trust out of exchange value
if people decide put trust back in by trust a exchange to protect their coins
then thats their own decision and they are responsible for the consequenses

never ever fork a coin because of external reasons

if i would be the  exchange i would offer the hacker 1 million $ as compensation for show them a security flaw
if he returns the coins

i guess its the only way he can monetize something
and it would be the most easy way situiation is resolved for all involved people

good points ... agreed with 2.5 of them.

When the NEM blockchain was just started, the Devs said several times that the safest place for the coins is your own account, do not trust in exchanges.
Anyway we must have some trust in exchanges, coz otherwise we could not use them.  
And if the exchange is saying thay they use cold storage, then it sounds safe enough.

I hope that there are few other ways to get the coins back, not just paying the ransoms or compensations.
The procedure which was in Tehfiend's post, seemed to be reasonable and possible to be implemented.

I do not believe in the vision that says "the coins are burned". Because [...CENSORED. Not a good idea to publish a "bad" idea.]

[Starving_Marvin]

On a positive note, all publicity is good publicity...