Haven't read all the posts so it may be mentioned before. Current PoS implementations use some sort of wallet weight as a way to handle competitions for blocks. Wallet weight is basically the amount of coins in the wallet. So if I have a big wallet with very small coin blocks (i.e. I transfer the coins in thousands of small transactions), I have the chance of staking a lot of new blocks continuously with the full weight of my wallet each time. That's the problem.
I think the way to fix this is to change the wallet weight to the amount of the coins in the current block that's being split to stake, rather than the full weight of all coins in the wallet. That would mean that you need a lot of coins AND big coin blocks in the wallet to perform a potential blockchain rewrite attack.
Topic: Cleanup: I'll attack some coins - I owned APEXcoin for 90 blocks - page 9. (Read 17227 times)
January 18, 2015, 12:58:49 AM
January 18, 2015, 12:58:46 AM
Let's create a Hackcoin.
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
I disagree. Hackcoin is what you get on a testnet. Go after real coins. That's where you have the most to learn. There is more to learn here than whether the OP can achieve a double spend. There is also information in the responses from the devs and the code they produce to compensate. Also, what are the responses from the exchanges, etc. There are many questions that can only be addressed by attacking the live system. It's still early in crypto. It's better to do this now while it can be done. When regulators step in to protect the system, it will be too late to learn this much.
January 18, 2015, 12:58:33 AM
Your first paragraph was my original response. But I read past the first 3 sentences and realized that this is a valid cause. The bad coins should be attacked. This is noble work. It's not done out of malice or a general hatred, but to cull the herd or at least toughen the coins that remain standing after the attacks.
Hopefully the OP will share his findings and we will learn more about PoS crypto. I'm very interested in the results.
Perhaps you read something that I missed then. In his OP he states his reasoning is because of the "quantity" of coins, not the "quality." Personally I see no reason to attack coins, especially ones that meet his own agenda and not the consensus of the entire crypto community. History has shown that most all shit coins will die natural deaths anyway. Let the herd cull itself instead of having some wannabe savior of the crypto world launch attacks on whatever coins he chooses.
If these were fud attacks or something irrelevant to the quality of the code itself, I'd agree with you. But you may miss the point of what the OP intends to do. All coins should be attacked and the weak ones should die. I'd prefer they die because of an exploit (given they have one) than because of neglect by devs or community.
Let's cheer this guy on and hope he delivers some data.
OP doesn't need cheer he needs BTC. It takes money to own a coin
January 18, 2015, 12:52:18 AM
Your first paragraph was my original response. But I read past the first 3 sentences and realized that this is a valid cause. The bad coins should be attacked. This is noble work. It's not done out of malice or a general hatred, but to cull the herd or at least toughen the coins that remain standing after the attacks.
Hopefully the OP will share his findings and we will learn more about PoS crypto. I'm very interested in the results.
Perhaps you read something that I missed then. In his OP he states his reasoning is because of the "quantity" of coins, not the "quality." Personally I see no reason to attack coins, especially ones that meet his own agenda and not the consensus of the entire crypto community. History has shown that most all shit coins will die natural deaths anyway. Let the herd cull itself instead of having some wannabe savior of the crypto world launch attacks on whatever coins he chooses.
If these were fud attacks or something irrelevant to the quality of the code itself, I'd agree with you. But you may miss the point of what the OP intends to do. All coins should be attacked and the weak ones should die. I'd prefer they die because of an exploit (given they have one) than because of neglect by devs or community.
Let's cheer this guy on and hope he delivers some data.
January 18, 2015, 12:13:37 AM
wow! lots of attention recently...
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
If an exchange waits for 6 confirmations, you would only need to split it in 6 (maybe 7, not 400 like I did).
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
Oh that's interesting, so then let's say for instance you have...
2 minute block time
minimum stake age at 7 days
maximum at 28 days
19 billion float
8% a year halving down to 4% every 64X difficulty (8%, 6%, 5%, 4.5% etc)
20 coin fee per kb (roughly 6-7 combines)
Fees generate 10% more Coins through retrieval of Stake (someone spends 20 Coins in Fees, you Stake the Block for 22 Coins)
4000 max Stake subsidy per block (plus fees on top)
Split/combine threshold at 200,000 coins at 10 days
Maximum actual inflation per year would be limited to about 5-8% per year
By the way you describe your attack, the result would cause financial detriment to you since you would be paying tens of thousands in fees but Stakers would also get all those Coins plus 10% more!. Plus with the max subsidy capped, it encourages smaller blocks for higher rewards. I can give you a little bit of private Coins you could test with if you want.
January 17, 2015, 11:41:48 PM
wow! lots of attention recently...
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
please write something about NXT. ( the POS is completely different from PPC or Mintcoin style coins) If an exchange waits for 6 confirmations, you would only need to split it in 6 (maybe 7, not 400 like I did).
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
January 17, 2015, 11:38:58 PM
wow! lots of attention recently...
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
If an exchange waits for 6 confirmations, you would only need to split it in 6 (maybe 7, not 400 like I did).
I don't know why I wrote this... I lost focus... actually you need to split the stake as much as you can.
That's the key to the thing: if you split your staking then your staking weight remains the same. But splitting gives you the advantage that on each block you find your staking weight is only marginally affected. If you split in 6 and you hit a block, you are left with 5/6 of your original weight. If you split in hundreds then each block you mint doesn't affect your weight because the age destroyed is minimal. This is why I could do 90 blocks with no extra effort.
I'll try to write a paper about the countermeasures to defend against this kind of things... but it's not directly related to coin age: coin age only makes it cheaper to attack, so coins like blackcoin or nxt can still be attacked with less than 10% of the supply.
And I'll do nxt next (testnet or a clone) but it'll take some time because it's a very different thing I need to get used to.
And a warning: most POW coins are not safe! it's easy to cheaply rent enough hashrate to attack a lot of coins with low to medium hashrate. Only the biggest ones are good.
January 17, 2015, 10:23:06 PM
Yup, from my point of view, if cynicSOB (or any other sod) can successfully attack Nxt.....I want to know everything about it.
He did choose a relatively dead coin for this run, so far I've seen almost zero activity from the Apexcoin 'community' since this happened, and cynicSOB did say that he'd restore any misplaced funds, if needed.
I 'm going to repeat my invitation to cynic (and anyone else who wants to have a go):
Come and have a go on the NXT Testnet, and see if you can do some damage...
https://nxtforum.org/index.php
He did choose a relatively dead coin for this run, so far I've seen almost zero activity from the Apexcoin 'community' since this happened, and cynicSOB did say that he'd restore any misplaced funds, if needed.
I 'm going to repeat my invitation to cynic (and anyone else who wants to have a go):
Come and have a go on the NXT Testnet, and see if you can do some damage...
https://nxtforum.org/index.php
How much would the award be for attacking the testnet?
Good question.
You get nothing for a try......got to be a successful attack, preferably with enough documentation to reproduce it and find a fix.
If someone is serious about having a go....head on over to the NXT forum (or PM me, but I'm both busy and lazy
), start a introduction thread and take it from there.The NXT community will be happy to help with the set-up for an attack on TestNet, and we can discuss bounties clearly before anyone starts putting serious time and effort into this.
From what I remember (and NXT hasn't had any good serious bugs for a long time, and no successful attacks), we paid out sums from 20,000 to 200,000 NXT for finding vulnerabilities, but as i say, we can negotiate.
The dev team will be the final judges in all of this, btw, not a lowly shill such as myself.
January 17, 2015, 09:29:54 PM
Other stuff than security?
Seems you are not behind your coin. Features are not necessary.
Safe your coin, then you'll have time for the toys.
Your post looks to me like advertising.
Cheers,
Ray
PS: Your sig... Paycoin. It says all.
Seems you are not behind your coin. Features are not necessary.
Safe your coin, then you'll have time for the toys.
Your post looks to me like advertising.
Cheers,
Ray
PS: Your sig... Paycoin. It says all.
I can't show off a project I built myself? And it's PayCon, not PayCoin. I launched mine on Christmas eve and worked on it through the holidays before PayCon launched but the code is very similar so I want to do work on both because I'm interested in this stuff and got some PayCon for cheap.
January 17, 2015, 09:09:00 PM
Yup, from my point of view, if cynicSOB (or any other sod) can successfully attack Nxt.....I want to know everything about it.
He did choose a relatively dead coin for this run, so far I've seen almost zero activity from the Apexcoin 'community' since this happened, and cynicSOB did say that he'd restore any misplaced funds, if needed.
I 'm going to repeat my invitation to cynic (and anyone else who wants to have a go):
Come and have a go on the NXT Testnet, and see if you can do some damage...
https://nxtforum.org/index.php
He did choose a relatively dead coin for this run, so far I've seen almost zero activity from the Apexcoin 'community' since this happened, and cynicSOB did say that he'd restore any misplaced funds, if needed.
I 'm going to repeat my invitation to cynic (and anyone else who wants to have a go):
Come and have a go on the NXT Testnet, and see if you can do some damage...
https://nxtforum.org/index.php
How much would the award be for attacking the testnet?
January 17, 2015, 07:44:35 PM
I think it would be usefull if he works with developers to show the weakness in coins and try to find a solution for that.
To play "god" and decide to kill a coin has no use at all, unless you know that some developer is a known scammer and want to stop him from scamming people.
To play "god" and decide to kill a coin has no use at all, unless you know that some developer is a known scammer and want to stop him from scamming people.
No it does have a purpose. How would you like to have what you think is a decent coin and it gets attacked and crushed overnight while you are sleeping.. If the op gives warning and then attacks and really hurts what was thought to be a good coin he did you a favor.
A) Told all coin holders in advance
B) proved the coins weakness
I would say it is a service if he can expose a flaw in a coin.
Yup, from my point of view, if cynicSOB (or any other sod) can successfully attack Nxt.....I want to know everything about it.
He did choose a relatively dead coin for this run, so far I've seen almost zero activity from the Apexcoin 'community' since this happened, and cynicSOB did say that he'd restore any misplaced funds, if needed.
I 'm going to repeat my invitation to cynic (and anyone else who wants to have a go):
Come and have a go on the NXT Testnet, and see if you can do some damage...
https://nxtforum.org/index.php
January 17, 2015, 07:05:07 PM
I think it would be usefull if he works with developers to show the weakness in coins and try to find a solution for that.
To play "god" and decide to kill a coin has no use at all, unless you know that some developer is a known scammer and want to stop him from scamming people.
To play "god" and decide to kill a coin has no use at all, unless you know that some developer is a known scammer and want to stop him from scamming people.
No it does have a purpose. How would you like to have what you think is a decent coin and it gets attacked and crushed overnight while you are sleeping.. If the op gives warning and then attacks and really hurts what was thought to be a good coin he did you a favor.
A) Told all coin holders in advance
B) proved the coins weakness
I would say it is a service if he can expose a flaw in a coin.
January 17, 2015, 07:04:08 PM
so something like mintcoin 20/40 min/max stake age would be better protection than the coins with super low min stake age and no max age?
edit: how does getting multiple pos blocks in a row enable someone to double spend? I'm not that tech minded and trying to understand
edit: how does getting multiple pos blocks in a row enable someone to double spend? I'm not that tech minded and trying to understand
January 17, 2015, 06:55:11 PM
Other stuff than security?
Seems you are not behind your coin. Features are not necessary.
Safe your coin, then you'll have time for the toys.
Your post looks to me like advertising.
Cheers,
Ray
PS: Your sig... Paycoin. It says all.
Seems you are not behind your coin. Features are not necessary.
Safe your coin, then you'll have time for the toys.
Your post looks to me like advertising.
Cheers,
Ray
PS: Your sig... Paycoin. It says all.
January 17, 2015, 06:50:29 PM
Let's create a Hackcoin.
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
I already have a POS only Coin running on a live network but not sure if I want to do this.
Explain? Why not?
I have other stuff I am working on the protocol level and have limited amounts of time to work on it. I need to bugtest the IRC and adding in StakeforCharity and use of multiple wallets so if we break it then I have to go back and work on that as well.
Also, the specs are
2 minute block time
7/28 day min/max age
8% a year halving down to 4% every 64X difficulty
20 coin fee
Fees included in POS blocks and rewards a bonus 10% more fees received in the block
max amount from Stake is 4000 coins (plus fees on top)
January 17, 2015, 06:40:48 PM
Let's create a Hackcoin.
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
I already have a POS only Coin running on a live network but not sure if I want to do this.
I have local connection problems need resolving but network running smoothly.
Explain? Why not? Do ya think you're the next?
January 17, 2015, 06:22:14 PM
Let's create a Hackcoin.
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
Everyone who is interested in POS security can download the wallet.
Everyone who is interested in hacking can play around with it.
The results could be useful for every honest coin.
We should never forget one thing: We are fighting against the system (banks and governments) - we are not fighting against decentralized digital currencies, am I right?
Some of us believe in what we are doing. The destruction of a random coin isn't the solution.
Cheers,
Ray
I already have a POS only Coin running on a live network but not sure if I want to do this since it may mean it will break the Coin.
I have local connection problems need resolving but network running smoothly.
January 17, 2015, 06:07:42 PM
cynicSOB , will you be attacking the Nxt testnet?
January 17, 2015, 06:05:39 PM
cynicSOB, what would be the required countermeasure for a staking coin? decrease the maximum coin age?
January 17, 2015, 06:03:17 PM
Perhaps you read something that I missed then. In his OP he states his reasoning is because of the "quantity" of coins, not the "quality." Personally I see no reason to attack coins, especially ones that meet his own agenda and not the consensus of the entire crypto community. History has shown that most all shit coins will die natural deaths anyway. Let the herd cull itself instead of having some wannabe savior of the crypto world launch attacks on whatever coins he chooses.
The whole point of crypto-coins is that they are safe from doublespend. If someone shows that they aren't, then he is doing a service to the cryptocurrency industry.
Crypto is still in early days. We are building bridges, and it's better for someone to stress test the bridges before they are declared safe for the general population. If these bridges are unsafe, I want to know now (even if I lose some money).
You'll notice that many who are invested in PoS coins want attacks to be attempted. Better it happen out in the open now rather than in secret in the future.
Also, his attacks don't seem to be destroying coins, just showing they aren't safe. No reason coins couldn't shore up their defenses after the attack, and come back stronger.
^^This, I was to lazy to type it earlier.
Jump to: