Mintpal hacked (VeriCoin) - page 8. | Bitcointalksearch.org

InvestorPerson

sr. member

Activity: 316

Merit: 250

AWESOME

from now on, everytime someone doesn't like where coins are moving (be it theft or whatever), they'll just scream HACKERZZ, force a hardfork+rollback, et voila

job well done verifunnycoin and mintpal. that's gonna help the whole crypto world

sadly the sheep will jump right back at verifunnycoin and put more money in it

sirsmokesalot

hero member

Activity: 767

Merit: 500

Quote from: ThousandFaces on July 13, 2014, 08:23:48 PM

I am not nearly as well versed as most people on here when it comes to the inner workings of crypto on the development level. When I read this press release I thought to myself that this is terribly scary that developers can just decide activity is no longer valid should they choose. I thought to myself that I must be missing something because it is the opposite of crypto's intentions. I came across this thread and can see that clearly many people agree with me.

What a shameful thing VRC developers did today. The responsibility for reimbursement falls on MintPal. That being said, I like MP. Exchanges get hacked, people get hacked, it's the way this crypto-world works right now, unfortunately. And even the biggest stock exchanges get hacked. So anyone pretending that a hacking incident is somehow a black dot, get over it. The next couple of days will dictate whether they are big boys and girls and handle this properly, or not. If they don't and this type of thing keeps happening, then I will change my mind...

Best of luck to everyone out there!

I was going to say something, but you said it just as well. Because of the ineptitude of an exchange, the coin rolls back? WOW.

ThousandFaces

newbie

Activity: 55

Merit: 0

I am not nearly as well versed as most people on here when it comes to the inner workings of crypto on the development level. When I read this press release I thought to myself that this is terribly scary that developers can just decide activity is no longer valid should they choose. I thought to myself that I must be missing something because it is the opposite of crypto's intentions. I came across this thread and can see that clearly many people agree with me.

What a shameful thing VRC developers did today. The responsibility for reimbursement falls on MintPal. That being said, I like MP. Exchanges get hacked, people get hacked, it's the way this crypto-world works right now, unfortunately. And even the biggest stock exchanges get hacked. So anyone pretending that a hacking incident is somehow a black dot, get over it. The next couple of days will dictate whether they are big boys and girls and handle this properly, or not. If they don't and this type of thing keeps happening, then I will change my mind...

Best of luck to everyone out there!

micaman

sr. member

Activity: 345

Merit: 500

Quote from: Petr1fied on July 13, 2014, 08:07:05 PM

The whole idea of rolling back a blockchain because an exchange lost coins is ridiculous. Mintpal should make good on the losses out of their own pocket for their sheer incompetence. Even if it means the death of their exchange and the collapse of the market value of VRC.

If they can't secure their customers coins and aren't prepared to pay for their own mistakes in the event of a security breach then they don't deserve to be in business.

Exactly.

Mintpal Hack "attacker targeted BTC, LTC, and VRC" - P. Nosker, Vericoin Dev
https://bitcointalksearch.org/topic/m.7821972

Petr1fied

hero member

Activity: 630

Merit: 502

The whole idea of rolling back a blockchain because an exchange lost coins is ridiculous. Mintpal should make good on the losses out of their own pocket for their sheer incompetence. Even if it means the death of their exchange and the collapse of the market value of VRC.

If they can't secure their customers coins and aren't prepared to pay for their own mistakes in the event of a security breach then they don't deserve to be in business.

foodies123

sr. member

Activity: 322

Merit: 250

Quote from: micaman on July 13, 2014, 07:49:35 PM

Quote from: freedomno1 on July 13, 2014, 06:58:43 PM

Quote from: haploid23 on July 13, 2014, 12:24:16 PM

Quote

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

So someone broke into a shop, took the candy and left the register? Damn kids these days...

mintpal was most likely keeping it all in a hotwallet staking the shiznit out of it because you know ... profits.

micaman

sr. member

Activity: 345

Merit: 500

Quote from: freedomno1 on July 13, 2014, 06:58:43 PM

Quote from: haploid23 on July 13, 2014, 12:24:16 PM

Quote

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

So someone broke into a shop, took the candy and left the register? Damn kids these days...

gustav

hero member

Activity: 602

Merit: 500

Quote from: freedomno1 on July 13, 2014, 06:58:43 PM

Quote from: haploid23 on July 13, 2014, 12:24:16 PM

Quote

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

we don't know that yet. On vrc-thread people say ltc and btc was touched by the hack too.

freedomno1

legendary

Activity: 1806

Merit: 1090

Learning the troll avoidance button :)

Quote from: haploid23 on July 13, 2014, 12:24:16 PM

Quote

1) We lost a considerable amount of VeriCoin in the attack, however we have been working with the VRC developers and all major exchanges to hard fork the coin at a position before the attack. This will allow us to retrieve the stolen coins and facilitate all withdrawals. We are also working with various exchanges to accommodate any losses they may encouter as a result of the required fork.

This is a problem right here. Just because it's stolen does not mean they should be able to arbitrarily reverse the hack. If they're successful at hard forking, this will set precedence that any time there is a theft reported, devs can just hard fork again. This will eventually be abused, and corruption happens.

True on the bright side at least it was not the Bitcoin accounts that got broken into
Always scary when an exchange gets hacked

Benefactor

hero member

Activity: 1260

Merit: 504

Quote from: Spoetnik on July 13, 2014, 05:22:57 PM

a lot of negative precedents are being set more frequently and unless Regulation is put in place and fast i am getting out of this shit scam pit of bullshit scene.

What? Nobody who 'gets' crypto would request "Regulation"! Are you from the City of London or something?

Maybe you mean self-regulation or something.

If every country in the world 'regulated' crypto, YOU STILL CAN'T CONTROL IT THIS WAY!

Please retract your comment, or I will consider you a shill for the powers that be.

mrkavasaki

hero member

Activity: 888

Merit: 500

and what we learn from this? only use decentralized exchanger like http://blackhalo.info/
and thats why blackcoin is the future

kbm

member

Activity: 84

Merit: 10

Quote from: Wulfcastle on July 13, 2014, 06:22:01 PM

Well I'm sure if the hacker managed to withdraw the coins they hacked, and the amount of the coins hacked is greater than 51% of the current network stake, the hacker could just stake all the hacked coins and cause another fork as in this case the hacked coins would account for > 51% of the network stake.

In any case I'll be removing my coins from MintPal until they release a statement about how the coins were actually stolen/hacked in the first place.

I'm not saying the hacker needs 51%, I'm just saying that in the matter of an instant .. the consensus mechanism became flawed. The votes of potentially thousands of people literally just became one large vote, and it's totally opposite of what those (potentially) thousands of people would vote for in the first place. This goes for any amount of coins, be it 5, 10, or 20%. No matter the percentage, the coins are no longer in the hands of those that would have been otherwise able to vote for consensus.

Wulfcastle

hero member

Activity: 546

Merit: 500

Quote from: kbm on July 13, 2014, 06:11:44 PM

Quote from: Wulfcastle on July 13, 2014, 05:49:22 PM

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Can a hardfork even be enforced without >51% consensus of those staking? I really don't know .. anyone care to fill me in please?

I'm asking if this can be stopped if simply not enough people download and run the new fork, and instead continue using the old one.

Edit: Actually I'd like to point out a serious flaw here. With a large theft, the consensus mechanism will now be flawed in that there will be a majorly disproportionate number of people staking the old fork (Due to the theft itself) compared to those trying to stake the old fork (as anyone in favor of the new fork will now have zero coins). This seems to be a massive security flaw in using centralized exchanges. That is, if 51% of stake is required to enforce the fork in the first place.

Well I'm sure if the hacker managed to withdraw the coins they hacked, and the amount of the coins hacked is greater than 51% of the current network stake, the hacker could just stake all the hacked coins and cause another fork as in this case the hacked coins would account for > 51% of the network stake.

In any case I'll be removing my coins from MintPal until they release a statement about how the coins were actually stolen/hacked in the first place.

kbm

member

Activity: 84

Merit: 10

Quote from: Wulfcastle on July 13, 2014, 05:49:22 PM

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Can a hardfork even be enforced without >51% consensus of those staking? I really don't know .. anyone care to fill me in please?

I'm asking if this can be stopped if simply not enough people download and run the new fork, and instead continue using the old one.

Edit: Actually I'd like to point out a serious flaw here. With a large theft, the consensus mechanism will now be flawed in that there will be a majorly disproportionate number of people staking the old fork (Due to the theft itself) compared to those trying to stake the new fork (as anyone in favor of the new fork will now have zero coins). This seems to be a massive security flaw in using centralized exchanges. That is, if 51% of stake is required to enforce the fork in the first place.

mickey mouse

newbie

Activity: 8

Merit: 0

This could damage mintpal's credibility. They could begin to look like a mickey mouse exchange after this.

ethought

legendary

Activity: 1316

Merit: 1000

Quote from: Wulfcastle on July 13, 2014, 05:49:22 PM

I think I speak for everyone here, when I say that MintPal should release a statement as to how exactly the attack took place.

I agree.

If for nothing else, to possibly help another exchange or service not fall for the same vulnerability.

Plus if the issue / vulnerability is now fixed what have they got to lose?

micaman

sr. member

Activity: 345

Merit: 500

They are creating a very dangerous precedent.
It's like creating a hard-fork just because someone is stupid.

r0ach

legendary

Activity: 1260

Merit: 1000

This would have been a large loss to Mintpal. If Vericoin didn't voluntarily fork this, I'm pretty sure there would have been some behind the scenes bribes of tens of thousands of dollars to do it.

mr_random

legendary

Activity: 1344

Merit: 1001

I would like to know why so many Vericoin were in the hotwallet?

I have always been suspicious that Mintpal was not following cold storage best practices. This unfortunate incident may confirm it.

Wulfcastle

hero member

Activity: 546

Merit: 500

I think I speak for everyone here, when I say that MintPal should release a statement as to how exactly the attack took place.

As for VeriCoin hard forking as a result of this, that is pure centralization. Hard forks are not supposed to occur because of events like this despite how badly people may lose out on it, becuase if this goes through, what it essentially means is that the VeriCoin developers can fork VeriCoin for whatever reason they like.

Say for example if one of the developers (who holds a large amount of VRC) get's hacked they could just hard fork VRC again just to retrieve their coins. It may sound good to those who lost their coins, heck I'd be happy if I owned VRC and got my coins back, but what they've just done is centralize VRC

Topic: Mintpal hacked (VeriCoin) - page 8. (Read 11030 times)