Topic: [0 GH/s 0% fee SMPPS] ArsBitcoin mining pool! - page 3. (Read 123750 times)

Even if it is a company - being so small: only 254 IP addresses, would mean they'd most likely know a lot about it.

Not quite - google lists that as also being the registered address of this hosting company: http://www.1b.hu/
Perhaps VPN/Proxy/Tor exit node?

I presume you've done it already, but the whois of that IP address says it is effectively one person.
So either they were hacked or they did it:

is it possible to allow manual payouts for people who haven't changed their payout addresses?

Shitty. Thanks for keeping us posted.

Hello, it appears a malicious users has logged in to 22 different accounts.  Because of the limited nature (vs all 4000+ accounts) I believe the hacker either used some brute force method, or an existing leak of usernames/passwords to try and log into accounts.  For example, the MTGox leak a while back.

I've temporarily disabled all PIN, Address, and Payout changes, so you will not be able to change your password at the moment (but neither will any hacker.)  I sent an email out to the affected accounts that I know about at the moment.

Once the malicious user got into an account, he brute forced address change attempts by trying different PIN numbers.  If he was successful, he then sent a manual payment to the new address.

So far, this appears to have only happened once (but could have been a couple more, still looking), as he could only try one PIN per second due to server restrictions.

I'll be working on changes to make this attack not possible in the future, and account changes will be disabled until then.

Malicious user information:
IP: 79.172.242.141
Malicious address: http://blockexplorer.com/address/17JuYfk8bWUHvAfRv5eF7zUic1g3qrDobz
I believe this represents the majority of any bitcoins stolen from this attack.

They're certainly not the same, but there are some relevant shared qualities between the two, like the ones I alluded to above. But then again, I guess every reward method has some shared qualities with every other

At least the ARS thread is lively again 

SMPPS and straight PPS is not similar at all, and you know clearly why. What I would agree on is that there is no invalid/orphan blocks so if ars is paying out for orphan/invalid blocks then it would answer the huge backlog right now.

Theoretically yes. In practice there are leaks because of orphaned blocks and block withholding. Paying full PPS value is only zero sum if you can eliminate those two factors. Orphaned blocks can be eliminated by retracting payments or paying less than full PPS value; can you point out where it says Ars does any of those?

..which also backs up my explanation: the statistical loss for the invalid block will come out of the buffer, and miners' Lifetime work is not affected. Therefore Ars pays for invalid blocks in essence by taking a loan against the last miners to quit mining there.

The topic was the negative buffer, which i have given a sound explanation for. ABCPool (and your pool too) has some of the same issues that Ars does since PPS and SMPPS are similar, which is why I'm interested in this discussion in the first place.

Erm your long explaination meant nothing.

Point is longterm its a zero sum game ie. overtime and over even blocks you should even out even at 0% PPS (they only pay the PPS rates once blocks are solved, there is no extra 1.5% earnings on top) and ARS doesnt pay for orphans/invalids since it pays after 120confirms and if its invalid/orphaned you get nothing from that block.

So again, after so many blocks Im pretty sure it should be closer to even than 20-25blocks behind.

PS. Your whole post seems like an ABCpool advert, stay on discussion and keep the FUD.

Ars employs a nominal fee of 0%. The payout is based on 100% of found blocks being valid, but that's unlikely to happen in practice. In practice, some blocks turn out to be orphan blocks. The pool is taking a statistical hit of 50 BTC for every block that turns out to be an orphan, which is around 1.5% of all blocks for most pools.

The effective fee is therefore about -1.5%. Yes, it's an effective bonus for miners! Who pays that bonus? The pool buffer. Total work done at Ars is now about 79850 BTC, which comes down to 1597 blocks. Although I can't find any orphan blocks in the stats at Ars, it's unlikely there haven't been any. You'd expect about 1.5%*1597 = 24 orphan blocks, causing a cumulative buffer drain of about 1200 BTC. The buffer is currently at -1000, not that far from -1200.

Now you may think: Great, the bonus is paid by the pool buffer, so I don't have to care about it. But the pool buffer is just a concept, and eventually real people have got to take the hit and accept the losses of all those orphan blocks. Who will those people be? It will be the last miners to quit Arsbitcoin. Since hashrate will then drop to 0, there's no new BTC flowing in. No income means the payouts for the last -BUFFER_SIZE Bitcoins can never be made.

In a sense, negative-effective-fee-SMPPS is not unlike the game "Musical chairs".

Until the moment the hashrate hits 0, the pool buffer will continue to drain at a rate of 1.5% of the theoretical PPS value of the delivered work, masked by normal variance in the block finding process. It is perfectly possible that due to normal variance the pool gets lucky and the buffer goes into positive territory again. Good and bad luck cancel each other out though, while the 1.5% drain is a constant negative force, creating ever longer payout delays.


Anyway..
For all reward schemes an effective fee can be calculated, and for PPS-derived schemes it differs from the nominal fee. At ABCPool there was some discussion when we started mentioning an effective fee in favor of a nominal fee; some vocal forum members found it to be misleading. Ars is now starting to show just how real the effective fee and its consequences are.
NB: ABCPool is *pure* PPS, there is no concept of a buffer for miners and therefore no payment delays.

Yeah... back when it had an operator...

don't forget this pool was in a big positive buffer for a long time....

Im also wondering that something must be wrong with this pool, surely statisticly variance cant be this bad over such an extensive period.

Sure its hashrate dropped from ~900GH avg to ~300GH avg since dropping from surplus to -1000coins most of the time but still this variance isnt even seen solomining like I am doing with part of my farm o_0

I was going to suggest to simply use blockchain.info to work out the ARS blocks ... using the IP address info blockchain.info has ...
Then I checked 169082 on blockchain.info and it says Eligius

Looking at 169082 it is clearly NOT an Eligius block so unfortunately that idea fails also.
... and the ARS blocks don't have anything in the coinbase transaction that identifies them either

Oh well - I can't believe I'd say this - but coinbase spam does have a use sometimes

FYI, back when I mined at this pool there was a bug with the website that when two blocks we found in quick succession, the second one would not show up in the stats but would be in the pool wallet. I do not know if this bug was ever fixed, but it could be a contributing factor as to why the pool has been having back luck.

If you go back in this thread, you can see instances where burningtoad would let us know a block was found and add it to the stats.

I was just going to say something... I have a bunch of failover shares there, and I wish the pool would find a block or two soon!
That luck is brutal... 

from -840 down to -1135, ouch that hurts, thanks god i mine @ EMC. i hope arsbtc will get a long lucky round

Ah, Thank you, that will probably be it. I just left it how it was, In thought failover was default settings in CGMiner. Thanks for that