Author

Topic: How to extract profit from cryptocurrency exploits (Read 576 times)

legendary
Activity: 1148
Merit: 1048
You have covered a lot, I'll address the double spend in this post.

Double spending isn't so effective on services, because they require multiple confirmations to credit value to your account. If you made a peer to peer trade, and somehow were able to double spend AND get away before the network caught you, you would have the coin and the cash. And an angry buyer to deal with, but that's a separate issue.

You could trigger the secondary, double spend transaction remotely after you make the first "show" transaction. You might want to make a deal with a node, so you know the second transaction reaches the network before the first.  Or put a nice fee on it, if the fee isn't the same size as the send, you should profit regardless.

With how weak the mining is on some of these coins, you could try a majority attack if you have more than 51 percent of the network. That way, your nodes decide which transactions make it into blocks; you can simply pend the honest tx until you get home, and double spend with the bad tx, or simply deny the honest tx period.

Again, you just pissed off a real live human being that has seen your face, not an internet gangster. You will have to deal with a buyer that may be inconsolable Smiley


Pai Mei was inconsolable, if you are a fan of Kill Bill  Grin

Back in 1003 ("one-double [n]aught-three") in China, as Pai Mei was traveling down a road, a Shaolin monk crossed paths with him. Pai Mei gave a slight nod to the monk, who did not return it. Although the motives of the monk remain unknown, whether it was an insult or a misunderstanding, Pai Mei tracked him down at the Shaolin Temple. He demanded that the head Abbot kill himself as a means of retribution, but the Abbot refused. Consequently, Pai Mei single-handedly massacred all sixty of the monks residing in the temple.

Dont get killed by Pai Mei.
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
I'm generally curious what everyone's thoughts are on this. Say, for instance, you find a flaw / bug / exploit in a cryptocurrency. Instead of notifying the developers and / or modifying the code yourself, you think "Hey, I could profit from this!".

Depends on which type of coin it is.

If it's like Monero with a toxic userbase that's attacking all the others and being just too arrogant,

then I'd just go ahead and kill it probably.

If it's a nice coin I'd immediately contact the devs

A nice coin? You mean one that doesn't call out your BS, most likely because they are in the BS game themselves?

If idle hands are the devil's workshop, idle tongues are his marketing seminars with fresh coffee and donuts.
full member
Activity: 140
Merit: 100
I'm generally curious what everyone's thoughts are on this. Say, for instance, you find a flaw / bug / exploit in a cryptocurrency. Instead of notifying the developers and / or modifying the code yourself, you think "Hey, I could profit from this!".

Depends on which type of coin it is.

If it's like Monero with a toxic userbase that's attacking all the others and being just too arrogant,

then I'd just go ahead and kill it probably.

If it's a nice coin I'd immediately contact the devs
legendary
Activity: 1260
Merit: 1008
I'm generally curious what everyone's thoughts are on this. Say, for instance, you find a flaw / bug / exploit in a cryptocurrency. Instead of notifying the developers and / or modifying the code yourself, you think "Hey, I could profit from this!".

How would one go about profiting from this?

A lot of this probably depends on the type of bug or exploit. I'm just going to throw some things against the wall here and see what sticks. I'll try to update the OP as more suggestions or modifications are made.

1. Double Spend Exploit
This is probably the simplest of the exploits, and depending on the extent of the flaw, could have a range of profitability. So you could obtain Currency X, then send it to multiple exchanges and sell the same coin multiple times.

2. Consensus exploit
This is probably a variant of the above, because you would shard the network. Different blockchains, same coins. So you'd have to masterfully shard the network to isolate the major exchanges and then profit.

3. p2p exploit
This would behave like a denial of service - the currency network would just shut down and stop working as intended. Profiteering from this isn't as direct as 1 or 2.

4. de-anonymizing exploit
If privacy is the main selling point of a currency, then this exploit would destroy that. Profiteering from this isn't as direct as 1 or 2.


-----

Now, interestingly, profit taking from items 3 and 4 is unique from items 1 and 2. 1 and 2 can be though of as "sneaky" - you can only profit directly if you manage to make your move while the exploit goes undetected. This is a microeconomics exploit profit extraction.

In order to extract profit from items 3 and 4, you need to depend on the market. This is a macroeconomics exploit profit extraction, because the only way to profit from a currency network facing an existential threat (as in, the exploit challenges the fundamental existence of the currency network) is to use financial betting instruments like shorting. In fact, I can not think of a way to directly extract profit from items 3 and 4 that don't involve macroeconomics and the involvement of markets.

Furthermore, a macroeconomics exploit profit extraction can be done in two ways.

A. Be sneaky
Here, you disrupt the network to the point where confidence in the coin is shaken, and people divest from the coin. Before you attack the network and expose these flaws, you don't tell anyone about the flaws and short the market, BIG. After the coin recovers and the exchanges unfreeze the coin, you can sit back and watch the money roll in as everyone dumps the coin back to oblivion.

B. Be loud
Here, you make the markets aware of your discovered exploits after you short the coin. So first you short BIG, then you try to break confidence in the coin by advertising your exploits. You then have the choice of actually attacking the network or not. The benefits here are that the exchanges don't freeze the network.

Now, items 1 and 2 are very different, in that item 1 is a sure bet. In other words, you can make a LOT of money by killing a network and causing mass hysteria. Item 2 is a chance bet - you hope that people believe you damage the network.

-----

In conclusion, due to the nature of exploits 1 - 4, anyone announcing exploits prior to using the exploits is using approach B. And in my humble opinion, of the macroeconomic exploit profit extraction approaches, A is the more profitable. Therefore, I conclude that if approach A was not used, the possibility of the exploit not actually existing is relatively high.

Unmoderated thread, have a field day.
Jump to: