Pages:
Author

Topic: koincik, vycl87 alt accounts - self vouching/merit/trust/bounty abuse (Read 1264 times)

legendary
Activity: 1904
Merit: 1159
This is very similar to the things that happen with the "pool manager" thing in the case of mhanbostanci. With actions like using a ledger to manage addresses for different people, you are handicapping those people instead of teaching them to actually use bitcoin. It is trivial for anyone to use a wallet of their own if they have an android phone and they are capable of posting on the forum. To avoid the kind of situation that has presented itself here, we must educate ourselves and community about bitcoin and not just spread information about the Alt-coins for the next pump and dump.

I have nothing against the Alts per se but this has been the case with lot of locals in the beginning. Even the merited posts are often about the next Alt-coin with multiple people hoping for a pump. Unfortunately, this only leads to the newbies losing money while the traders, exchanges and telegram pump groups benefit. They must learn to identify scams from non-scams. The best thing would be for the community to grow and put its trust on Bitcoin first. Play with Alts if you like but do not make bounty hunting and Alts your endgame. All of these problems will disappear. Everyone would love to see Turkish local be another bastion of bitcoin, not a battleground of people hurt by scammy alts.
legendary
Activity: 1932
Merit: 2272
As for the Bitcoin issue, I did this process. A membership to Bitmax was required to purchase FRM tokens and I did not have it. I asked him to buy FRM tokens because he used Bitmax on vycl87. And he said that he would buy the same in himself and made a transaction. I have made these transactions by transferring them over my Ledger. And yes, since vycl87 will not use that wallet again, I was able to do this.
Let me see if I got this right.

You asked vycl87 to buy you FRM tokens at Bitmax and then he gave you his private key and then you sent btc to his Bitmax's address?

Yeah, makes sense.

I've just found topic where someone accused account koincik for merit abuse. Lol, 4 merit for post #623 and 2 merits for post #2746.
legendary
Activity: 1316
Merit: 966
For example, if Lauda sends me 10 satoshi ... does that mean I am a alt-account of Lauda?

If Lauda sends you a payment, their address is on the left and your address is on the right. This doesn't mean addresses left and right belong to the same wallet.
If Lauda's address and your address are both on the left, it gets interesting Cheesy

I explained in Turkish what LoyceV is trying to say.

Bunun dışında bir mnemonic words içerisindeki farklı Bitcoin adreslerine gönderim yaptığımızı ele alalım;

A1 = 0.01
A2 = 0.03
A3 = 0.02
A4 = 0.03
A5 = 0.01
A1, A2, A3, A4, A5 = 0.1 BTC bakiyemiz var.

0.03 BTC üzeri yaptığın her gönderimde A2 bir başka Ax ile eşleşip aynı transactionda gönderim yapacak, yani adreslerinin bağlantısı Bitcoin blok zinciri üzerinde herkese ifşa olacak.

Yan adresini herkese ifşa eden transaction örneği
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
For example, if Lauda sends me 10 satoshi ... does that mean I am a alt-account of Lauda?
See this example:
If Lauda sends you a payment, their address is on the left and your address is on the right. This doesn't mean addresses left and right belong to the same wallet.
If Lauda's address and your address are both on the left, it gets interesting Cheesy
legendary
Activity: 2128
Merit: 1148
There is one thing I do not understand: we all have btc addresses in their profile. For example, if Lauda sends me 10 satoshi ... does that mean I am a alt-account of Lauda?
Another example: I bought a laptop from someone, sent btc. Is it forbidden?
If every transfer will be suspicious, how will Bitcoin be the currency?

EDIT: I didn't understand much Cheesy but it's nice if the transactions are distinguished!
Thanks LoyceV and Lanychromose
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
As promised, I went trough the evidence today. I tend to believe that the OP found the connection between the addresses which of course is enough to see the connection, also confirmed.
I also read the explanation of the accused ones which wasn't presented until now.
People always deserves an explanation you have to see the both sides of the medal.
Note that when dealing with such cases I don't take in consideration the nationality nor race of the accused ones. Lately there was a lot of drama involving some of the users from the Turkish community engaging circles of trust and merit abuse and after my quick look at the accursed trust page i though that it's again a part of the same circle.
Anyway,all the collected facts leaded to me ~ both users.
sr. member
Activity: 868
Merit: 265
★Bitvest.io★ Play Plinko or Invest!
Yes, it is unusual for many of you and I can understand this. There have been people who have sent bounty tokens to each other many times before. In particular, as vycl87 said, the vast majority of these were members of the bountyhive. Extremely unreliable exchanges wanted membership to be able to cash out some tokens we won at that time. Some of them were also requesting KYC. For this, we have had such transactions between us before and many times.

As for the Bitcoin issue, I did this process. A membership to Bitmax was required to purchase FRM tokens and I did not have it. I asked him to buy FRM tokens because he used Bitmax on vycl87. And he said that he would buy the same in himself and made a transaction. I have made these transactions by transferring them over my Ledger. And yes, since vycl87 will not use that wallet again, I was able to do this. As a result, FRM has made 2x since then and we both made money from that transaction.

As for the support issue, I support every Turkish member who applies for merit source. Because, as we can see here, I think there are people who try to keep us in any situation by taking a racist approach. And we have a lot of Turkish friends who have both ideas on this subject. There are many members who prove this with their insults here, as you all know ...
legendary
Activity: 3654
Merit: 8909
https://bpip.org
So if either one of those users can present an xpub that leads to only one of the 2 addresses, does that justify reasonable doubt from being the same person, and make it likely one of the private keys was manually imported?

This is an interesting question that I don't think we've ever tried to tackle here. My answer would be "no, it doesn't." All it concludes is that one private key was manually imported and it could still belong to the same person as the HD wallet. How often do people actually share their private keys with one another, anyway?

Now that we've given them a bunch of excuses to use I'm sure we'll find out there was a very solid reason to import the private keys or whatever. The fact that the user chose to completely ignore this (the more solid) part of the evidence is quite telling.

There is no chance to prove anything conclusively here but there is enough evidence and enough bullshit in this thread to make certain possibilities far more likely than others. If we're looking for absolute proof then we need to beg theymos for KYC and DNA tests.
legendary
Activity: 2674
Merit: 2965
Terminated.
The most likely scenario is that they generated two addresses from the same HD wallet. @vycl87 gave it to @koincik to use. (paying off a loan or whatever).

Though in that case, there is no reliable wa for them to prove that they are different people.

Nobody in their right mind would do it like that, Occam's razor: Therefore, they are alts.
legendary
Activity: 3010
Merit: 8114
So if either one of those users can present an xpub that leads to only one of the 2 addresses, does that justify reasonable doubt from being the same person, and make it likely one of the private keys was manually imported?

This is an interesting question that I don't think we've ever tried to tackle here. My answer would be "no, it doesn't." All it concludes is that one private key was manually imported and it could still belong to the same person as the HD wallet. How often do people actually share their private keys with one another, anyway?

I think it is a context-dependent problem.

Let's say the only piece of evidence linking the two accounts was a single transaction from 2 addresses belonging to different members of the forum, and an xpub key reveals only one of two sending addresses involved in a transaction. I think the transaction itself still renders it likely that the 2 addresses belong to the same person, though a bit less conclusive as there are no other connections between the two accounts.

In this scenario, with the addition of the Ethereum blockchain evidence, I'd say the chances of the two accounts belonging to the same person go up dramatically, making it very likely that they are the same person.

If anybody is wondering, yes there is an xpub checker and it does work.
legendary
Activity: 1904
Merit: 1159
This discussion has given multiple pointers to @vycl87 to explain what happened. He can simply explain how that transaction happened where funds from both addresses belonging to two different persons have been transferred to a common address. If vycl87 had explained the technical details behind it, that alone would make him technically worthy enough to be a merit source. The most likely scenario is that they generated two addresses from the same HD wallet. @vycl87 gave it to @koincik to use. (paying off a loan or whatever).

