Can someone please explain what happens when two people try to sell at the bid price at the same time? Who gets the fill?
This is fundamental issue with Decentralized Distributed Exchanges.
Topic: [ANN][XCP] Counterparty - Pioneering Peer-to-Peer Finance - Official Thread - page 480. (Read 1276928 times)
February 20, 2014, 12:28:38 AM
February 20, 2014, 12:20:15 AM
Okay, so if I were to roll back the dump, Poloniex would be short about 80 BTC. I have messaged the hacker again, and hopefully he will stick to his word. His actions don't really seem consistent with someone who just wanted to steal BTC--as I said, he left about 35 BTC in his account. Why he decided to make a mess, though, I don't know.
As I don't think he has the XCP to cover the dump, I'm probably going to end up trying to roll back the trades. This might get a little complicated, though, as I didn't see it happen right away and people withdrew XCP after the dump. I'm going to wait until tomorrow (about 12 hours from now) to hear back from him, and then I will most likely start rolling back the trades.
As I don't think he has the XCP to cover the dump, I'm probably going to end up trying to roll back the trades. This might get a little complicated, though, as I didn't see it happen right away and people withdrew XCP after the dump. I'm going to wait until tomorrow (about 12 hours from now) to hear back from him, and then I will most likely start rolling back the trades.
Busoni, Were all of the withdrawals by the hacker in BTC? Or were some of the hacker withdrawals in XCP too?
February 20, 2014, 12:11:33 AM
I am worried how this hack affects the future of XCP... 
I imagine there will be a drop in price ones trades begin functioning again. In the long term, I don't see any problems. Devs are clear that this is alpha level code and problems may arise. Personally, I think we've seen that a) the devs had a fix within hours (very, very impressive), b) we have a good and responsive community, including Busoni and the white hat. So I think there is some positive takeaway here.
nxt had a similar critical bug just a week ago, but without the pumping (also white hat), nothing happened to the development or even short term price
There was a blockchain rollback with NXT a few months ago too, I remember as one of my trades went missing and had to ask the seller to resend at the time. I don't remember it impacting the price. I think most people realize these things can happen, better when it's early on than later.
February 20, 2014, 12:00:19 AM
The Counterparty sub-reddit only has 52 subscribers. Please create a reddit account and subscribe, it takes less than 5 minutes:
http://www.reddit.com/r/counterparty_xcp
http://www.reddit.com/r/counterparty_xcp
February 19, 2014, 11:48:50 PM
Okay, so if I were to roll back the dump, Poloniex would be short about 80 BTC. I have messaged the hacker again, and hopefully he will stick to his word. His actions don't really seem consistent with someone who just wanted to steal BTC--as I said, he left about 35 BTC in his account. Why he decided to make a mess, though, I don't know.
As I don't think he has the XCP to cover the dump, I'm probably going to end up trying to roll back the trades. This might get a little complicated, though, as I didn't see it happen right away and people withdrew XCP after the dump. I'm going to wait until tomorrow (about 12 hours from now) to hear back from him, and then I will most likely start rolling back the trades.
As I don't think he has the XCP to cover the dump, I'm probably going to end up trying to roll back the trades. This might get a little complicated, though, as I didn't see it happen right away and people withdrew XCP after the dump. I'm going to wait until tomorrow (about 12 hours from now) to hear back from him, and then I will most likely start rolling back the trades.
February 19, 2014, 11:48:38 PM
[/quote]
Thx, I think you are doing a good job. What is your mood towards taking on more developers for providing a more stable foundation for the growing project and working on finding bugs like the last one earlier? (I dont blame you guys, just saying 6 eyes see more then 4. Or 8, or 10..)
[/quote]
Could someone please confirm this statement is correct?
February 19, 2014, 11:47:28 PM
The Counterparty team would like to thank the community with being patient as we collectively work through this issue. We really appreciate it.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
Thx, I think you are doing a good job. What is your mood towards taking on more developers for providing a more stable foundation for the growing project and working on finding bugs like the last one earlier? (I dont blame you guys, just saying 6 eyes see more then 4. Or 8, or 10..)
As we don't operate a foundation with millions of dollars in funding, our ability (and desire) to hire and retain a large team is limited, and moreover is against the ethos of the project. As the core team, our mandate (i.e. https://counterparty.co/wiki/counterparty-project-principles) is purposefully restricted, and we intend to stay within that. However, especially as the value of XCP increases we will likely add some dedicated development strength in a way that is controlled and reasonable, while at the same time being very effective. We are currently exploring some possibilities along these lines.
That all being said, ultimately XCP's success will lie in the growth and participation of the social network around it. Counterparty is all about the opportunities that it enables for entrepreneurs, developers, financial professionals, and more. For instance, in the long term, we would love to see additional client implementations (like libbitcoin/sx is vs bitcoind, for instance) and much more diversity, in order to even further increase the security of the network and reduce any remaining potential points of failure, human or otherwise. We would also love to see Counterparty itself become so successful that it essentially takes backstage to the inventions and creations running on it. This project was never about its creators -- the focus has to remain on the creation itself, and the groundbreaking things that it enables for both Bitcoin and finance in general.
February 19, 2014, 11:40:40 PM
Is there really any hard evidence that Mastercoin and NXT are not indeed ahead of us at this point ?
February 19, 2014, 11:27:20 PM
The Counterparty team would like to thank the community with being patient as we collectively work through this issue. We really appreciate it.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
Thx, I think you are doing a good job. What is your mood towards taking on more developers for providing a more stable foundation for the growing project and working on finding bugs like the last one earlier? (I dont blame you guys, just saying 6 eyes see more then 4. Or 8, or 10..)
February 19, 2014, 11:23:10 PM
How do you upgrade counterparty?
Thanks
Thanks
You could uninstall and install the latest binaries created by xnova or update from source
http://counterpartyd-build.readthedocs.org/en/latest/
Due to the present rapid speed of development, it's definitely better at this time to build from source over using the windows installers (as they may lag behind the newest source updates...generally I try to update at every new version number but sometimes it may take a bit of time to get to this).
As Counterparty continues to mature, these version updates will become less frequent, and using the windows binaries (or any binary-based counterpartyd install) will make more sense.
February 19, 2014, 11:17:54 PM
The Counterparty team would like to thank the community with being patient as we collectively work through this issue. We really appreciate it.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
As others have mentioned, these kinds of issues are not unique to XCP. However, that does not lessen the severity of security issues in our eyes. One of our main focuses throughout the protocol and reference client design was, and very much still is, to make things as simple and straightforward as possible for exactly these kinds of reasons (i.e reduced attack vectors, less chance for bugs).
At this point, Counterparty has started to gain the success and market value that has begin to attract many people to it. This is good, but -- like Bitcoin or any other innovative digital currency -- it also increases the stakes of any potential security issues found. Therefore, in short order we will be announcing a generous security bug bounty program which will be driven by donations from all of us in the community. Hopefully this should help bring extra eyes on the code to chase out any flaws, and compensate the talented individuals that do assist on this front.
We remain committed to making the distributed exchange as useful and straightforward as possible. The newest clients include updates to the DEx functionality that should hopefully take care of the troll order issue. Our plan is to see how these changes play out in the market, and do further tweaking as is necessary.
Regarding Poloniex, I know we are all awaiting busoni's assessment of the situation, and we can collectively decide on the best course of action based on that.
Thanks again to everyone for working through XCP's maturation process with us.
February 19, 2014, 11:07:17 PM
How do you upgrade counterparty?
Thanks
Thanks
You could uninstall and install the latest binaries created by xnova or update from source
http://counterpartyd-build.readthedocs.org/en/latest/
February 19, 2014, 11:04:26 PM
Blockscan is back up and it looks like Poloniex balance was restored.
So now it's really up to busoni to figure out what he wants to do. IMO the best policy is to throw out all trades made by the attacker and credit back the buyers' BTC. Those trades wouldn't have happened without the attack so I don't understand people complaining about not getting to keep the XCP they bought for 0.002.
That's assuming busoni wants to continue to serve as punching bag for any future XCP exploits though. Completely understandable if he does not. If we no longer have a centralized exchange it would really shift focus to fixing the DEX. This thread was full of good discussion about that until it got derailed by price speculation.
So now it's really up to busoni to figure out what he wants to do. IMO the best policy is to throw out all trades made by the attacker and credit back the buyers' BTC. Those trades wouldn't have happened without the attack so I don't understand people complaining about not getting to keep the XCP they bought for 0.002.
That's assuming busoni wants to continue to serve as punching bag for any future XCP exploits though. Completely understandable if he does not. If we no longer have a centralized exchange it would really shift focus to fixing the DEX. This thread was full of good discussion about that until it got derailed by price speculation.
This creates a bit of a mess for busoni to clean up. No matter which way we approach this, someone is going to be unhappy. Original Depositors of XCP are safe because it is not their trades that got executed and the reparse has restored their balances in the central wallet. The best way forward is for 0.002 transactions to be rolled back and hacker return bitcoins because the deposit of 35k XCP has an invalided input.
I don't understand how the hacker is considered benevolent. A white hat would have exposed the vulnerability without causing such a mess to clean up. Even if he withdrew 35k to prove a point, depositing it back and dumping it does not show good intentions IMO To me it seems like he knew a patch release will invalidate his XCP holdings and therefore he made away with as many bitcoins as he could take and until he returns them back to busoni my opinion will not change.
The discussion regarding XBTC/BTC/DAC/Escrow was evolving nicely until this came along, maybe we should pursue that discussion in a separate thread in the counterparty forums.
February 19, 2014, 11:01:02 PM
May I ask whether my understanding of this issue is correct?
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
Was it mentioned if the hacker/white hat was going to return the BTC that they withdrew?
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
He said he would, but I haven't heard from him since he explained the vulnerability. My guess is he is waiting on the block chain rebuild to see where he stands with XCP.
If all the XCP gets returned to the Poloniex account, then the dump will stand, and he can keep the BTC. If not... then let's hope he returns it, and I'm going to have to roll back some trades.
Some sort of resolution to make the most parties happy still has to occur on poloniex before trading can be opened up. The most agreeable resolution would be for the hacker to return the BTCs, all trades after block 286712 to be cancelled, and the BTC refunded as appropriate. I don't know about the XCPs withdrawn from purchasing at the dump.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
So now the exchange is out of ~30 BTC? If the white hat/hacker doesnt return the loot it is up to them to cover the loss or push it onto their customers, if they want to continue to make business with Counterparty users and crypto in general I would strongly advise them to cover it.
The Buyers of todays cheap XCP are of course happy because their cheap Bids were filled.
The Sellers, which also include a random amount of buyers it seems, incase the attacker took from Poloniex' XCP wallet indescrimately of whether the coins belonged to buyers or sellers, are not so happy because their XCP were sold against their express consent. On the other hand, with the recent upheavel and concern surrounding the attack, the protocol and the devs decision to roll back everybodies balance like that, the price will most likely take a plunge before things return to normal. So the sellers may proof very lucky that they got a comparatively good price before we go back down.
Hey Spekulatius, out of curiosity, where did you see the 30 BTC figure?
After re reading some pages back it seems more like he made off with around 70 BTC and left 35 BTC in his account.
What up with the massive dump ?
But still i dont understand where that 35k coins come first to Polo..?
Those 35K coins, were the XCP deposits in Poloniex central account. The white hat hacker, withdrew these coins from the central address and deposited it back to Poloniex and sold then on the exchange for a low price.
The order depth in Poloniex was around 100 BTC. So, the hacker took these BTC, but left some of them in the exchange.
I messaged PhantomPhreak, but if any XCP developers are online right now, please message me right away.
The attacked left 35BTC in his account. He has been very cooperative so far and has asked for an address to return the BTC he took. I'll keep you all updated.
The attacked left 35BTC in his account. He has been very cooperative so far and has asked for an address to return the BTC he took. I'll keep you all updated.
emphasises by me.
February 19, 2014, 10:43:59 PM
May I ask whether my understanding of this issue is correct?
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
Was it mentioned if the hacker/white hat was going to return the BTC that they withdrew?
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
He said he would, but I haven't heard from him since he explained the vulnerability. My guess is he is waiting on the block chain rebuild to see where he stands with XCP.
If all the XCP gets returned to the Poloniex account, then the dump will stand, and he can keep the BTC. If not... then let's hope he returns it, and I'm going to have to roll back some trades.
Some sort of resolution to make the most parties happy still has to occur on poloniex before trading can be opened up. The most agreeable resolution would be for the hacker to return the BTCs, all trades after block 286712 to be cancelled, and the BTC refunded as appropriate. I don't know about the XCPs withdrawn from purchasing at the dump.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
So now the exchange is out of ~30 BTC? If the white hat/hacker doesnt return the loot it is up to them to cover the loss or push it onto their customers, if they want to continue to make business with Counterparty users and crypto in general I would strongly advise them to cover it.
The Buyers of todays cheap XCP are of course happy because their cheap Bids were filled.
The Sellers, which also include a random amount of buyers it seems, incase the attacker took from Poloniex' XCP wallet indescrimately of whether the coins belonged to buyers or sellers, are not so happy because their XCP were sold against their express consent. On the other hand, with the recent upheavel and concern surrounding the attack, the protocol and the devs decision to roll back everybodies balance like that, the price will most likely take a plunge before things return to normal. So the sellers may proof very lucky that they got a comparatively good price before we go back down.
Hey Spekulatius, out of curiosity, where did you see the 30 BTC figure?
February 19, 2014, 10:17:20 PM
How do you upgrade counterparty?
Thanks
Thanks
February 19, 2014, 10:08:36 PM
May I ask whether my understanding of this issue is correct?
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
The white hat exploited the XCP bug and get 35K XCP from the exchange and then deposit it back and sell all them to the wall and withdrew part of the BTC he got. Now the bug was fixed and the 35K XCP was rolled back.
If my understanding is correct, then every XCP bought during the dump belongs to the 35K invalid XCP from the white hat. Therefore, after client updates, those XCP will disappear. Then how come people are still asking whether the dump stands or not? The XCP has been rolled back, so the BTC balance has to be rolled back too.
EDIT After a second thought, I realized that the dump just happens in the exchange's trade book and nothing happened on the block chain. Therefore, whether they are legit or not all depends on the exchange.
Was it mentioned if the hacker/white hat was going to return the BTC that they withdrew?
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
If they don't return that BTC, Poloniex would be out of pocket in a huge way.
I hope we can pull together an adequate bounty for the white hat such that they will return all BTC.
He said he would, but I haven't heard from him since he explained the vulnerability. My guess is he is waiting on the block chain rebuild to see where he stands with XCP.
If all the XCP gets returned to the Poloniex account, then the dump will stand, and he can keep the BTC. If not... then let's hope he returns it, and I'm going to have to roll back some trades.
Some sort of resolution to make the most parties happy still has to occur on poloniex before trading can be opened up. The most agreeable resolution would be for the hacker to return the BTCs, all trades after block 286712 to be cancelled, and the BTC refunded as appropriate. I don't know about the XCPs withdrawn from purchasing at the dump.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
Again I should emphasize that such incidents are hardly unique to any coin. Bitcoin had similarily serious issues at a far more mature stage, and Nxt just has a critical issue last week despite a much larger market cap.
So now the exchange is out of ~30 BTC? If the white hat/hacker doesnt return the loot it is up to them to cover the loss or push it onto their customers, if they want to continue to make business with Counterparty users and crypto in general I would strongly advise them to cover it.
The Buyers of todays cheap XCP are of course happy because their cheap Bids were filled.
The Sellers, which also include a random amount of buyers it seems, incase the attacker took from Poloniex' XCP wallet indescrimately of whether the coins belonged to buyers or sellers, are not so happy because their XCP were sold against their express consent. On the other hand, with the recent upheavel and concern surrounding the attack, the protocol and the devs decision to roll back everybodies balance like that, the price will most likely take a plunge before things return to normal. So the sellers may proof very lucky that they got a comparatively good price before we go back down.
February 19, 2014, 09:34:00 PM
Is there any estimation of when the trade can be resumed at poloniex?
Also currently I cannot cancel my open orders, can this be fixed before the trade is resumed?
Also currently I cannot cancel my open orders, can this be fixed before the trade is resumed?
February 19, 2014, 09:22:45 PM
as we know , be a Decentralized crypto coins,so proud with your Decentralized Asset Exchange etc,the roll back will do definitely attack everyone's confidence. it should just be taken seriously with doing that.
It's a serious bug and without fixing it, every XCP sent by others can be spent by everyone who knows this bug. Therefore, this bug has to be fixed and previous invalid XCP transactions have to be rolled back.
but how the process to be doing, or what the time before should be rolled back.
or If that happens, won't i that bought at 0.002 lose because my lose my bitcoins and my xcp?
February 19, 2014, 09:08:05 PM
1) trolls could attack XBTC/BTC like they did to XCP/BTC.
2) x BTC needs to be put in a public address for x XBTC to circulate in counterparty.
2) x BTC needs to be put in a public address for x XBTC to circulate in counterparty.
1) They wouldn't be able to attack XBTC because
a) BTC cannot be held in escrow
b) XBTC can be held in escrow
This means that:
i) Someone cannot make an order without adequate XBTC
ii) Counterparty will hold in escrow XBTC so they cannot revoke their side of the order
2) As discussed XBTC would remain as an artificially constrained asset. This has the effect of tending to return back to market value.
You could think of XBTC <--> BTC as a gateway service.
Yes you can buy XBTC on the DEX and that will be prone to btcpay.
The proposal was to have an external service such as an exchange or DAC to purchase XBTC for BTC and vice versa.
Jump to: