Bitcoin Forum
March 28, 2024, 03:23:12 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 »  All
  Print  
Author Topic: [VXC] V.Cash (Was: [VNL] Vanillacoin), a quiet word of warning.  (Read 14182 times)
gmaxwell (OP)
Staff
Legendary
*
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
January 11, 2015, 07:04:43 AM
Last edit: June 27, 2016, 07:56:04 PM by gmaxwell
 #1

Greeting, this evening john-connor showed up on the Bitcoin Core github with some rather aggressively ignorant minunderstandings of basic cryptographic consensus concepts: https://github.com/bitcoin/bitcoin/pull/5634#issuecomment-69481908

Having no clue who he was I looked at his github account and googled a bit and found that he is the, seemingly pseudonymous, author of "Vanillacoin".

Vanillacoin was previously discussed on this forum, https://bitcointalk.org/index.php?topic=890388.0 but he locked the threads in order to shuffle the users (victims?) off to someplace out of the light of day-- never a good sign, (nor is his BCT newbie account, for that matter).  The "vanillacoin" software has no source code available, it is binaries only (very much not a good sign, and usually severe malware concern; and an ultimate form of centralization), there are source links but they go to a basically empty github repository. There is a whitepaper, which like the comments on github show some general software development background they show no real sign of sophisticated understanding around decenteralized systems for adversarial networks or cryptocurrencies.

I don't know anything more about it, but I figure sunlight tends to be a good disinfectant; and with the threads locked it probably wasn't fair of me to say nothing while I was privately thinking "hm, that all smells pretty fishy".  Of course, the guy was a bit rude to me and also wasted my time-- so feel free to factor that bias in however you like. I'm just reporting my impression as a regular community member. You now know what I know.

[I'm the last person to play altcoin-cops... I mostly avoid this stuff except for the rare cases that are technically interesting: The drama can sink unbounded time and usually, when it comes to the more misguided altcoin cryptography, the only sane policy seems to be "If you see something,say nothing and drink to forget": there is too much crazyness and risk of being attacked for being critical of someones latest scheme. But if it shows up in my face, I can't quite stomach saying nothing at all.]

Cheers,


[Edit: Vanillacoin changed names to V.Cash]
1711639392
Hero Member
*
Offline Offline

Posts: 1711639392

View Profile Personal Message (Offline)

Ignore
1711639392
Reply with quote  #2

1711639392
Report to moderator
1711639392
Hero Member
*
Offline Offline

Posts: 1711639392

View Profile Personal Message (Offline)

Ignore
1711639392
Reply with quote  #2

1711639392
Report to moderator
1711639392
Hero Member
*
Offline Offline

Posts: 1711639392

View Profile Personal Message (Offline)

Ignore
1711639392
Reply with quote  #2

1711639392
Report to moderator
Whoever mines the block which ends up containing your transaction will get its fee.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711639392
Hero Member
*
Offline Offline

Posts: 1711639392

View Profile Personal Message (Offline)

Ignore
1711639392
Reply with quote  #2

1711639392
Report to moderator
1711639392
Hero Member
*
Offline Offline

Posts: 1711639392

View Profile Personal Message (Offline)

Ignore
1711639392
Reply with quote  #2

1711639392
Report to moderator
SockPuppetAccount
Hero Member
*****
Offline Offline

Activity: 882
Merit: 500


MiG Messenger - earn while chatting


View Profile WWW
January 11, 2015, 06:18:29 PM
 #2

No one even remembers this coin, I know I don't.  If he has shuffled a group of victims off elsewhere, not much to do about it unless they come back to BCT and see your warning.
poncho32
Sr. Member
****
Offline Offline

Activity: 316
Merit: 250


View Profile
January 11, 2015, 06:53:37 PM
 #3

No one even remembers this coin, I know I don't.  If he has shuffled a group of victims off elsewhere, not much to do about it unless they come back to BCT and see your warning.

The last post on it's thread was on February 25 so as far as I'm concerned the coin's already dead. Anyone who read's it's 3 page thread will notice this warning so I doubt the dev will be able to scam many people..

1- dev waited for about 500 block to give any node  and then tell not premined
2- diff in few sec was over 100  Huh
3- fuck this shit of coin

gmaxwell (OP)
Staff
Legendary
*
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
January 11, 2015, 06:57:10 PM
Last edit: January 11, 2015, 07:35:39 PM by gmaxwell
 #4

The last post on it's thread was on February 25 so as far as I'm concerned the coin's already dead. Anyone who read's it's 3 page thread will notice this warning so I doubt the dev will be able to scam many people..
Hm? The announce thread started 2014-12-12 and was locked 2014-12-23.

Interesting, looks like there was another bytecoin style name reuse.
anhpt192
Hero Member
*****
Offline Offline

Activity: 628
Merit: 500



View Profile
January 12, 2015, 07:20:44 AM
 #5

github http://vanillacoin.net/forums/viewtopic.php?id=420
gmaxwell (OP)
Staff
Legendary
*
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
January 12, 2015, 07:54:13 AM
Last edit: January 12, 2015, 08:37:45 AM by gmaxwell
 #6

Hah. Looks like poking here had some effect.

So... this code is substantially an older copy of Bitcoin Core (maybe copied from the ppcoin codebase? I see some fragments of that) with the attribution removed (in violation of the software license for Bitcoin core) and run through an ugly auto-formatter.


It also doesn't agree with the binary on the site (linux64 sha256sum b07f40515ee75b768424189942d44af8c68b816bfc3018da65f4af273a283183):

E.g. ECDSA verification in the binary on the site gives this disassembly:

Quote
000000000054bc00 <_ZN4coin3key6verifyERKNS_6sha256ERKSt6vectorIhSaIhEE>:
  54bc00:       48 89 5c 24 e8          mov    %rbx,-0x18(%rsp)
  54bc05:       48 89 6c 24 f0          mov    %rbp,-0x10(%rsp)
  54bc0a:       4c 89 64 24 f8          mov    %r12,-0x8(%rsp)
  54bc0f:       48 83 ec 18             sub    $0x18,%rsp
  54bc13:       48 8b 2a                mov    (%rdx),%rbp
  54bc16:       48 8b 5a 08             mov    0x8(%rdx),%rbx
  54bc1a:       4c 8b 27                mov    (%rdi),%r12
  54bc1d:       48 89 f7                mov    %rsi,%rdi
  54bc20:       e8 bb a1 03 00          callq  585de0 <_ZNK4coin6sha2566digestEv>
  54bc25:       48 89 e9                mov    %rbp,%rcx
  54bc28:       31 ff                   xor    %edi,%edi
  54bc2a:       ba 20 00 00 00          mov    $0x20,%edx
  54bc2f:       48 29 eb                sub    %rbp,%rbx
  54bc32:       4d 89 e1                mov    %r12,%r9
  54bc35:       48 89 c6                mov    %rax,%rsi
  54bc38:       41 89 d8                mov    %ebx,%r8d
  54bc3b:       e8 d0 59 1e 00          callq  731610 <ECDSA_verify>
  54bc40:       83 f8 01                cmp    $0x1,%eax
  54bc43:       48 8b 1c 24             mov    (%rsp),%rbx
  54bc47:       48 8b 6c 24 08          mov    0x8(%rsp),%rbp
  54bc4c:       0f 94 c0                sete   %al
  54bc4f:       4c 8b 64 24 10          mov    0x10(%rsp),%r12
  54bc54:       48 83 c4 18             add    $0x18,%rsp
  54bc58:       c3                      retq  
  54bc59:       90                      nop
  54bc5a:       66 0f 1f 44 00 00       nopw   0x0(%rax,%rax,1)

compared to this source code:
Quote
bool key::verify(
    const sha256 & h, const std::vector<std::uint8_t> & signature
    )
{
    bool ret = false;
    
    if (signature.size() > 0)
    {
        auto ptr_signature = &signature[0];
        
        ECDSA_SIG * ecdsa_sig = 0;
        
        /**
         * Make sure that the signature looks like a valid signature before
         * sending it to OpenSSL (like in the test cases).
         */
        if (
            (ecdsa_sig = d2i_ECDSA_SIG(
            0, &ptr_signature, signature.size())) != 0
            )
        {
            std::uint8_t * pp = 0;
            
            auto len = i2d_ECDSA_SIG(ecdsa_sig, &pp);
            
            ECDSA_SIG_free(ecdsa_sig), ecdsa_sig = 0;
            
            if (pp && len > 0)
            {
                ret = ECDSA_verify(
                    0, h.digest(), sha256::digest_length, pp, len, m_EC_KEY
                ) == 1;
                
                OPENSSL_free(pp), pp = 0;
            }
        }
    }
    
    return ret;
}

Which contains a workaround for the change in OpenSSL behavior that the john-connor was so busily insulting us about. The disassembly shows no calls to d2i_ECDSA_SIG in that function-- the only one in the whole binary is the one inside OpenSSL that was there all along.  Extra fun is the fact that this change appears to have been deceptively backdated in the git repository to December 9th.

Doesn't appear to have any of the GUI code either; I wonder what other ways the source doesn't agree with the binary?
gmaxwell (OP)
Staff
Legendary
*
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
January 12, 2015, 03:09:41 PM
 #7

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.
traumschiff
Legendary
*
Offline Offline

Activity: 1498
Merit: 1001


180 BPM


View Profile
January 13, 2015, 06:35:39 PM
 #8

Thread is locked on BCT because every discussion is being held on the VNL forum.

This would have been pretty obvious if you just read his last comment made on BCT. BCT isn't the only place on earth where proper discussion can be held on cryptos. If you would follow the alt scene you would pretty much see that this forum is infested with trolls.

I am not saying that what you are saying is right or wrong, but you made 0 research on the issue. I am mining VNL because it's easy to mine with simple PC's and laptops and so far everytime we had issues with the client it was fixed in a few hours. Not sure how much of a high skilled dev John is, but so far I had no problems.

Edit: I am really not sure why you name and shame on this forum. 90% of the alt-coins so far have been scams. As someone who is following the VNL forums I can say that we had no problems with his developments so far and nothing suspicious happened with the clients. Yeah it's not the most optimal thing to have closed source clients, but this isn't the first one in the scene and obviously it should only be temporary.

anhpt192
Hero Member
*****
Offline Offline

Activity: 628
Merit: 500



View Profile
January 13, 2015, 10:16:46 PM
 #9

Thread is locked on BCT because every discussion is being held on the VNL forum.

This would have been pretty obvious if you just read his last comment made on BCT. BCT isn't the only place on earth where proper discussion can be held on cryptos. If you would follow the alt scene you would pretty much see that this forum is infested with trolls.

I am not saying that what you are saying is right or wrong, but you made 0 research on the issue. I am mining VNL because it's easy to mine with simple PC's and laptops and so far everytime we had issues with the client it was fixed in a few hours. Not sure how much of a high skilled dev John is, but so far I had no problems.

Edit: I am really not sure why you name and shame on this forum. 90% of the alt-coins so far have been scams. As someone who is following the VNL forums I can say that we had no problems with his developments so far and nothing suspicious happened with the clients. Yeah it's not the most optimal thing to have closed source clients, but this isn't the first one in the scene and obviously it should only be temporary.


+1, i like the way you reply  Grin
I mined some on windows64 when this coin was launched on 23 Dec 2014. Yes, it was easy to mine at first time but after that i always got problem with syncing block chain and not syncing at the moment.
doremi
Hero Member
*****
Offline Offline

Activity: 654
Merit: 500


View Profile
January 14, 2015, 03:41:49 PM
 #10

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.

copyright violation? enlighthen me please since Bitcoin Core is an open source as far as i know
minerpage
Sr. Member
****
Offline Offline

Activity: 268
Merit: 250



View Profile
January 14, 2015, 03:57:20 PM
 #11

Won't the VNL source code be released by the dev once pool mining has been implemented? Which is next on the VNL agenda... perhaps more clarity about the source, modifications and improvements can be had at that time?
Luke-Jr
Legendary
*
Offline Offline

Activity: 2576
Merit: 1186



View Profile
January 14, 2015, 04:43:35 PM
 #12

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.

copyright violation? enlighthen me please since Bitcoin Core is an open source as far as i know
Bitcoin Core is copyrighted open source, as most open source software is.
If you violate the license terms, you can never copy it again, unless the copyright holders give you a new license.

billotronic
Legendary
*
Offline Offline

Activity: 1610
Merit: 1000


Crackpot Idealist


View Profile
January 14, 2015, 06:03:52 PM
 #13

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.

copyright violation? enlighthen me please since Bitcoin Core is an open source as far as i know

You need to enlighten yourself

https://github.com/bitcoin/bitcoin/blob/master/COPYING

This post sums up why all this bullshit is a scam
Read It. Hate It. Change the facts that it represents.
https://bitcointalk.org/index.php?topic=1606638.msg16139644#msg16139644
cassius69
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile
January 14, 2015, 06:05:15 PM
 #14

that is the worst friggin name ever for an altcoin.

doremi
Hero Member
*****
Offline Offline

Activity: 654
Merit: 500


View Profile
January 14, 2015, 06:30:14 PM
 #15

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.

copyright violation? enlighthen me please since Bitcoin Core is an open source as far as i know
Bitcoin Core is copyrighted open source, as most open source software is.
If you violate the license terms, you can never copy it again, unless the copyright holders give you a new license.

who is the copyright holder then?Sathoshi Nagamoto?
Luke-Jr
Legendary
*
Offline Offline

Activity: 2576
Merit: 1186



View Profile
January 14, 2015, 08:00:13 PM
 #16

FWIW, I politely reported the copyright violation (the code being a copy of Bitcoin Core run through an auto-formatter with all the attribution removed) as an issue on the github for the project and john-connor accused me of stalking him and then hid the issue tracker on that github from public view. :-/

I suppose I shouldn't be surprised as it's consistent with the rest of the concerns that resulted in creating this thread-- that there is some ongoing effort to keep that work out of the sunlight.

copyright violation? enlighthen me please since Bitcoin Core is an open source as far as i know
Bitcoin Core is copyrighted open source, as most open source software is.
If you violate the license terms, you can never copy it again, unless the copyright holders give you a new license.

who is the copyright holder then?Sathoshi Nagamoto?
Each individual contributor holds copyright to his contribution.
That means any of us can DMCA or sue for copyright infringement, and that someone who has infringed on the license needs to get permission from each and every one of us, before they can distribute/copy Bitcoin Core ever again (even unmodified).
(and yes, you're right that they will have a difficult time getting permission from Satoshi...)

Ingramtg
Legendary
*
Offline Offline

Activity: 861
Merit: 1000



View Profile
January 14, 2015, 08:14:29 PM
 #17

i also mining vanillacoin at first ,but finally i find this coin
is hard to synced and many problems coming , dev update the wallet
for many times
once he update the client , most of people are on the wrong chain, all people need to wait dev's
anouance to know what chain are correce
this is very rediculous right? thanks for warning
traumschiff
Legendary
*
Offline Offline

Activity: 1498
Merit: 1001


180 BPM


View Profile
January 14, 2015, 08:25:48 PM
 #18

i also mining vanillacoin at first ,but finally i find this coin
is hard to synced and many problems coming , dev update the wallet
for many times
once he update the client , most of people are on the wrong chain, all people need to wait dev's
anouance to know what chain are correce
this is very rediculous right? thanks for warning


I was never on a wrong chain. But it happened to people, and it doesn't make a coin bad. Happened to lots of coins out there.

The coin is openly called an alpha/beta by the dev. What you are talking is just plain stupid.

Jookly
Legendary
*
Offline Offline

Activity: 1131
Merit: 1007


View Profile
January 14, 2015, 09:58:11 PM
 #19

Vanillacoin has been awesome to mine with cpu solo and it has been great to not be tied to this forum.  The fact that the true believers feel threatened by the developer doesn't surprise me at all. 

What are you even warning people about? "victims"? wtf?  I have felt like a victim numerous times on this forum in the last year, not with vanilla coin though.  Oh well, people will believe what they want.
traumschiff
Legendary
*
Offline Offline

Activity: 1498
Merit: 1001


180 BPM


View Profile
January 14, 2015, 10:38:52 PM
 #20

Vanillacoin has been awesome to mine with cpu solo and it has been great to not be tied to this forum.  The fact that the true believers feel threatened by the developer doesn't surprise me at all.  

What are you even warning people about? "victims"? wtf?  I have felt like a victim numerous times on this forum in the last year, not with vanilla coin though.  Oh well, people will believe what they want.

We are victims because we don't have to rent hash to mine a new coin. Victims also because we don't have to cope with this forum.

Bashing the coin on this forum because some people had a technical argument on github over Bitcoin, not sure how ethical this is.

Pages: [1] 2 3 4 5 6 7 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!