Though in that case, there is no reliable wa for them to prove that they are different people. There have been such cases in the past when people just post same addresses and find nothing wrong in it when they do it. Is there any bounty rule in the Altcoin sections that every user should use their own wallet and not share addresses? Catching alt-accounts is going to get harder still because these people are just gonna learn from these mistakes. They probably feel that it is only fair if they can operate multiple accounts without getting caught. Like Polar91 said in his parting message. This truly feels like a problem with no solution. Vinny Lingham was going to do something about this identity thing with Civic, yet like so much else, it is just another WIP.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I don't know with 100% certainty. I only know the wallet is most likely a HD wallet as that is what

1) readily allows for the type of transaction in question to take place
2) is used by the most common wallet providers where one retains control of their private key (Electrum, Mycelium, Coinomi, blockchain.com, Exodus, etc).
So if either one of those users can present an xpub that leads to only one of the 2 addresses, does that justify reasonable doubt from being the same person, and make it likely one of the private keys was manually imported?

Note:
We strongly advise against showing your xPub to third parties. Knowledge of the xPub can enable someone to track your wallet’s entire payment history and possibly disrupt access to your funds
legendary
Activity: 3010
Merit: 8114
I think you've missed my point: how do you know the wallet is HD?

I don't know with 100% certainty. I only know the wallet is most likely a HD wallet as that is what

1) readily allows for the type of transaction in question to take place
2) is used by the most common wallet providers where one retains control of their private key (Electrum, Mycelium, Coinomi, blockchain.com, Exodus, etc).

legendary
Activity: 2674
Merit: 2965
Terminated.
In the very off chance that its not the same HD wallet, I just don't understand why "different users" would entrust each other with their private keys unless they were very close, or more likely, the same person.
I've been entrusted with private keys on multiple occasions. I can also imagine someone uses someone else's addy to join a certain campaign, for instance because he owes him money, or because he's not interested in weird "tokens".
It's all possible, just not very likely.
Even if entrusted with somebody's key, you would not import it into your own wallet and intentionally merge it with your coins while you are safe-keeping it. It would just be a made up lie.

My assumption was the addresses were random.
No. Pseudorandom at best. Read about derivation paths in HD wallets in detail. You can use the xpub to deterministically derive the children. HD stands for hierarchical deterministic for a reason.
I know about xpub (but never memorized the exact details): as far as I know, it's not possible to know addresses are derived from the same xpub unless you know xpub, right?
That is correct.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
In the very off chance that its not the same HD wallet, I just don't understand why "different users" would entrust each other with their private keys unless they were very close, or more likely, the same person.
I've been entrusted with private keys on multiple occasions. I can also imagine someone uses someone else's addy to join a certain campaign, for instance because he owes him money, or because he's not interested in weird "tokens".
It's all possible, just not very likely.

Trust list for: vycl87 (Trust: +1 / =0 / -0) (588 Merit earned) (Trust list) (BPIP) (created 2020-05-30_Sat_12.05h)

vycl87 Trusts these users' judgement:
4. Kalemder (Trust: +2 / =0 / -1) (1149 Merit earned) (Trust list) (BPIP)
7. bobita (Trust: +2 / =0 / -0) (DT1! (3) 540 Merit earned) (Trust list) (BPIP)
8. Vispilio (Trust: +5 / =2 / -2) (DT1 (-3) 951 Merit earned) (Trust list) (BPIP)

I read up on how Wallet Explorer works (it's a lot simpler than I thought) and I have to retract my use of the word "indeed" -- its just by far the most probable outcome.
I think you've missed my point: how do you know the wallet is HD?
Related:
My assumption was the addresses were random.
No. Pseudorandom at best. Read about derivation paths in HD wallets in detail. You can use the xpub to deterministically derive the children. HD stands for hierarchical deterministic for a reason.
I know about xpub (but never memorized the exact details): as far as I know, it's not possible to know addresses are derived from the same xpub unless you know xpub, right?
legendary
Activity: 2674
Merit: 2965
Terminated.
In the very off chance that its not the same HD wallet, I just don't understand why "different users" would entrust each other with their private keys unless they were very close, or more likely, the same person.
The chance that they gave each other the private key at the same time is near zero. The chance that one gave the private key to the other to create this transaction is near zero as it makes zero sense to do so (each could have made their own sending the same amount to the same address).
The chance that they managed to construct this transaction without sharing private keys, i.e. constructing partially signed transactions and exchanging them and making them work is zero. They do not have 1/10th of the brainpower nor knowledge to do this.

If it were a CoinJoin-type transaction the amounts wouldn't be going straight to the same Binance address.
Not necessarily, but this is not coinjoin. A coinjoin is not a m to 1 transaction, it is a m to n transaction.

Additionally, many CoinJoin transactions (I think they are Wasabi wallet transactions) get captured as being part of this wallet.
Wasabi coinjoin is always bech32 and always the same amounts as outputs and many more participants. This definitely has nothing to do with Wasabi.

My assumption was the addresses were random.
No. Pseudorandom at best. Read about derivation paths in HD wallets in detail. You can use the xpub to deterministically derive the children. HD stands for hierarchical deterministic for a reason.
legendary
Activity: 3010
Merit: 8114
That being said, I can think of some scenarios in which coins from different users end up in the same transaction.
Just out of a desire to be more educated on the subject, I'd like to understand how that could happen... In this case the 2 addresses are indeed part of the same HD wallet -- it seems highly likely they are both owned by the same person.
Question: how do you know the bold part?

I read up on how Wallet Explorer works (it's a lot simpler than I thought) and I have to retract my use of the word "indeed" -- its just by far the most probable outcome.

If it were a CoinJoin-type transaction the amounts wouldn't be going straight to the same Binance address. Additionally, many CoinJoin transactions (I think they are Wasabi wallet transactions) get captured as being part of this wallet.

In the very off chance that its not the same HD wallet, I just don't understand why "different users" would entrust each other with their private keys unless they were very close, or more likely, the same person.

If the two users were cheating the same bounty or sig campaign then I would say its clear cut abuse, but in this instance they were enrolled in 2 different campaigns.

Just recapping the Ethereum address exchanges:

- both addresses sent Pindex (PDI) tokens to the same LAToken address
- both addresses sent Blockmason (BLINK) tokens to the same Binance address
- one address sent bitzon (BTZ) to the other

If any other account was doing this, they would be marked as a bounty cheater.

Additionally, the whole merit exchange thing is not great, and including each other in trust lists is quite bad.

I'm not going to take any action on these accounts but I definitely don't think they should be a merit source.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
That being said, I can think of some scenarios in which coins from different users end up in the same transaction.
Just out of a desire to be more educated on the subject, I'd like to understand how that could happen... In this case the 2 addresses are indeed part of the same HD wallet -- it seems highly likely they are both owned by the same person.
Question: how do you know the bold part?
My assumption was the addresses were random. As an example: say you have a wallet filled with small inputs (0.00027 BTC, 0.0003 BTC, and more like this address). Fees are high, and your wallet doesn't allow you to set a low fee. You give the private key for the address to a friend (don't do that!), and he consolidates your small inputs together with his own.

Another scenario would be when someone gets their hands on a compromised private key, although it's more likely to instantly sweep those.

It's all not very likely to happen though, but can be added to this list:
mother/father/sibling/cousin/nephew/uncle/cat/dog/goat/investment management/telegram group.
legendary
Activity: 3654
Merit: 8909
https://bpip.org
Just out of a desire to be more educated on the subject, I'd like to understand how that could happen... In this case the 2 addresses are indeed part of the same HD wallet -- it seems highly likely they are both owned by the same person.

CoinJoin (not in this case obviously but in general).

Yes, you're welcome, shitpuppets of all kinds - I just gave you a new word to use in addition to mother/father/sibling/cousin/nephew/uncle/cat/dog/goat/investment management/telegram group.
legendary
Activity: 3010
Merit: 8114
Be chill guys I am here now and let me explain.
I have to ask...

How two random individuals use the same wallet for signature payment? Cheesy

They would either have to:

- be in very close proximity to one another, or
- share login credentials for a HD wallet service like blockchain.com.

Either way, it doesn't make sense that someone wouldn't just create their own wallet.

That being said, I can think of some scenarios in which coins from different users end up in the same transaction.

Just out of a desire to be more educated on the subject, I'd like to understand how that could happen... In this case the 2 addresses are indeed part of the same HD wallet -- it seems highly likely they are both owned by the same person.
Pages:
Jump to: