Pages:
Author

Topic: delete - page 7. (Read 113473 times)

sr. member
Activity: 420
Merit: 263
let's make a deal.
March 30, 2014, 06:41:17 PM
ps. and the name of this thread is misleading, it should be, game's afoot!
in a poker game, the losers don't know they're drawing dead until all the cards are shown.  for them, the game is also afoot.

it doesn't mean they're any less dead, though.  
legendary
Activity: 996
Merit: 1013
March 30, 2014, 06:02:33 PM
_noname_
The fork we've just seen is benign and intended, done by the dev team. But they have now installed an algorithm (KGW) that allows someone to build "a private" blockchain that has fake timestamps and manipulated difficulty. Next, attacker will release his own chain into "official" Auroracoin network, where it will cause another fork to happen, this time a fork that Auroracoin users will not like.

That's the theory, but possibly the devs have some aces in their sleeve.

ps. and the name of this thread is misleading, it should be, game's afoot!
newbie
Activity: 11
Merit: 0
March 30, 2014, 05:58:11 PM
A technological AND socio-economical thought experiment  Smiley

After 20 these highly educating pages filled with division, separation, accusation, misunderstanding, and mutual celebration of intellectual high points ... I dare to ask a question to the "two sides" of this fruitful thread:

Could you describe in which aspect "the other side" is right, and could convince you?

Easier: Where do you see common ground now?

sr. member
Activity: 448
Merit: 250
March 30, 2014, 05:45:46 PM
@YarkoL

We are going in circles. Caption of this thread is that Auroracoin is forked. As if, it was done by the attacker. But it was a planned fork (announced since weeks). So that fork isn't caused by the attack. Then instead of accepting the mistake BCX talks about timewarp and everyone is circlejerking, ignoring that

1. His initial claim is false
2. Timewarp as well is only possible at the time of fork
legendary
Activity: 996
Merit: 1013
March 30, 2014, 05:29:28 PM
But don't you think an attack is only possible at the moment of fork

The attacker causes a fork, having built a longer chain in isolation and then broadcasting blocks.
sr. member
Activity: 448
Merit: 250
March 30, 2014, 05:25:23 PM
@Math

Thanks for trying to explain the problem. I quickly read through the links (I will revisit them). But don't you think an attack is only possible at the moment of fork and that too when attacker is extremely lucky. I noticed a huge jump in hashrate after the fork. To me it seems like an attack was attempted but it failed. Your thoughts?
legendary
Activity: 1554
Merit: 1222
brb keeping up with the Kardashians
March 30, 2014, 04:30:20 PM
WTT your 2 AUR 4 AUR coins for every 1 of my I0Coins.
full member
Activity: 154
Merit: 100
March 30, 2014, 04:27:01 PM
So it's actually Peercoin centralized checkpointing?... I thought automatic would mean pretty much what markm said, written automatically after N blocks. Is that kind of system flawed?

It's a decentralized system.. nothing can both be automated and secure without some kind of peer agreement. 
full member
Activity: 154
Merit: 100
March 30, 2014, 04:25:47 PM
This exploit is real, and it is only a matter of time before someone takes advantage of everyone's false sense of security. 

There is certainly a vulnerability.. however it's not as easy to execute as some people here believe.  There's a window and a "catch the running train" situation that must be overcome.  

I'd be interested in the proof of actually pull off a successful execution.  (not being sarcastic.. i really do want to see it done, and data/proof published so we can all have a look)
legendary
Activity: 996
Merit: 1013
March 30, 2014, 04:24:47 PM
So it's actually Peercoin centralized checkpointing?... I thought automatic would mean pretty much what markm said, written automatically after N blocks. Is that kind of system flawed?
full member
Activity: 154
Merit: 100
March 30, 2014, 04:21:10 PM
By what consensus process is the choice of (automated) checkpoints decided?

Read code (and description) right here: https://github.com/HiroSatou/Hirocoin/commit/dd5b8bec94b0694b365a4dabe5eeb9b78d025b6d

Actually developed by Sunny King.
member
Activity: 61
Merit: 10
March 30, 2014, 04:09:47 PM
Einstein said keep things as simple as possible but no simpler.
legendary
Activity: 2940
Merit: 1090
March 30, 2014, 04:07:03 PM
By what consensus process is the choice of (automated) checkpoints decided?

Or is it nice and simple like each client writes itself a checkpoint each ten or six or whatever blocks?

(Too simple likely; just yelling at the operator if any fork becomes longer than X number of blocks might work just as well as such a simple approach.)

For "distressed nations relief" maybe just a DeVCoin clone would work for however many nations are "distressed", simply adding nations to the "receivers file" when they become "distressed" and removing them once their distress has been alleviated?

(The much vaunted "socioeconomic factors" touted as how national distress alleviation coins are to gain mucho value hopefully making such a clone far more valuable per coin than DeVCoin since DeVCoin is merely a free open source stuff funding coin not a massive international "nations in distress relief fund"...)

-MarkM-

legendary
Activity: 996
Merit: 1013
March 30, 2014, 04:04:11 PM
  The chain can only be secured with hashing.  If a chain is not secure, a malicious individual will attack it.  That is the reality of this world. 

I'd be interested in hearing your thoughts about Hiro's proposed fix i.e. automated checkpoints.
legendary
Activity: 1764
Merit: 1006
March 30, 2014, 03:38:47 PM
May BCX and MARKM never find peace. May they have many ugly WAGs.
you sound like a bagholder.
full member
Activity: 140
Merit: 100
March 30, 2014, 03:08:41 PM
May BCX and MARKM never find peace. May they have many ugly WAGs.
legendary
Activity: 2940
Merit: 1090
March 30, 2014, 02:49:07 PM
and yet your explanation of how to do it cointains lot's of "maybe"s, "if"s and "whatever"s and finally a "if any of them work".

For the purported "security without work", yeah.

Simply making something innovative enough that merged mining pools will support it though will at least give you a predictable low tide mark for mining power thus let you set a starting difficulty high enough to minimise the chance of any "instamining" happening and if you convince the right pools your concept is good probably also enough to secure it against most "lets trash the newbie coin" attacks.

I0Coin and GRouPcoin are only on mmpool I think, yet even just mmpool gives them quite a hash rate compared to most non merged SHA256 coins.

Regarding specifically the modified time warp BCX mentions, (s)he admitted at least some, maybe most, of the merged mined SHA256 coins have enough hashing power to make them too powerful for hir to pull off the attack. I would expect that the exceptions include at least CoiLedCoin and GeistGeld, which are not on any public merged mining pools. Whether I0Coin and GRouPcoin, which are only on mmpool as far as I know, have enough hashing power did not seem totally clear to me. But in comparing their difficulties thus mining power bear in mind GRoupcoin's difficulty has to last 10 minutes on average between blocks whereas I0Coin's only has to target 1.5 minutes between blocks. I expect both CoiLedCoin and GeistGeld are trivially easy targets until they get on at least one public merged mining pool, as private merged miners are coasting along mining these at very very low difficulties thus evidently are not pouring much hashing power into them.

mmpool seems to be quite a low power pool though, as it goes hundreds of hours between findings of bitcoin blocks. Likely if there is any doubt whether just being on mmpool would suffice, I suspect there are far more powerful public merged mining pools that could instead or as well be approached.

I have noticed a lot of people creating hybrid PoS or pure PoS coins, have those been tested enough yet to determine whether they are actually secure? Especially the ones that do not rely upon a solidcoin system whereby one or more privileged nodes get to dictate checkpoints to the others? I do not know hence my personal lack of certainty so far as to which if any of the methods of securing a coin without relying upon proof of work actually are in fact secure.

Does anyone actually know or is everyone just blindly spamming out PPCoin clones / variants?

For something like Aurora, merged mining could be particularly suitable as giving 50% of the coins to miners might not be necessary; DeVCoin for example only gives 10% of the minted coins each block to the miners yet has quite high hashing power.

-MarkM-
hero member
Activity: 868
Merit: 1000
March 30, 2014, 02:47:36 PM
It will need some time for you evangelists to learn that bitcoin is digital gold and not digital money.

Fyrstikken (cryptorush) would call it a commodity: http://www.youtube.com/watch?v=8q9DvydzAsY

Quote: "Bitcoin worshipers will never go to heaven " LOL

Price trending to the cost of mining it.

Use of malicious negative feedback to suppress free speech brings shame on the bitcoin community.

Frystikken is an idiot.

But that doesnt disprove my point. Its simply plain logic, that a hard cap coin can not be a currency. It IS a ponzi and risky investment.
Money works totally different from Bitcoins. As said, it is not wrong to invest in bitcoins, but what's wrong is to confuse gold and money.

So gold is a ponzi scheme? I'm confused. I'm also confused about what happened here. Auroracoin is dead now? Was it actually a scam or did somebody just destroy it for kicks and giggles or for their own personal motives? Also, how was it so easy to kill the coin? Doesn't this mean every other low hashrate scrypt coin is vulnerable? What about scrypt-N and PoS coins? Thanks in advance for helpful replies, I'm just looking for information and trying to understand how things are shaping up in this dark world of cryptocurrencies.

Since when was there a hard cap on gold?

LOL. Are you an alchemist from the 17th century? You do realize gold cannot be created from your urine, right? The only feasible way to make gold, and therefore exceed the natural "hard cap" on it, is through nuclear bombardment and beta-decay of other precious metals. This process would be insanely more expensive than what you would get out of it, and most of the gold you would get out of it would be radioactive  Cheesy This is hilarious... So you think because more gold can still be minded it doesn't have a hard cap? So since bitcoin can still be minded it doesn't have a hard cap? Gold was formed during the earliest stages of the earth, and the majority of it and other precious metals sunk into the core. The current available supply of gold exists because of meteorites bombarding earth a long, long time ago- this "flung" gold out of the core of the earth and into accessible regions of the mantle. So, in theory there is another way to increase the accessible "hard cap"- just have to wait until the earth is completely screwed by a bunch of meteorites again... lol.

tl;dr there is no way to increase the amount of available gold i.e. it has a hard cap. once all the accessible gold is mined, there will be no other source- just like bitcoin...

newbie
Activity: 3
Merit: 0
March 30, 2014, 02:46:02 PM
Damn I really want this FUD to keep going on to scoop up the cheap coins. But your uselessness is way too evident. And it's wasting everyone's time to pay you any attention

1. There was no fork due to 51% attack. Fork at 5400 was planned since weeks
2. Time warp attack was solved as it was there in the Litecoin as well. That fix is incorporated in Auroracoin source too

Here's the diff for that https://github.com/litecoin-project/litecoin/commit/b1be77210970a6ceb3680412cc3d2f0dd4ca8fb9

This is as low as I will go to name calling. But you all (the one's claiming attacks) are clearly losers.

The patch that you link to does nothing to solve the exploit in the KGW.  It does solve, however, a flaw in the linear difficulty re-targeting algorithms that were of common use prior to these past few months.  Bitcoin and Litecoin adjust difficulty in that manner.  For an understanding of what that patch fixes, read through the posts of the individual that wrote that patch.  ArtForz details the possible attack in the following thread: https://bitcointalksearch.org/topic/m.521772

I urge you to read through this (https://bitcointalksearch.org/topic/kimoto-gravity-well-simplier-alternative-505243)(https://bitcointalksearch.org/topic/m.5573196) thread and pay specific attention to the posts belonging to Nite69.  Although BCX never comfirms that Nite69 is on the right track in uncovering the KGW flaw, he is.  If after reading through the two linked threads you still do not understand the flaw, I would be more than happy to try and explain it in greater detail.  

Edit: Although the original link provides some information, the meat of the discussion is in the new link I provide.

Any coin that implements the KGW is vulnerable to a time warp attack, and the only thing that can stop such an attack would be to have significantly more power than the attacker.  Then again, there is no way of knowing how much, if any, power would be needed until such an attack is attempted.  Furthermore, miners that do not have multiple pool or solo mining backups are doing the users of the coin a disservice.  Pools can be brought down, thus reducing the amount of power an attacker needs to fork a chain.  

This exploit is real, and it is only a matter of time before someone takes advantage of everyone's false sense of security.  People can hate on BCX or MarkM all they want, but I would urge those people to understand what they are truly trying to say.  MarkM consistently harps on the idea of hashing power, and for good reason.  If a PoW, blockchain based coin is to be taken seriously and used daily by people around the world, the chain needs to be secure.  The chain can only be secured with hashing.  If a chain is not secure, a malicious individual will attack it.  That is the reality of this world.  Honestly, each and every developer and user of a coin that implements the KGW should be thanking BCX for bringing to light the time warp flaw.  
donator
Activity: 2772
Merit: 1019
March 30, 2014, 02:41:14 PM
You know, bitcoin didn't originally have enough hash power to secure itself.   We should have ignored that scam coin from the getgo. Wink

No enough attackers with the know-how, not enough LOLs in it for them and so on.

But once bitcoin built its super hashpower and implemented merged mining new coins no longer need face that if they have even merely just enough of a good idea to get a merged mining pool set up ready to add them to its merge at launch.

Plus now, even better, supposedly proof of work is no longer even needed to secure a distributed p2p ledger so anyone can easily issue a new secure currency simply by cloning a secure no proof of work required system instead of the insanely expensive to secure, insanely hard to secure old proof of work concept. Maybe clone Ripple, or NXT, or whatever of those things does in fact work, if any of them do in fact work.

Either by merged mining or by some newfangled no proof of work needed system, launching a currency that is secure from the get-go is easily do-able nowadays.

and yet your explanation of how to do it cointains lot's of "maybe"s, "if"s and "whatever"s and finally a "if any of them work".

Pages:
Jump to: