Bitcoin Forum
November 14, 2024, 08:24:33 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 6 7 8 9 »  All
  Print  
Author Topic: Mintpal hacked (VeriCoin)  (Read 11042 times)
Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 13, 2014, 09:49:22 PM
 #21

I think I speak for everyone here, when I say that MintPal should release a statement as to how exactly the attack took place.

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Say for example if one of the developers (who holds a large amount of VRC) get's hacked they could just hard fork VRC again just to retrieve their coins. It may sound good to those who lost their coins, heck I'd be happy if I owned VRC and got my coins back, but what they've just done is centralize VRC
mr_random
Legendary
*
Offline Offline

Activity: 1344
Merit: 1001



View Profile
July 13, 2014, 09:57:51 PM
 #22

I would like to know why so many Vericoin were in the hotwallet?

I have always been suspicious that Mintpal was not following cold storage best practices. This unfortunate incident may confirm it.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
r0ach
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
July 13, 2014, 10:00:46 PM
 #23

This would have been a large loss to Mintpal.  If Vericoin didn't voluntarily fork this, I'm pretty sure there would have been some behind the scenes bribes of tens of thousands of dollars to do it.

......ATLANT......
..Real Estate Blockchain Platform..
                    ▄▄▄▄▄▄▄▄▄
                    ████████████░
                  ▄██████████████░
                 ▒███████▄████████░
                ▒█████████░████████░
                ▀███████▀█████████
                  ██████████████
           ███████▐██▀████▐██▄████████░
          ▄████▄█████████▒████▌█████████░
         ███████▄█████████▀██████████████░
        █████████▌█████████▐█████▄████████░
        ▀█████████████████▐███████████████
          █████▀████████ ░███████████████
    ██████▐██████████▄████████████████████████░
  ▄████▄████████▐███████████████░▄▄▄▄░████████░
 ▄██████▄█████████▐█████▄█████████▀████▄█████████░
███████████████████▐█████▄█████████▐██████████████░
▀████████▀█████████▒██████████████▐█████▀█████████
  ████████████████ █████▀█████████████████████████
   ▀██▀██████████ ▐█████████████  ▀██▀██████████
    ▀▀█████████    ▀▀█████████    ▀▀██████████

..INVEST  ●  RENT  ●  TRADE..
 ✓Assurance     ✓Price Discovery     ✓Liquidity     ✓Low Fees





███
███
███
███
███
███





███
███
███
███
███
███
███
███
███
███
███
███

◣Whitepaper ◣ANN ThreadTelegram
◣ Facebook     ◣ Reddit          ◣ Slack


███
███
███
███
███
███
███
███
███
███
███
███





███
███
███
███
███
███








Hero/Legendary members
micaman
Sr. Member
****
Offline Offline

Activity: 345
Merit: 500



View Profile WWW
July 13, 2014, 10:02:14 PM
 #24

They are creating a very dangerous precedent.
It's like creating a hard-fork just because someone is stupid.
ethought
Legendary
*
Offline Offline

Activity: 1316
Merit: 1000



View Profile
July 13, 2014, 10:02:22 PM
 #25

I think I speak for everyone here, when I say that MintPal should release a statement as to how exactly the attack took place.

I agree.

If for nothing else, to possibly help another exchange or service not fall for the same vulnerability.

Plus if the issue / vulnerability is now fixed what have they got to lose?
mickey mouse
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
July 13, 2014, 10:10:05 PM
 #26

This could damage mintpal's credibility. They could begin to look like a mickey mouse exchange after this.
kbm
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
July 13, 2014, 10:11:44 PM
Last edit: July 13, 2014, 10:29:32 PM by kbm
 #27

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Can a hardfork even be enforced without >51% consensus of those staking? I really don't know .. anyone care to fill me in please?

I'm asking if this can be stopped if simply not enough people download and run the new fork, and instead continue using the old one.

Edit: Actually I'd like to point out a serious flaw here. With a large theft, the consensus mechanism will now be flawed in that there will be a majorly disproportionate number of people staking the old fork (Due to the theft itself) compared to those trying to stake the new fork (as anyone in favor of the new fork will now have zero coins). This seems to be a massive security flaw in using centralized exchanges. That is, if 51% of stake is required to enforce the fork in the first place.

Thanks Smiley
Wulfcastle
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile WWW
July 13, 2014, 10:22:01 PM
 #28

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Can a hardfork even be enforced without >51% consensus of those staking? I really don't know .. anyone care to fill me in please?

I'm asking if this can be stopped if simply not enough people download and run the new fork, and instead continue using the old one.

Edit: Actually I'd like to point out a serious flaw here. With a large theft, the consensus mechanism will now be flawed in that there will be a majorly disproportionate number of people staking the old fork (Due to the theft itself) compared to those trying to stake the old fork (as anyone in favor of the new fork will now have zero coins). This seems to be a massive security flaw in using centralized exchanges. That is, if 51% of stake is required to enforce the fork in the first place.

Well I'm sure if the hacker managed to withdraw the coins they hacked, and the amount of the coins hacked is greater than 51% of the current network stake, the hacker could just stake all the hacked coins and cause another fork as in this case the hacked coins would account for > 51% of the network stake.

In any case I'll be removing my coins from MintPal until they release a statement about how the coins were actually stolen/hacked in the first place.
kbm
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
July 13, 2014, 10:26:52 PM
 #29

Well I'm sure if the hacker managed to withdraw the coins they hacked, and the amount of the coins hacked is greater than 51% of the current network stake, the hacker could just stake all the hacked coins and cause another fork as in this case the hacked coins would account for > 51% of the network stake.

In any case I'll be removing my coins from MintPal until they release a statement about how the coins were actually stolen/hacked in the first place.

I'm not saying the hacker needs 51%, I'm just saying that in the matter of an instant .. the consensus mechanism became flawed. The votes of potentially thousands of people literally just became one large vote, and it's totally opposite of what those (potentially) thousands of people would vote for in the first place. This goes for any amount of coins, be it 5, 10, or 20%. No matter the percentage, the coins are no longer in the hands of those that would have been otherwise able to vote for consensus.

Thanks Smiley
mrkavasaki
Hero Member
*****
Offline Offline

Activity: 888
Merit: 500


View Profile
July 13, 2014, 10:28:44 PM
 #30

and what we learn from this? only use decentralized exchanger like http://blackhalo.info/
and thats why blackcoin is the future Cool Wink
Benefactor
Hero Member
*****
Offline Offline

Activity: 1260
Merit: 504



View Profile
July 13, 2014, 10:29:17 PM
 #31

a lot of negative precedents are being set more frequently and unless Regulation is put in place and fast i am getting out of this shit scam pit of bullshit scene.
What?  Nobody who 'gets' crypto would request "Regulation"!  Are you from the City of London or something?

Maybe you mean self-regulation or something.

If every country in the world 'regulated' crypto, YOU STILL CAN'T CONTROL IT THIS WAY!

Please retract your comment, or I will consider you a shill for the powers that be.


       ▄▄███▄    ▄███▄▄
     ▄▀▀    █    █    ▀▀▄
    ██    ▄▄▀    ▀▄▄    ██
    ▀▄▄▄█▀▀        ▀▀█▄▄▄▀
  ▄▄█▀█▄              ▄█▀█▄▄
▄█▀     ▀▀█▄     ▄▄█▀▀     ▀█▄
██          ▀█▄▄█▀          ██
▀█▄     ▄▄▄█▀▀  ▀▀▀▄▄▄     ▄█▀
  ▀█▄▄▄▀▀            ▀▀▄▄▄█▀
   █▀▀▄▄▄            ▄▄▄▀▀█
   ██  ▀▀▀▄▄      ▄▄▀▀▀  ██
    ▀▄     █      █     ▄▀
      ▀▀▄▄▄▀      ▀▄▄▄▀▀
.
.cogwise.
  ▄
█  █
  █
█  █
  █
█  █

  █
█  █
  █
█  █
  █
█  █
  ▀
.Hyper-charge your trading with intelligent insights.  ▄
█  █
  █
█  █
  █
█  █

  █
█  █
  █
█  █
  █
█  █
  ▀
▄█████████████████████▄
███████████████████████
████▀███████▀   ▀▀▀▄███
███▌  ▀▀███▌       ▄███
███▀               ████
███▄              █████
████▄            ██████
█████▄▄        ▄███████
████▄       ▄██████████
███████████████████████
▀█████████████████████▀

▄█████████████████████▄
███████████████████████
████████████████▀▀█████
███████████▀▀▀    █████
██████▀▀▀   ▄▀   ██████
███▄     ▄█▀     ██████
██████▄ █▀      ███████
███████▌▐       ███████
████████ ▄██▄  ████████
██████████████▄████████
▀█████████████████████▀

▄█████████████████████▄
███████████████████████
█████  ▄▄▄▄▄  ▄▀███████
█████  █████  ██▄▀█████
█████  █▀▀██▄▄▄▄  █████
█████  █▀▀▀▀▀▀▀█  █████

█████  █▀▀▀▀▀▀▀█  █████
█████  █▀▀▀▀▀▀▀█  █████
█████  ▀▀▀▀▀▀▀▀▀  █████
███████████████████████
▀█████████████████████▀

freedomno1
Legendary
*
Offline Offline

Activity: 1820
Merit: 1090


Learning the troll avoidance button :)


View Profile
July 13, 2014, 10:58:43 PM
 #32

Quote
1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

Believing in Bitcoins and it's ability to change the world
gustav
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
July 13, 2014, 11:01:58 PM
 #33

Quote
1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

we don't know that yet. On vrc-thread people say ltc and btc was touched by the hack too.
micaman
Sr. Member
****
Offline Offline

Activity: 345
Merit: 500



View Profile WWW
July 13, 2014, 11:49:35 PM
 #34

Quote
1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked
So someone broke into a shop, took the candy and left the register? Damn kids these days...
foodies123
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250


View Profile
July 14, 2014, 12:03:28 AM
 #35

Quote
1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked
So someone broke into a shop, took the candy and left the register? Damn kids these days...

mintpal was most likely keeping it all in a hotwallet staking the shiznit out of it because you know ... profits.

nope
Petr1fied
Hero Member
*****
Offline Offline

Activity: 630
Merit: 502


View Profile
July 14, 2014, 12:07:05 AM
 #36

The whole idea of rolling back a blockchain because an exchange lost coins is ridiculous. Mintpal should make good on the losses out of their own pocket for their sheer incompetence. Even if it means the death of their exchange and the collapse of the market value of VRC.

If they can't secure their customers coins and aren't prepared to pay for their own mistakes in the event of a security breach then they don't deserve to be in business.
micaman
Sr. Member
****
Offline Offline

Activity: 345
Merit: 500



View Profile WWW
July 14, 2014, 12:23:04 AM
 #37

The whole idea of rolling back a blockchain because an exchange lost coins is ridiculous. Mintpal should make good on the losses out of their own pocket for their sheer incompetence. Even if it means the death of their exchange and the collapse of the market value of VRC.

If they can't secure their customers coins and aren't prepared to pay for their own mistakes in the event of a security breach then they don't deserve to be in business.
Exactly.


Mintpal Hack "attacker targeted BTC, LTC, and VRC" - P. Nosker, Vericoin Dev
https://bitcointalk.org/index.php?topic=602041.msg7821972#msg7821972
ThousandFaces
Newbie
*
Offline Offline

Activity: 55
Merit: 0


View Profile
July 14, 2014, 12:23:48 AM
 #38

I am not nearly as well versed as most people on here when it comes to the inner workings of crypto on the development level. When I read this press release I thought to myself that this is terribly scary that developers can just decide activity is no longer valid should they choose. I thought to myself that I must be missing something because it is the opposite of crypto's intentions. I came across this thread and can see that clearly many people agree with me.

What a shameful thing VRC developers did today. The responsibility for reimbursement falls on MintPal. That being said, I like MP. Exchanges get hacked, people get hacked, it's the way this crypto-world works right now, unfortunately. And even the biggest stock exchanges get hacked. So anyone pretending that a hacking incident is somehow a black dot, get over it. The next couple of days will dictate whether they are big boys and girls and handle this properly, or not. If they don't and this type of thing keeps happening, then I will change my mind...

Best of luck to everyone out there!
sirsmokesalot
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500



View Profile
July 14, 2014, 12:50:39 AM
 #39

I am not nearly as well versed as most people on here when it comes to the inner workings of crypto on the development level. When I read this press release I thought to myself that this is terribly scary that developers can just decide activity is no longer valid should they choose. I thought to myself that I must be missing something because it is the opposite of crypto's intentions. I came across this thread and can see that clearly many people agree with me.

What a shameful thing VRC developers did today. The responsibility for reimbursement falls on MintPal. That being said, I like MP. Exchanges get hacked, people get hacked, it's the way this crypto-world works right now, unfortunately. And even the biggest stock exchanges get hacked. So anyone pretending that a hacking incident is somehow a black dot, get over it. The next couple of days will dictate whether they are big boys and girls and handle this properly, or not. If they don't and this type of thing keeps happening, then I will change my mind...

Best of luck to everyone out there!

I was going to say something, but you said it just as well. Because of the ineptitude of an exchange, the coin rolls back? WOW. 

We can't grow when we won't criticize ourselves!
-->>>Unobtanium - The crypto you keep!<<<--
InvestorPerson
Sr. Member
****
Offline Offline

Activity: 316
Merit: 250


View Profile
July 14, 2014, 12:54:39 AM
 #40

AWESOME  Grin

from now on, everytime someone doesn't like where coins are moving (be it theft or whatever), they'll just scream HACKERZZ, force a hardfork+rollback, et voila

job well done verifunnycoin and mintpal. that's gonna help the whole crypto world


sadly the sheep will jump right back at verifunnycoin and put more money in it

whoever sells below 29k now must be a complete retard....
Pages: « 1 [2] 3 4 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!