Interesting discussion. I am glad the VRC developer at least addressed the concern even though I personally disagree with him only having 2 options. The 3rd option is to let the coin die and start a new.
[–]pnosker 5 points 9 hours ago
Well said. If we thought we had any other option, we would never have forked. But to not fork would guarantee the death of VeriCoin. I'm sure you realize how difficult of a decision it was for us.
permalink
[–]cobleeLitecoin Founder 11 points 6 hours ago
Yes, I do realize the position PoS has put you in. But I think in the long term, it would have been best to not fork. Sure, you arguably saved the currency. What would you do if this happens again? And it will happen again. How much of a theft would you deem big enough to require another fork? 50%? 25%? 10%? Where do you draw the line? And why are the devs responsible for making this decision? Who's to decide whether or not this was a theft? How can anyone even be sure? What if MintPal sold those Vericoins to someone else in a private deal and cried foul to the devs? Not that it is likely, but how would you know for sure? Are you going to fork the coin and effectively help them double spend?
You've opened up Pandora's box by doing this. I believe it is not the right decision. There are lines that the devs should not cross, and this is one of them. Devs should not play monetary policy with their coins. You need to play by the rules that you set out at the start. It is a slippery slope when you can change the rules on a whim.
That said, this is just my opinion. There's no rule or law that says you can't do this. But if the US starts to regulate cryptocurrency as real currencies, I'm positive they will view this action as illegal. Right now, developers can claim that they are working on software and not creating money and that the money is creation is decentralized. Once you start making monetary policy decisions with your coin, you can no longer make that claim.
Unfortunately I/the other VeriCoin developers were put into a position that no other coin developer has ever been put into:
We knew the coin was at the risk of an attack and there was something we could do about it.
Bitcoin has never faced this issue. Litecoin has never faced this issue. No other PoS coin has faced this issue.
When someone is faced with a critical question like this with very little decision-making time it is very difficult to make a wise decision. We quickly analyzed the blockchain and determined that if the coin count was above 6 million coins it was able to attack the coin by mechanism of a 51% attack. That left us with only two options: Fork (like we did) or to blacklist the new addresses in a wallet update and hope people upgraded before the thief sent the coins to new addresses.
We decided that the only feasable way to handle this was to reverse the blockchain to a state prior to the attack as upgrading over 51% of the wallets in time would be too difficult/impossible and even if we did, those 8M coins could potentially still override that based on the fact that it could have over 51% of stake due to the quantity of coins.
Yes, there's clearly a downside to PoS which is that it's attackable without necessary investment. To attack Litecoin like this you would have to physically steal many mining farms. PoS coins can be attacked by stealing a wallet file.
But, it must be understood that we had been given information from both MintPal as well as performed our own analyses of the blockchain to determine that in fact these 8M coins were indeed stolen, not subject to some back alley deals, and the transaction volume excluding these 8M coins was magnitudes smaller in amount than the stolen coin volume. In our minds, we had the ability to preserve the coin by preventing an illicit 51% attack in the future. In addition to that, and less significantly, we had the ability to return funds to those whom it was stolen from.
There are critics of our actions who in their minds rightly say we are not following in the footsteps of Bitcoin. But there are significant differences between what happened with VeriCoin and what happened ever, with any other coin. No coin has ever had 30% of it stolen in one transaction. No coin has ever gone from no risk of 51% attack to high risk in a single transaction due to an illicit transfer. We made a very very hard choice, and it's one that has kept VeriCoin alive.
Now we can all say maybe we shouldn't be trusted as developers. That's fine. I will officially announce now that if the community would prefer for me to step down as a developer for VeriCoin I will do so. I don't think it's the right decision, but it's something I will do to preserve the integrity of the coin. Otherwise, I can promise you that this is something that will never happen again with VeriCoin. We did it once. It now serves a very important lesson to all of Crypto: DO NOT STORE YOUR COINS ON AN EXCHANGE AND EXPECT THEM TO BE SAFE.
With that thought hopefully engrained into the minds of all that deal with Crypto, I hope that if nothing else, people learn that lesson.
Thanks for your criticism. You have been a great role model for me and you have been very helpful to me in our private conversations. I really admire you disagreeing with our actions because it sets a good precedent for Litecoin, where a 30% theft is a big deal but not one that will destroy the coin.
permalinkparent
[–]cobleeLitecoin Founder [score hidden] 7 minutes ago
Thanks Patrick. I think making a public statement on what the devs will and will not do in the future is important.
For the 51% stake attack concern, why are you concerned that someone with 30% of the coin will attack the network? Doesn't PoS mean that since people with stake wouldn't want to hurt their own investment, they won't attack the network with their coins. I think the thief would behave the same way. Because they would want to sell the stolen coins for the most amount of money, they will slowly sell the coins instead of attacking.
You have no excuse. You damaged the entire reputation of cryptocurrencies for your own selfishness. Breaking core principles to get out of your own bind is not an excuse. You should have killed the coin. Go down with your ship, have some honor.
Instead you decided to be a parasitic group focused on short sighted gains and your own selfishness. Nice job.
permalinkparent
[–]pnosker -1 points 3 hours ago
Maybe your core principles are different than mine. But for me, knowing I could do something without much disruption that could save a $6M economy is reason enough to do it. If we did nothing, VeriCoin would be dead right now.
permalinkparent
[–]jentfoo 2 points 2 hours ago
Vericoin likely will still die from this. As coblee pointed out, you created a precedent that looses all trust. I would never want to accept a currency that could be reversed by the developers deciding to hard fork due to poor security on an exchange. It's inappropriate, and it has caused a complete loss in trust in the currency. Once you lost trust in the currency, it has no value
[–]until0 0 points 2 hours ago
If we did nothing, VeriCoin would be dead right now.
Correct. Did I make a exploitable algorithm and release it to the world or did you?
But for me, knowing I could do something without much disruption that could save a $6M economy is reason enough to do it.
Oh, I forgot you decided that for a de-centralized currency. Did you use the Offical Disruption Measurement Scale to confirm that, or the un-official one?
Anyway, I'm sure the entire comunity suppported your decision anyway. I mean you had almost 300 total votes and approximately 70%, that's clearly a total sweep. Did anyone outside of MintPal/Vericoin support this decision? Not like it would matter, because you only care about yourself anyway. Good job /u/pnosker.
You are a parasite to cryptography in general. Please leave the community, how many other people outside of VeriCoin need to tell you this.
permalinkparent
[–]Knerd5 1 point 2 hours ago
You gave a dying patient a shot of adrenaline. You now have two options:
Let the patient die
Continue unethical practices
