Pages:
Author

Topic: [LTC] Is the Litecoin network being attacked ? (Read 2905 times)

newbie
Activity: 46
Merit: 0
Well nothing was really fixed. The fix wemineltc published was NOT about "bad pool luck". There is still some huge problem on the network. Since some days our pool has very bad pool luck. I think this is somehow a LTC network issue. Wemineltc never published any fix for this case.
hero member
Activity: 637
Merit: 500
Does anyone know of the official confirmed patch besides the one offered by a user in the litecoin forum post about this?

Since it is a bug in the server side code for the stratum protocol, patches should come from the maintainer of the version you are using for your pool ...
legendary
Activity: 2072
Merit: 1001
Does anyone know of the official confirmed patch besides the one offered by a user in the litecoin forum post about this?
member
Activity: 98
Merit: 10
What?

No this has not stopped happening. It is still happening every other hour or every 3 hours.

The real average time per block is more like 20 minutes currently and is off by about 30%.

I think you care about taking people's money and blaming it on bad luck, DDOS, or other attack vectors. Still never got back the few hundred LTC from when you were siphoning hash power, i mean had a bug that didn't report correctly.



full member
Activity: 186
Merit: 100
We, at give-me-ltc do care! Smiley
That problem was addressed and fixed. And as nothing to do (at least in this case) with a network attack.

Cheers.

The pools are still hitting abnormaly large blocks. Est time is 13-15 mins and it ends up being 30, 40, 50 minutes every other hour at least.

There was even a 10,000,000 share block on give-me-ltc.

Mining seems at least 10% less profitable due to the extended block times and no one seems to notice or care.
member
Activity: 98
Merit: 10
The pools are still hitting abnormaly large blocks. Est time is 13-15 mins and it ends up being 30, 40, 50 minutes every other hour at least.

There was even a 10,000,000 share block on give-me-ltc.

Mining seems at least 10% less profitable due to the extended block times and no one seems to notice or care.
legendary
Activity: 3108
Merit: 1358
Am I incorrect in believing that this news is relevant to all other pools, regardless of which scrypt coin?


The issue was with the stratum code, not Litecoin. Some flawed code allowed a modified miner to submit fake shares. Being the nice guys they are, the LTC Devs found the issue and help close it. All pools using stratum would be affected.

That's how I understood it.


~BCX~
It's not a StratumServer issue, don't blame slush for this. It's only an issue of idiot-made StratumServer fork, which uses 0xffffffff... as target for diff-1. That's really amazing that so many pools used this shit without any audit performed.

P.S. LTCMine and give-me-ltc didn't used this.
sr. member
Activity: 662
Merit: 250
Am I incorrect in believing that this news is relevant to all other pools, regardless of which scrypt coin?
full member
Activity: 207
Merit: 100
I was mining on netcodes pool and we had over 16 hours for a block so it wasn't just wemineltc. Everyone had very abnormal luck. Sometuing was going on with the network. 
hero member
Activity: 637
Merit: 500
Just be sure to spread the word, pools without this fix WILL be exploited, and the real miners will loose coins.
hero member
Activity: 637
Merit: 500
Thanks for the update and great job wemineltc !
Quoting the thread on litecoin.org :

Quote
Things are getting back to normal on our pool.   The recent rumors of supposed problems on the Litecoin network we believe were actually multiple clever attacks on pool servers, there was no instability in the Litecoin network itself.  Thanks to help from the Litecoin core devs, especially pooler of litecoinpool.org, we have found and fixed a share verification vulnerability in the pool server stratum implementation.  

The affected code is found here:
 
Code: [Select]

def diff_to_target(self, difficulty):
       '''Converts difficulty to target'''
       diff1 = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000
       return diff1 / difficulty

https://github.com/viperaus/stratum-mining/blob/master/lib/template_registry.py#L145
We don’t use this specific build but we had similar code for this part of the template_registry code.

We found new users as of a few days ago that had been using this exploit to cheat the pool and to steal coins from the legitimate miners.  We have taken appropriate steps to stop this from happening again.  We are attempting to inform all Litecoin pools of the exploit as we believe many pools who work off the same base code may be affected.  Suspected fake miners were clocking at up to150MH/s for 3-4 days. We suspect more cheaters were involved over the past 3-4 days which could have been at least partially to blame for the pools bad luck.

During deployment of the fix, we logged changes in valid hash rates.  The biggest detected confirmed cheater was Cryptopower who went from 30MH/s to 1MH/s (someone who also tried to bash our pool in forums), the payout address for this account is LYVLrqSQyrDYN1QqQz2icbsF1rbihSAEmK - they stopped mining altogether about 3 hours after all their shares were being rejected.  There are other accounts who we suspect may have been cheating, but without knowing for 100% sure, it would be dangerous and unfair to publish their information in case they are actually innocent.  We are continuing to analyze the logs to identify accounts that may have been involved.

If we get more info we will post in the news asap.  You will notice things have gone back to normal after sorting this out.
hero member
Activity: 1036
Merit: 500
Yeah something was up because I had an awful day mining and these pools are too big to have any real variance...
full member
Activity: 238
Merit: 100
Just to make sure it gets known for all pools to fix.
 www.Wemineltc.com has found and fixed the problems.  They are working to fix other pools too.

https://forum.litecoin.net/index.php/topic,4002.0.html

Thx
full member
Activity: 196
Merit: 100
Actually it looks like something might have happened.  Smaller pools maybe just do not have active enough management to notice?

I logged into multiple pools and all seemed to have become very "unlucky" - finding blocks 25%-33% less than you would expect given their displayed hashrates - going through the explorer though it does not seem that the blocks were "stolen" - maybe someone has found a way to artificially slow the network again?
hero member
Activity: 518
Merit: 500
Alright that makes sense then. Still the whole issue in itself does not make sense, as nobody else than those two pools are posting news on this.
hero member
Activity: 840
Merit: 1000
Namecheap is probably the second largest domain name registrar in the world, so not that coincidental. I use them too. And yes - they accept BTC.
hero member
Activity: 728
Merit: 500
Well it's quite a coincidence that both pools are registered by the same registrar?

Well, it's a registrar that accepts BTC payments. Not many of those exist. So it's not so surprising that 2 crypto-currency related domains are registered with a registrar that accepts the #1 crypto-currency.
hero member
Activity: 518
Merit: 500
Well it's quite a coincidence that both pools are registered by the same registrar?

And also both have the troubles?

Maybe it's just something to do with their ISP.
hero member
Activity: 840
Merit: 1000
Give-Me-LTC:

Quote
27/May/2013
You may have noticed extremely large blocks and round times over the past 24hours. This was due to multiple issues with finding blocks. This issue was affecting multiple pools for most of the day. We are still unsure of the cause but we have no reason to suspect it was due to issues on the litecoin network, will continue our investigations on this and give more information when we have it. So far things seem back to normal but we are keeping a firm eye on things.
If you are experiencing frequent disconnections contact us ASAP.

wemineltc and givemeltc seem to be owned by the same person:

http://whois.domaintools.com/wemineltc.com
http://whois.domaintools.com/give-me-ltc.com

They aren't, from where are you drawing that conclusion? Whois guard is just a privacy feature Namecheap offers.
hero member
Activity: 518
Merit: 500
Give-Me-LTC:

Quote
27/May/2013
You may have noticed extremely large blocks and round times over the past 24hours. This was due to multiple issues with finding blocks. This issue was affecting multiple pools for most of the day. We are still unsure of the cause but we have no reason to suspect it was due to issues on the litecoin network, will continue our investigations on this and give more information when we have it. So far things seem back to normal but we are keeping a firm eye on things.
If you are experiencing frequent disconnections contact us ASAP.

wemineltc and givemeltc seem to be owned by the same person:

http://whois.domaintools.com/wemineltc.com
http://whois.domaintools.com/give-me-ltc.com
Pages:
Jump to: