yes you are correct. each smart contract is uploaded as code. this code is run as part of the mining algorithm / proof of work. If you upload an a smart contract that says: crack my bitcoin wallet's public keys by deriving the private key from the public key, and you already have the private key, then you can both satisfy the proof for the mining algorithm and spend considerably less work solving the algorithm than all the other miners.
The result is this: they spend years trying to mine a single block while you spend only an hour or less. Obviously, you will get the reward every time, cheating the other miners, and satisfying all requirements of the proof!
Topic: exploit ethereum mining (Read 182 times)
all the miners run the smart contract code. The algorithm has random run time if run properly but you could cheat by "randomly guessing" the correct answer, which isn't a guess at all just preknowledge of when the code quits running.
Ethereum and other smart contract blockchains have to settle money to prevent people from exploiting.
Ethereum and other smart contract blockchains have to settle money to prevent people from exploiting.
Its starting to sound like you are downplaying the flaws in "smart contract" cryptocurrencies. You don't seriously believe that anyone can run any code and nobody can design malicious code... do you?? It's a trust based inner currency of switzerland.
Trust me, I more than understand someone could design malicious code. But I personally just lack the context. I don't quite understand the idea Ethereum network functionality myself. If I say something that seems to make little sense it's likely just because my knowledge of the network is limited, and by limited I mean nonexistent. Just trying to figure out how you would actually integrate it within the network is all
You said 'all the miners run the smart contract code'. Do you mean that they use the code themselves in some way to leverage it against the algorithm they're attempting to solve for the block? Or do you mean that when they run and attempt to solve an algorithm they'll attempt to solve the code within the smart contract? If you mean the latter of the two, then how do the miners access the smart contract code?
I was always under the impression that the process was something like:
1. network generates algorithm in need of solving --> 2. miner receives algorithm and begins to work --> 3. work is comprised of throwing as many computations as possible against the algorithm in hopes of solving it --> 4. miner solves the algorithm, relays it to network --> 5. miner is granted block reward, etc.
and MY interpretation of what you're saying is that the process could be exploited like:
1. network generates algorithm in need of solving --> 2. you know the answer to the algorithm --> 4. miner solves the algorithm, relays it to network --> 5. miner is granted block reward, etc.
which would effectively cut out the third step in the process, reducing the time required to solve a block, thus granting you the ability to receive the block reward all on your own.
What confuses me, though, is where the smart contract comes in to play. I don't quite see how it could affect the miner unless the algorithm that generates the block and the required problem needing to be solved to produce the block somehow produces the same algorithm as the exploit requires. You said I may be 'downplaying the flaws in smart contract cryptocurrencies' but I assure you I'm not, I just don't understand/have knowledge of any of these flaws
In short, It seems to me that you're saying 1 + 1 = 2 and mining/smart contracts (being 1 and 1) are easily connected resulting in the output of 2 (representing the exploit); but my understanding was that it was set up more along the lines of 0 + 2 = 2 or 2 + 0 = 2 and neither the miner nor the smart contract have any communication with one another related to the solution of a block. I can't wrap my head around how a smart contract affects the solution of a block to exploit the reward. Would be great to have you clarify my misunderstandings!
Its starting to sound like you are downplaying the flaws in "smart contract" cryptocurrencies. You don't seriously believe that anyone can run any code and nobody can design malicious code... do you?? It's a trust based inner currency of switzerland.
all the miners run the smart contract code. The algorithm has random run time if run properly but you could cheat by "randomly guessing" the correct answer, which isn't a guess at all just preknowledge of when the code quits running.
Ethereum and other smart contract blockchains have to settle money to prevent people from exploiting.
Ethereum and other smart contract blockchains have to settle money to prevent people from exploiting.
I PM'd you back accidentally last night by tabbing forward and due to my rank couldn't send another immediately 
Anyway, you replied and validated what I had thought regarding n1 != n2 being set prior to randomizing n1 in the contract. But I guess what I'm not understanding is, how does the contract have any effect of the mining reward? How would one benefit from the mining reward by running the smart contract? By mining on the same node as the one hosting the contract? I just don't see what the mining has to do with the contract that would 'cheat' it. Perhaps I'm missing something simple as my knowledge of the Ethereum network is limited, forgive me if its basic.
Anyway, you replied and validated what I had thought regarding n1 != n2 being set prior to randomizing n1 in the contract. But I guess what I'm not understanding is, how does the contract have any effect of the mining reward? How would one benefit from the mining reward by running the smart contract? By mining on the same node as the one hosting the contract? I just don't see what the mining has to do with the contract that would 'cheat' it. Perhaps I'm missing something simple as my knowledge of the Ethereum network is limited, forgive me if its basic.
Ethereum settles
This is something you need to contact the Ethereum developers for.
an example of a contract:
factor the following number 12340 into primes by generating random numbers smaller than sqrt(12340), then pay yourself 1 ether
factor the following number 12340 into primes by generating random numbers smaller than sqrt(12340), then pay yourself 1 ether
All numbers are representable as the multiple of 1 or more prime numbers
1) generate an array of number, array[i to j], from 1 to square root of n
2) if n is divisible by 2, cross that number off the list of array except for 2 itself (a prime number)
After step 2, n must be odd.
3) make a new array [y to z] where y =2 and z ends at sqrt(n) with all the other even numbers missing
5) generate a random number for y and see if N is divisible by y, if not then remove y from your array
6) the final array is your prime factorisation (found in random run time) of your initial integer
run the factor command in a shell to find the prime factorisation of an integer before hosting your script or multiply large primes first to get a large integer. Host the above contract and cheat ethereum mining.
1) generate an array of number, array[i to j], from 1 to square root of n
2) if n is divisible by 2, cross that number off the list of array except for 2 itself (a prime number)
After step 2, n must be odd.
3) make a new array [y to z] where y =2 and z ends at sqrt(n) with all the other even numbers missing
5) generate a random number for y and see if N is divisible by y, if not then remove y from your array
6) the final array is your prime factorisation (found in random run time) of your initial integer
run the factor command in a shell to find the prime factorisation of an integer before hosting your script or multiply large primes first to get a large integer. Host the above contract and cheat ethereum mining.
ethereum's protocol cannot fairly run ANY probabilistic time algorithms. one famous example of this is the prime factorisation algorithm.
in a linux kernel run the following command:
factor 111
and receive the following output
111: 3 37
the output is the prime factorisation of the integer 111. Any contract hosted on ethereum that runs a probabilistic time algorithm can be used to exploit and cheat the mining. Simply multiply any N primes together like this (3)*(37) = 111
Now ask the Ethereum network to factor 111, but you already know the answer, and furthermore the network is supposed to factor randomly, but you get the answer on the first try. This is a catastrophic exploit of Ethereum, and reason enough for the project to be redesigned. Lets develop some code to systematically exploit ethereum mining.
in a linux kernel run the following command:
factor 111
and receive the following output
111: 3 37
the output is the prime factorisation of the integer 111. Any contract hosted on ethereum that runs a probabilistic time algorithm can be used to exploit and cheat the mining. Simply multiply any N primes together like this (3)*(37) = 111
Now ask the Ethereum network to factor 111, but you already know the answer, and furthermore the network is supposed to factor randomly, but you get the answer on the first try. This is a catastrophic exploit of Ethereum, and reason enough for the project to be redesigned. Lets develop some code to systematically exploit ethereum mining.
Jump to: