Topic: [ANN] KRAKEN.COM - Exchange with USD EUR GBP JPY CAD BTC LTC XRP NMC XDG STR ETH - page 231. (Read 628818 times)
October 22, 2014, 01:08:16 PM
Hate to open new tickets, but BTC withdrawals are stuck again. Ticket 33782
October 22, 2014, 11:28:22 AM
Well you managed to spoil me rotten with your fast SEPA deposits. Never took more than 3 hours...
Now I'm a bit impatient since the last one hasn't come in one day. Could you please check. Details in ticket 33778. Thanks
Now I'm a bit impatient since the last one hasn't come in one day. Could you please check. Details in ticket 33778. Thanks
October 17, 2014, 06:28:36 PM
You iOS app if just fab. Just executed some orders through that today. Great stuff!
October 17, 2014, 06:04:03 PM
What about withdrawels? Mine says sending for an hour and it is still not on blockchain? Account id AA95 N84G TEWR NKFI
Bitcoin withdrawals were down very briefly, but the issue has been fixed.
October 17, 2014, 05:10:12 PM
What about withdrawels? Mine says sending for an hour and it is still not on blockchain? Account id AA95 N84G TEWR NKFI
October 16, 2014, 07:58:33 PM
Currently experiencing delayed Bitcoin deposits?
Yes, I posted about this above. But the issue should be resolved now.
October 16, 2014, 07:29:44 PM
Currently experiencing delayed Bitcoin deposits?
October 16, 2014, 04:49:11 PM
A few clients are experiencing an issue with stuck bitcoin withdrawals. We are aware of this issue and working to resolve it as quickly as possible.
October 14, 2014, 09:25:11 AM
Ripple & Stellar Traders:
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
Stellar payments are back online, but Ripple is still offline while we patch our code to ensure we aren't vulnerable. We were previously vulnerable but nobody exploited it and we probably would have caught it fairly quickly if they had. Ripple will be offline at least until tomorrow, but hopefully not much longer than that.
The Ripple gateway is patched and back online now too. If you had a pending XRP withdrawal, it should have been cancelled. But new XRP withdrawal requests should be working fine now.
October 14, 2014, 01:17:28 AM
Ripple & Stellar Traders:
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
Stellar payments are back online, but Ripple is still offline while we patch our code to ensure we aren't vulnerable. We were previously vulnerable but nobody exploited it and we probably would have caught it fairly quickly if they had. Ripple will be offline at least until tomorrow, but hopefully not much longer than that.
Any progress on put xrp gateway online..? You said untile today...
October 13, 2014, 08:08:25 PM
We were previously vulnerable but nobody exploited it and we probably would have caught it fairly quickly if they had.
Thanks for the transparency. Kraken always struck me as the sort of well run exchange that has good internal controls, like an appropriately small hot wallet and manual review of certain transaction profiles, so I'm sure that you would have caught any attempt fairly quickly.
During the discussion of the episode over on the Stellar forum, the bx.in.th exchange operator described one of their controls, which makes exceptionally good sense:
Quote from: bx.in.th
We also check every coin wallet balance before every withdrawal. This means we have to run withdrawals in batches every 5 minutes. Our system does an entire balance audit before every withdrawal batch. We compare all users balances to the actual wallet balances, if any balance does not match then no withdrawals go out for any currency.
If Kraken isn't already doing something similar (and you very well may be), it might be worth implementing as an extra safeguard for all assets.
Thanks - I'll run this by our developers, though as you say we may be doing something similar (I'm not familiar with all our accounting checks).
October 13, 2014, 08:05:40 PM
Any plans to support the Counterparty Protocol? Like it's native currency XCP and consequently, all of the assets listed on it???
http://counterparty.io/
http://counterparty.io/
No plans that I have heard of.
October 13, 2014, 04:32:27 PM
We were previously vulnerable but nobody exploited it and we probably would have caught it fairly quickly if they had.
Thanks for the transparency. Kraken always struck me as the sort of well run exchange that has good internal controls, like an appropriately small hot wallet and manual review of certain transaction profiles, so I'm sure that you would have caught any attempt fairly quickly.
During the discussion of the episode over on the Stellar forum, the bx.in.th exchange operator described one of their controls, which makes exceptionally good sense:
Quote from: bx.in.th
We also check every coin wallet balance before every withdrawal. This means we have to run withdrawals in batches every 5 minutes. Our system does an entire balance audit before every withdrawal batch. We compare all users balances to the actual wallet balances, if any balance does not match then no withdrawals go out for any currency.
If Kraken isn't already doing something similar (and you very well may be), it might be worth implementing as an extra safeguard for all assets.
October 13, 2014, 03:14:06 PM
Any plans to support the Counterparty Protocol? Like it's native currency XCP and consequently, all of the assets listed on it???
http://counterparty.io/
http://counterparty.io/
October 13, 2014, 01:25:23 PM
Ripple & Stellar Traders:
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
Stellar payments are back online, but Ripple is still offline while we patch our code to ensure we aren't vulnerable. We were previously vulnerable but nobody exploited it and we probably would have caught it fairly quickly if they had. Ripple will be offline at least until tomorrow, but hopefully not much longer than that.
October 13, 2014, 01:17:54 PM
A question about ripple and kraken:
You said something about your ripple "gateway". But would'nt this mean I can deopsit for example € from another gateway to krakens gateway? Where is this option to withdraw/deposit € via Ripple?
You said something about your ripple "gateway". But would'nt this mean I can deopsit for example € from another gateway to krakens gateway? Where is this option to withdraw/deposit € via Ripple?
Sorry for the confusion, but that's not what I meant. The only transactions we support through the Ripple network are for XRP. So do not try to send us euros, bitcoins, or anything else through the Ripple network.
October 13, 2014, 11:46:16 AM
A question about ripple and kraken:
You said something about your ripple "gateway". But would'nt this mean I can deopsit for example € from another gateway to krakens gateway? Where is this option to withdraw/deposit € via Ripple?
You said something about your ripple "gateway". But would'nt this mean I can deopsit for example € from another gateway to krakens gateway? Where is this option to withdraw/deposit € via Ripple?
October 13, 2014, 09:07:01 AM
12 requests a minute is pretty slow - can't you just allow at least 120/minute for everyone who makes use of the private API?
compared to other markets that would be still not very much..
thanks
compared to other markets that would be still not very much..
thanks
October 12, 2014, 08:22:07 PM
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
If Kraken finds that it properly implemented the code to receive payments, and was not vulnerable, I hope that you will say so. This is much preferable to bringing Ripple and Stellar back online and not saying whether Kraken was safe to begin with or was fixed during the review.
Both Coinex and RippleFox have stated that they had properly accounted for partial payments in their deposit code, and were not at risk (RippleFox said that they were actually attacked, but their deposit code correctly examined the amount received, so their gateway implementation credited the attackers account with the funds actually received).
October 12, 2014, 12:44:05 PM
Ripple & Stellar Traders:
We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
Stellar has disabled this functionality alltogether already (forcing you to pay fees when reimbursing someone), on Ripple you hopefully already check flags before crediting accounts. Better safe than sorry though, this is only a "vulnerability" if you didn't read the documentation, otherwise it's a useful feature.We have taken our Ripple and Stellar gateways offline pending further investigation of the "partial payments" vulnerability. We will bring the gateways back online as soon as possible, but not before we are absolutely certain that we aren't affected by this vulnerability.
https://medium.com/@abrkn/partial-payments-ripple-stellar-vulnerability-in-the-wild-29aaefd8a7ac
The documentation on the partial payment feature is very poor. Even the Stellar Development Foundation only learned of the issue this past week. Even though there was an update to the Stellar code base to remove the feature, we are nonetheless taking the Stellar gateway offline until we can fully evaluate everything ourselves. Overly cautious perhaps, but we'd rather be overly cautious in a situation like this.
Jump to: