Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 72. (Read 4382653 times)

I can and did!!!  He needs to at the very least come with the hardware if this is even a credible story.. Still no comment.. like i said if it walks like a duck and quacks like a duck.> Only a fool would continue to mine here. Just my two bits anyway.. If he is lying about this what will come in the future that he will hide.. 

Slush you need to come out with the type of miner and firmware to make this story remotely credible. Until then i have my thoughts as to what really happened.. Just contiue to stick your head in the sand.. It appears your miners are more naive than i first thought.. Ehh to each their own i guess.

best Regards
d57heinz

Rain on SLUSH yeah! I like the new design! Good job! Keep coming with the improvements!

glad its now sorted and the day % is now %192  just found 2 blocks within 10 mins

Happy to see the pool finding more blocks now .

u can't just ask for identity of the withholder man ...

just hope it will not restart with another firmware or what else !

just lets monitoring the stats thats all we could do to detect shit

and sorry for bad english ...

and slush nice new design , better  =)

something u could implement is a 'sound' when a block is found , it will be nice ( like mario coin blocks or something like that ^^ )

@Slush

Im waiting for you to come clean on the exact brand and firmware/software of miners that was performing the attack.. What i find more plausible is that the attacker who was at least 10 PH was using a proxy with modified code.. And i feel with the amount of FB post i sent you and the amount of posts here in the last five months.  You need to come clean on what the hell really happened..I feel that after your updates to the server in sept of 2015 you got something configured wrong!.. that's my gut feeling. And we were mining into the wind for a good long time. For the longest time bitcoinity.org was showing an unknown miner and i spoke about it several pages back here but this miner wasnt finding blocks.. by looking at the blockchain there was no unknown blocks yet this miner was mining at 30 ph at times.. i think this was the block withholder idk (looking here you can see the unknown is now gone  was at top of the line graph http://data.bitcoinity.org/bitcoin/hashrate/7d?c=m&t=a )  if it would have been one miner you should have caught it way sooner since they never solved any blocks for months and they have to be over 10 PH. So you had to do some deep analysis on the server only to find your error in code or whatever..  I find it interesting now that you "fixed" your issue your now mining larger blocks as well.> So something entailed you restarting things.   I honestly don't feel your being upfront on the true nature of what was wrong for over 4 months.. Plus the dead silence didn't help that factor in the least.  So to come to find out your doing website enhancements instead of worrying about the health of the pool is troublesome to me(again makes me think that it was your issue and you really wish this would just die).  I lost a couple btc to this fiasco and don't expect ill ever see it.. I cant imagine the losses incurred by the larger miners..

So for transparency sake.. lets get this info

Miner brand
software and firmware version  (so that others can fix this as well since it wouldn't be just one guys miners it would be all made by that company)
?
Maybe some of the back and forth emails with the "unintentional" attacker!.. more so some of the info used to fix the issue with his miners.. 

I feel that if you implemented a way to check for block withholding in stratum protocol as an optional bit that would go a long way to remedying your handling in this Major issue

Anything else you can give would be appreciated.. Im chalking it up to lesson learned.. I knew that when a guy gets quiet its usually for a good damn reason!. Seen it too many times just in btc alone.. Moreso than not. 

Best Regards
d57heinz

WELL thats great in my eyes.. Then we narrow down who it is.. lock down creating new users so they cant keep swapping users and perform the test every two weeks or less.. If im going to lose 30% earnings for 4 months in a row then i think some countermeasure is needed.. I dont mind throwing away a few seconds of mining to test this theory.. Personally i think there is nefarious reasons why this hasn't been implemented Already and i don't know why you would oppose this eleuthria.. Since we know your pool was obviously victim to it before it shut down.. If i remember right it was nearing 80 % as well and dropping..   these miners need caught their ips made public and lets work on getting this resolved.. I know that you can make this work and send old block solutions to the miners to test them for withholding.. If a miner drops off when the tests are performed they are flagged as suspect then they are tested even harder.  Till they get with the program or they are permanently banned.. I think with this becoming a big issue and the hw becoming more efficient making this attack easier and less costly we have to get something in place..  Maybe the reason this hasnt been done will be used in the future to screw all the public pools and force everyone solo or die.  Lets work together .. stop the bickering of my pools better then yours and come together as a whole and lets try to fix this.

Best Regards
d57heinz


EDIT  and the community would prefer you kept quiet on whether you got it to work or not.. No need to let the attacker know he is being watched.. THATS how you get it done.. Dont update the source code till after you have "tested" it

Thank you for your answer
I suspected a little it was not so easy!
Remains a statistical analysis, but the scale of a pool, it may get a lot of warnings, only the larger miners will be effectively been verified.

Nice one captain, and the UI keeps getting better! Looking forward to the proof stats coming up, and great job nipping that block with-holding bug ... better late than never I say. Oh! before I forget, the pool luck across all stats looks brilliant too .... keep up the good work.

This isn't possible.  In Stratum, each miner has a unique ExtraNonce1 value which means giving every miner the exact same job (which is what Stratum does already) will result in different hashes from every miner.  There is no way around this, since if  you added a feature to Stratum that forced an ExtraNonce1 change for work verification, the withholder would KNOW they're being tested.

Hello Slush,
Thank you for that but maybe you have most important things to do,... like auto-detecting block withholding for exemple!

If I'm not mistaken it was you who designed the stratum protocol?

I'm not very knowledgeable of how it works, but I asked myself the following question:
Is it possible to send a job that has already won a block to all the miner (the same work) for example once a day to check that every miners solve the solution. it only cost a few seconds but would help to find block withholding problems?

Well many users here have complained about it for quite some time.

However, it certainly didn't take any effort to see there was a problem when I looked at it 41 days ago
https://bitcointalksearch.org/topic/m.13482822

Ill just leave this here:
https://www.reddit.com/r/slushpool/comments/45aed4/no_one_should_mine_in_this_pool/

Maybe you noticed the pool website now redirects to https://slushpool.com. The URL is legit, we've been lucky enough to obtain this nice domain and we just moved there from more complicated "mining.bitcoin.cz". Back in 2010 I did not realize how big the mining industry will became, so I choose just a subdomain of my Czech bitcoin blog :-).

This is just about the website, no change in miner settings is needed as we keep all mining URLs to work normally.

Yes, we've been in touch with OOC about that incident; we realized something is going on at about the same time when he made his analysis on which he based his article.

Hey slush,

I don't know if you've seen it, but here's some good analysis by OOC regarding early detection of block withholding attacks... might be something you could implement: http://organofcorti.blogspot.com/2016/02/detecting-unintentional-block.html

EDIT:

Appears OOC has already been in contact with you guys... but I'm leaving the link there for anyone else interested in reading up on block withholding.

If everybody knows what happen, why to discuss it over again? *rolleyes*

Yes, there was technical issue, we're clear about that. Yes, we though for long time it is just a natural variance in the luck. Once we realized where the problem is, we managed to fix it ASAP so the problem is gone (as you can check, month luck is over 100% now). Although I may agree that the communication of the incident could be better, I still believe we made our best to fix the issue itself.

I have to disagree.  Telling your miners that we are in another period of bad luck for weeks while they lose 15-20% of their revenue is not honesty or character.  Honesty and character would be advising your miners that you suspect a significant issue with your systems and that they may sustain significant losses for a undetermined period of time.  In addition, what you are referring to as the "problem" is questionable at best.

At an absolute minimum, Slush's handling of this situation was awful and not representative of the standard you have set of transparency and trust.  The fallout from this incident has yet to materialize.  You will realize at some point that the cost of lost revenue from being up front with your miners would have been much less in the long term.

Slush is not being fully transparent about this issue.  There is not way you are and the fact that you continue to perpetuate this narrative is disappointing.

its not really about what you think its about what everyone else thinks about you. Knowing that this is the largest bitcoin forum as soon as the issue was found you should have been on here doing damage control.

Even a simple post saying something along the lines of that you found a problem and currently looking into the solution. and then another post with the solution what you did the fix it and how you are going to make it right for all those that got screwed by the problem. Im sure there are plenty of BTC sitting in your account to repay everyone for their lost coins during the problem time. Hell even a flat rate of repayment of .05 or so would have been better then the silence you exhibited. Or better yet force the person that did this "unintentional" (we all know it was intentional you dont have to pretend) attack to repay everyone.

it would also have been good if you release what the problem was ie X version of mining software. maybe others are running that same software and because they are smaller it doesnt trip the detection alarms. More communication would be great. Maybe collaborate with the other pool owners so they know what the issue was so that person doesnt just simply hop pools and attack another.

We detected the problem, fixed it, announced it publicly and right now we're preparing Hashrate Proof to let our users to check how the pool is mining. I don't think we can do more than this. To be honest, discussing *here* is not really constructive.

No, we went public once we realized the problem. Keeping the information for us while letting miners to continue with withholding would not make any sense...