[BOUNTY] Approx $20kUSD - 623,000 Syscoin -Hack the Syscoin Bridge to ETH [OPEN]

blurryeyed

full member

Activity: 670

Merit: 120

TIME TO BAN THE YOBIT SCAM!!

Why would anyone bother wasting their time hacking a worthless masternode shitcoin that is being constantly dumped by devs/masternode owners to pay off their debts/losses?

If anyone did bother with this pointless/worthless exercise, danosphere would simply delete/censor the result anyway like he does every post on the official SYS thread. Take a look at the unofficial thread & find out why this masternode shitcoin is in so much trouble:

https://bitcointalksearch.org/topic/sys-syscoin-unofficial-due-to-censorship-secrecy-on-official-thread-4748031

ozBigPoppa

newbie

Activity: 7

Merit: 0

Updated OP with donation wallet. Waiting on one more donation of 10,000 Syscoin to come through.

Wallet Address:
3PvF2pmAJ3B1jtYUyuYwLbwL5cJWfPUqDE

beardedmage

newbie

Activity: 3

Merit: 0

Nice pile of 💰

qwe111

newbie

Activity: 80

Merit: 0

PROOF OF AUTHENTICATING POST
Bitcointalk username : qwe111
Campaigns : facebook

ozBigPoppa

newbie

Activity: 7

Merit: 0

Another 100k Syscoin has been put up by Sidhujag and community member Coffeeshopguru has donated 10k.

Now bringing the total to 623,000 Syscoin.

danosphere

legendary

Activity: 1036

Merit: 1001

Syscoin- Changing the way people do business.

Bump for more hackers!

johnp

hero member

Activity: 575

Merit: 500

Hmm Currently up around the $17K mark, not bad.

ozBigPoppa

newbie

Activity: 7

Merit: 0

Quote from: hadarian on July 18, 2019, 10:26:35 PM

Interesting. I can see SYS project has been around for a couple of years, it has had its good and bad days but it seems it is quite legit. Thx ozBigPoppa and @danosphere

edit
60k TPS?? WTF? It has to be a one of the fastest blockchains then

We are surely up there at the very least. All verified by a Third-Party WhiteBlock. You can read the TPS reports here - WhiteBlock TPS Results

hadarian

newbie

Activity: 29

Merit: 0

Interesting. I can see SYS project has been around for a couple of years, it has had its good and bad days but it seems it is quite legit. Thx ozBigPoppa and @danosphere

edit
60k TPS?? WTF? It has to be a one of the fastest blockchains then

CryptoJohn

legendary

Activity: 1680

Merit: 1003

Well, That's Crypto :-\

Quote from: danosphere on July 18, 2019, 09:53:57 PM

Quote from: hadarian on July 18, 2019, 08:03:18 PM

ETH bridge?
And what does it mean? Atomic swaps or something?

Unrelated to atomic swaps. In a nutshell you burn Syscoins on the SYS blockchain and then use the the resulting proofs from that to mint SYSX ERC20 on the ETH chains through a series of contracts that validate the proof using SPV.

A few terms to be aware of:
Superblock chain (contract) - A two way sidechain between SYS and ETH. 'Agents' collect 60 minutes worth of block headers from the Syscoin chain and post them to a superblock contract on the Ethereum chain. Data from the superblock contract is used to validate proof-of-burn from the Syscoin chain using SPV proofs.
Agents - Nodes that are bonded by 3 ETH and are responsible for submitting SYS block headers to the superblock contract on ETH. These nodes are also responsible for challenging other's who are submitting block headers that do not match their own. This mismatch initializes a challenge/response game between the two. The loser loses their ETH. Agents also earn SYS ERC20 (SYSX) for submitting superblocks. They earn fees for all assets moving across the bridge.
Syscoin Relayer - A process that runs adjacent to syscoind and relays blocks from a local geth client to syscoin. This data is used to validate proof-of-burn from the Ethereum chain coming back to Syscoin using SPV.

There are probably multiple points of attack but i think the biggest opportunities, if any, would be in:
- Submitting bad data to the superblock contract and it not being challenged/declined by other agents
- The challenge response game in itself; DDoS of other agents, or other vectors in there.
- The Syscoin relayer, tricking it somehow maybe?

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents

Happy hacking

Quote from: ozBigPoppa on July 18, 2019, 09:56:17 PM

Quote from: hadarian on July 18, 2019, 08:03:18 PM

ETH bridge?
And what does it mean? Atomic swaps or something?

Hey hadarian,

Thanks for the questions.

You can checkout more information of the bridge here

But basically the bridge is a connection between Syscoin Assets and Ethereum ERC-20 tokens performed via a minting/burning process crosschecked by agents and validators, making it a trustless swap without any third-parties or P2P like atomic swaps. This enables ERC-20 tokens to come over to Syscoin and use it's protocol, and allows Syscoin Assets to move to ETH ERC-20 tokens to use it's protocol.

In a minting/burning fashion, the total supply will never increase/decrease, merely move between both chains.
For eg.
You have ERC20 token called CATS with 100k supply and you want to move over to Syscoin to use it's assets and Z-DAG(Zero Confirmation Transactions). You burn 50k(any amount) ERC20 + a fee, and move across to a Syscoin Asset called CATS. You will now have a 50k Supply on ERC-20 and a 50k supply on Syscoin side totalling the 100k. Then the same goes for moving back to ETH chain. You burn the 50k from SYS assets and move to the ETH ERC-20 side where CATS ERC20 is then minted again, bringing the ERC-20 supply back to 100k and Sys asset supply of CATS to 0.

Sounds pretty amazing!!!

ozBigPoppa

newbie

Activity: 7

Merit: 0

Quote from: hadarian on July 18, 2019, 08:03:18 PM

ETH bridge?
And what does it mean? Atomic swaps or something?

Hey hadarian,

Thanks for the questions.

You can checkout more information of the bridge here

But basically the bridge is a connection between Syscoin Assets and Ethereum ERC-20 tokens performed via a minting/burning process crosschecked by agents and validators, making it a trustless swap without any third-parties or P2P like atomic swaps. This enables ERC-20 tokens to come over to Syscoin and use it's protocol, and allows Syscoin Assets to move to ETH ERC-20 tokens to use it's protocol.

In a minting/burning fashion, the total supply will never increase/decrease, merely move between both chains.
For eg.
You have ERC20 token called CATS with 100k supply and you want to move over to Syscoin to use it's assets and Z-DAG(Zero Confirmation Transactions). You burn 50k(any amount) ERC20 + a fee, and move across to a Syscoin Asset called CATS. You will now have a 50k Supply on ERC-20 and a 50k supply on Syscoin side totalling the 100k. Then the same goes for moving back to ETH chain. You burn the 50k from SYS assets and move to the ETH ERC-20 side where CATS ERC20 is then minted again, bringing the ERC-20 supply back to 100k and Sys asset supply of CATS to 0.

danosphere

legendary

Activity: 1036

Merit: 1001

Syscoin- Changing the way people do business.

Quote from: hadarian on July 18, 2019, 08:03:18 PM

ETH bridge?
And what does it mean? Atomic swaps or something?

Unrelated to atomic swaps. In a nutshell you burn Syscoins on the SYS blockchain and then use the the resulting proofs from that to mint SYSX ERC20 on the ETH chains through a series of contracts that validate the proof using SPV.

A few terms to be aware of:
Superblock chain (contract) - A two way sidechain between SYS and ETH. 'Agents' collect 60 minutes worth of block headers from the Syscoin chain and post them to a superblock contract on the Ethereum chain. Data from the superblock contract is used to validate proof-of-burn from the Syscoin chain using SPV proofs.
Agents - Nodes that are bonded by 3 ETH and are responsible for submitting SYS block headers to the superblock contract on ETH. These nodes are also responsible for challenging other's who are submitting block headers that do not match their own. This mismatch initializes a challenge/response game between the two. The loser loses their ETH. Agents also earn SYS ERC20 (SYSX) for submitting superblocks. They earn fees for all assets moving across the bridge.
Syscoin Relayer - A process that runs adjacent to syscoind and relays blocks from a local geth client to syscoin. This data is used to validate proof-of-burn from the Ethereum chain coming back to Syscoin using SPV.

There are probably multiple points of attack but i think the biggest opportunities, if any, would be in:
- Submitting bad data to the superblock contract and it not being challenged/declined by other agents
- The challenge response game in itself; DDoS of other agents, or other vectors in there.
- The Syscoin relayer, tricking it somehow maybe?

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents

Happy hacking

hadarian

newbie

Activity: 29

Merit: 0

ETH bridge?
And what does it mean? Atomic swaps or something?

ozBigPoppa

newbie

Activity: 7

Merit: 0

Newest contributions. Thank you again to the community to getting behind this bounty!

Contributions
Danosphere - 100k
Zippyjetman - 5k
Babiko - 5k
Marys - 1k
Schlackyt - 2k
Johnp - 100k tbc/multisig wallet

tribrzinec

newbie

Activity: 11

Merit: 0

Reward is keep increasing. I am also adding few thousands of SYS to reward.

Is there anyone who capable to hack SYS - ETH 2WP bridge without counterparty?

Is that solution for Ethereum scalability unhackable? Hmm ... Tongue

danosphere

legendary

Activity: 1036

Merit: 1001

Syscoin- Changing the way people do business.

I'm throwing another 100k SYS onto this fire. Where are the hackers at?

ozBigPoppa

newbie

Activity: 7

Merit: 0

Background
Syscoin Website
White Papers

SYSCOIN BOUNTY - 623,000

As the community members keep adding to our Bounty, we are setting the following conditions taking into consideration the initial bounty was 200k raised by Sidhujag.

Bounty Reward:
High Severity - 300k
You are able to create/mint/double spend Syscoin or assets
Fork the network

Small - Medium - 50k
Logic errors that may cause issues to the network

If there are multiple submissions then bounty will be split based on severity, lower severity gets less coins and higher severity gets more coins. Minimum of 300k SYS for high severity even if many submissions we will ensure high severity takes at least 300k SYS.

DEADLINE
Aug 10, 2019 10 PM UTC

The Syscoin Team and Community members have come together to offer ~~300,000~~ edit: 623,000 Syscoin to anyone that can break the bridge between Syscoin and Ethereum that is currently functional on Testnet right now. Please try if you are able to use linux and cmd line consoles to build, run and interact with software. It is meant for those who have knack for breaking stuff (you know who you are) + software architects that want to try to make a quick buck or just learn about some cool new tech.

Code
https://github.com/syscoin/syscoin
https://github.com/syscoin/sysethereum-contracts
https://github.com/syscoin/sysethereum-dapp
https://github.com/syscoin/sysethereum-agents

Useful Links
Syscoin Testnet Setup
Syscoin Bridge
Testnet Explorer
SuperBlock Agents Rinkeby Explorer
SYSX Rinkeby Explorer

The rules are simple:
Situation #1: You win if you own tSYS that you shouldn't own with an attack.
Situation #2: You offer a way to fork the Testnet Network.

Conditions
Being a bad miner does not count as Testnet difficulty is low. But all else is fair game.

May the best hacker win!

Contributions
Sidhujag - 200k
Danosphere - 100k
Cryptoloot - 50k
BigPoppa - 45k
Zippyjetman - 5k
Babiko -5k
Nerzee - 4k
Locutus - 1k
Marys - 1k
Schlackyt - 2k
Johnp - 100k tbc/multisig wallet
Further 100k from Sidhujag
Coffeecupguru - 10k

Total:
623,000 Syscoin

Wallet Address:
3PvF2pmAJ3B1jtYUyuYwLbwL5cJWfPUqDE

Topic: [BOUNTY] Approx $20kUSD - 623,000 Syscoin -Hack the Syscoin Bridge to ETH [OPEN] (Read 936 times)