[ANN][XCP] Counterparty - Pioneering Peer-to-Peer Finance - Official Thread - page 226.

Chang Hum

hero member

Activity: 714

Merit: 502

Sure, I accept I was missing something beyond what was visible on this forum from the links Xnova posted. It rang an alarm bell seeing someone who I know's heavily involved and invested in the project having his posts deleted and being called out as a troll, and perhaps for the sake of PR if nothing else could have been handled better by both sides.

Quote from: JahPowerBit on July 25, 2014, 08:11:58 AM

Quote from: Chang Hum on July 25, 2014, 05:31:33 AM

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

The way porqupine presented the bug is false and unacceptable. Especially from a respected member who clearly invested a lot time in Counterparty: when a lot of people listen to you, you have to pay attention on each word you use. It's no only a semantical debate with no importance, and PP just make his job of lead developer, when he disagree with porqupine wording.
Everybody in the team, include PP, have a great respect for porqupine, his works and his words. But I personally think, that is no acceptable to declare a war because we disagree with the solution he proposed. It is unacceptable to want to convince us by force. Even if you try, retry and retry to convinced with words, if you do not succeed that not give you right to use 'violent' means. Especially when goals are the same for all of us: make Counterparty better.

[/quote

JahPowerBit

sr. member

Activity: 335

Merit: 255

Counterparty Developer

Quote from: magaiver007 on July 25, 2014, 07:17:49 AM

hello, could I have a help. I was sending bitcoins from counterparty wallet to get storj ipo and the computer stuck and I had to restart the computer. After restarting computer when i logged on again and there was no transactions pending, no bitcions and and no storj , what should i do? Did i lose the money? Please help!

most probably your send succeeded, but you don't receive yet storjcoin. Please check the address with blockchain.info and blockscan.

JahPowerBit

sr. member

Activity: 335

Merit: 255

Counterparty Developer

Quote from: Chang Hum on July 25, 2014, 05:31:33 AM

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

The way porqupine presented the bug is false and unacceptable. Especially from a respected member who clearly invested a lot time in Counterparty: when a lot of people listen to you, you have to pay attention on each word you use. It's no only a semantical debate with no importance, and PP just make his job of lead developer, when he disagree with porqupine wording.
Everybody in the team, include PP, have a great respect for porqupine, his works and his words. But I personally think, that is no acceptable to declare a war because we disagree with the solution he proposed. It is unacceptable to want to convince us by force. Even if you try, retry and retry to convinced with words, if you do not succeed that not give you right to use 'violent' means. Especially when goals are the same for all of us: make Counterparty better.

magaiver007

newbie

Activity: 4

Merit: 0

hello, could I have a help. I was sending bitcoins from counterparty wallet to get storj ipo and the computer stuck and I had to restart the computer. After restarting computer when i logged on again and there was no transactions pending, no bitcions and and no storj , what should i do? Did i lose the money? Please help!

Chang Hum

hero member

Activity: 714

Merit: 502

Quote from: cityglut on July 25, 2014, 06:18:57 AM

The bug *is* acknowledged by PhantomPhreak; it's a disagreement in terminology: PhantomPhreak's point is that it is not a "security vulnerability" in the sense that the multi-sig bug in February was.

Beyond that, there is disagreement as to how it can be fixed. Please see: https://github.com/CounterpartyXCP/counterpartyd/pull/190 and https://github.com/CounterpartyXCP/counterpartyd/issues/191.

Thanks

Fernandez

legendary

Activity: 1008

Merit: 1000

Just wanted to know, is there any talk or even idea of moving the Counterparty onto a faster, less dependent on whims of th eCartel chain? There are a couple of PoS schemes which look promising. If they prove robust enough over time is there a chance that we will move?

cityglut

full member

Activity: 216

Merit: 100

Quote from: Chang Hum on July 25, 2014, 06:11:05 AM

Quote from: cityglut on July 25, 2014, 05:33:55 AM

Quote from: Chang Hum on July 25, 2014, 05:31:33 AM

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

The way PhantomPhreak dealt with porcupine's criticisms was inappropriate. However, I do recommend that you read further about the issue and try to understand where the disagreements lie.

I did try before posting, however Porqupine's post history and linking off the reddit thread only link to one interaction between the two.

"There is no security vulnerability. There is a bug in the current CFD implementation (open for discussion as GitHub Issue #191), which we are working on fixing now. User porcupine does not understand how the protocol works, and he is spamming and trolling, that's all. Please just ignore him."

As in Porqupine's post history he lays down logical and mathematical reasoning to why he believes theirs fault with the CFD implementation, I'm confused why that isn't tackled on head on to explain why he's mistaken.

If I'm missing something please can you link me to where I can read further about the issue and try to understand where the disagreements lie.

The bug *is* acknowledged by PhantomPhreak; it's a disagreement in terminology: PhantomPhreak's point is that it is not a "security vulnerability" in the sense that the multi-sig bug in February was.

Beyond that, there is disagreement as to how it can be fixed. Please see: https://github.com/CounterpartyXCP/counterpartyd/pull/190 and https://github.com/CounterpartyXCP/counterpartyd/issues/191.

Chang Hum

hero member

Activity: 714

Merit: 502

Quote from: cityglut on July 25, 2014, 05:33:55 AM

Quote from: Chang Hum on July 25, 2014, 05:31:33 AM

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

The way PhantomPhreak dealt with porcupine's criticisms was inappropriate. However, I do recommend that you read further about the issue and try to understand where the disagreements lie.

I did try before posting, however Porqupine's post history and linking off the reddit thread only link to one interaction between the two.

"There is no security vulnerability. There is a bug in the current CFD implementation (open for discussion as GitHub Issue #191), which we are working on fixing now. User porcupine does not understand how the protocol works, and he is spamming and trolling, that's all. Please just ignore him."

As in Porqupine's post history he lays down logical and mathematical reasoning to why he believes theirs fault with the CFD implementation, I'm confused why that isn't tackled on head on to explain why he's mistaken.

If I'm missing something please can you link me to where I can read further about the issue and try to understand where the disagreements lie.

cityglut

full member

Activity: 216

Merit: 100

Quote from: Chang Hum on July 25, 2014, 05:31:33 AM

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

The way PhantomPhreak dealt with porcupine's criticisms was inappropriate. However, I do recommend that you read further about the issue and try to understand where the disagreements lie.

Chang Hum

hero member

Activity: 714

Merit: 502

Quote from: cityglut on July 25, 2014, 05:26:15 AM

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Wow unless I'm missing something isn't it extremely arrogant of the XCP team to dismiss an intelligent senior member of Bitcointalk like this, He's clearly invested a lot of time and thought into this project and you seem to be deleting all his posts and branding him a troll.

cityglut

full member

Activity: 216

Merit: 100

Quote from: Chang Hum on July 25, 2014, 05:21:19 AM

Isn't Porqupine the person behind XCPfeeds.info?

Yes.

Chang Hum

hero member

Activity: 714

Merit: 502

Isn't Porqupine the person behind XCPfeeds.info?

cityglut

full member

Activity: 216

Merit: 100

Quote from: tobeaj2mer01 on July 25, 2014, 03:52:25 AM

@DEV, a guy named porqupine found a vulnerability, it can be used to attack XCP and cause our money lost, could you fix this issue

https://bitcointalksearch.org/topic/ann-counterparty-protocol-cfd-exploit-cash-out-any-cfds-708879

His post in reddit:
Please don't feed the troll:
Please respond to the fact that I'm well known in this community, that there is working source code, and you've both refused my offer to make a CFD so I could demonstrate the vulnerability, and blocked all my posts from the bitcointalk thread.
Why would I spend months designing a website for CFD's and than try to discredit them? And further if there is no exploit, why wouldn't you make a CFD and prove me wrong, rather than trying to censor me?

http://www.reddit.com/r/counterparty/comments/2bmlg6/ann_counterparty_exploit_public_disclosure/

Please see PhantomPhreak's post directly above yours. The feature is being disabled in order to deal with the bug.

EDIT: to be perfectly clear, the bug is such that by making small CFDs against a large one, you can effectively increase the latter's exposure. This is an implementation issue, and is being fixed.

nutildah

legendary

Activity: 3010

Merit: 8114

I have one small bug to report (on https://cw03.counterwallet.co/#pages/exchange.html).

When I click on the "Top Pair," sometimes the "Your Balance" amount carries over from the last pair.

For instance, say I'm looking at the LTBCOIN/BTC pair and I have 10,000 LTBcoins. Then I click the TATIANACOIN/BTC pair and instead of showing my correct balance of 100 Tataianacoins it says "10,000" in the "Your Balance" field.

It sometimes carries over from asset to asset but is cleared when I click a pair that I don't have any quantity of.

Its a very minor issue but I just thought you guys should know.

tobeaj2mer01

legendary

Activity: 1098

Merit: 1000

Angel investor.

@DEV, a guy named porqupine found a vulnerability, it can be used to attack XCP and cause our money lost, could you fix this issue

https://bitcointalksearch.org/topic/ann-counterparty-protocol-cfd-exploit-cash-out-any-cfds-708879

His post in reddit:
Please don't feed the troll:
Please respond to the fact that I'm well known in this community, that there is working source code, and you've both refused my offer to make a CFD so I could demonstrate the vulnerability, and blocked all my posts from the bitcointalk thread.
Why would I spend months designing a website for CFD's and than try to discredit them? And further if there is no exploit, why wouldn't you make a CFD and prove me wrong, rather than trying to censor me?

http://www.reddit.com/r/counterparty/comments/2bmlg6/ann_counterparty_exploit_public_disclosure/

PhantomPhreak

sr. member

Activity: 476

Merit: 300

Counterparty Chief Scientist and Co-Founder

Cross-post: There'll be a forced upgrade to v9.34.0 with block 312350 (i.e. in about an hour) which will temporarily disable CFDs because of the above-mentioned bug.

xnova

sr. member

Activity: 390

Merit: 254

Counterparty Developer

counterwallet.co will be down for approximately 30 minutes, while we do the 1.4.0 update.

After this we will enable multiserver again and watch things closely. If speed/stability issues come up, we will adjust if necessary.

With multiserver enabled, future updates shouldn't require outages like this.

EDIT: 1.4.0 is live, multiserver enabled. Please report any oddness.

canth

legendary

Activity: 1442

Merit: 1001

Quote from: PhantomPhreak on July 24, 2014, 03:40:04 PM

Quote from: canth on July 24, 2014, 03:30:27 PM

Quote from: ?? on ??

[ANNOUNCEMENT] (Short Version)
Hi everyone, I'm known as Porqupine on Bitcointalk and Porqup1ne on reddit,
I am publicly disclosing a protocol vulnerability since all of my attempts to work with the Counterparty Dev team have failed for over a week. Over the next 24 hours I will cash out all Arbitrary CFD's that are made with code that I have open sourced: https://github.com/porqup1ne/cfd_camper. I am going to use the BTC/USD feed at xcpfeeds.info but to be clear this is a protocol level vulnerability, and I am willing to demonstrate this on any feed. After 24 hours have passed I will reimburse all addresses that have lost funds making CFDs.

Here is the Reddit Link:
http://www.reddit.com/r/counterparty/comments/2bmlg6/ann_counterparty_exploit_public_disclosure/

Xnova, PhantomPhreak? Comment please?

There is no security vulnerability. There is a bug in the current CFD implementation (open for discussion as GitHub Issue #191), which we are working on fixing now. User porcupine does not understand how the protocol works, and he is spamming and trolling, that's all. Please just ignore him.

Thanks for the explanation.

PhantomPhreak

sr. member

Activity: 476

Merit: 300

Counterparty Chief Scientist and Co-Founder

Quote from: canth on July 24, 2014, 03:30:27 PM

Quote from: ?? on ??

[ANNOUNCEMENT] (Short Version)
Hi everyone, I'm known as Porqupine on Bitcointalk and Porqup1ne on reddit,
I am publicly disclosing a protocol vulnerability since all of my attempts to work with the Counterparty Dev team have failed for over a week. Over the next 24 hours I will cash out all Arbitrary CFD's that are made with code that I have open sourced: https://github.com/porqup1ne/cfd_camper. I am going to use the BTC/USD feed at xcpfeeds.info but to be clear this is a protocol level vulnerability, and I am willing to demonstrate this on any feed. After 24 hours have passed I will reimburse all addresses that have lost funds making CFDs.

Here is the Reddit Link:
http://www.reddit.com/r/counterparty/comments/2bmlg6/ann_counterparty_exploit_public_disclosure/

Xnova, PhantomPhreak? Comment please?

There is no security vulnerability. There is a bug in the current CFD implementation (open for discussion as GitHub Issue #191), which we are working on fixing now. User porcupine does not understand how the protocol works, and he is spamming and trolling, that's all. Please just ignore him.

canth

legendary

Activity: 1442

Merit: 1001

Quote from: ?? on ??

[ANNOUNCEMENT] (Short Version)
Hi everyone, I'm known as Porqupine on Bitcointalk and Porqup1ne on reddit,
I am publicly disclosing a protocol vulnerability since all of my attempts to work with the Counterparty Dev team have failed for over a week. Over the next 24 hours I will cash out all Arbitrary CFD's that are made with code that I have open sourced: https://github.com/porqup1ne/cfd_camper. I am going to use the BTC/USD feed at xcpfeeds.info but to be clear this is a protocol level vulnerability, and I am willing to demonstrate this on any feed. After 24 hours have passed I will reimburse all addresses that have lost funds making CFDs.

Here is the Reddit Link:
http://www.reddit.com/r/counterparty/comments/2bmlg6/ann_counterparty_exploit_public_disclosure/

Xnova, PhantomPhreak? Comment please?

Topic: [ANN][XCP] Counterparty - Pioneering Peer-to-Peer Finance - Official Thread - page 226. (Read 1276936 times)