Topic: New 64 Bit Random Search Pool Project (Read 367 times)

You could just say uploading .exe to GitHub repository (instead of Mediafire or similar website) could give few people false sense of security (since few people treat GitHub as safe place to download software directly from the developer).


Alternatively you could provide AppImage file which should work for most linux distro.

P.S. Nvidia GPU popular among Linux users becuase it offer better price/performance and exclusive feature (such as CUDA which frequently used on heavy computer science software).

I actually trust Mediafire and co. less than other platforms because there's an abundance of malware on there as a result of it being used to host piracy warez.


Can confirm.

---

Basically, it's in our interest to open-source the 64-bit random pool code so that Linux users can run it (you won't believe how many Linux users got nvidia cards attached despite the poor graphics support). I think the sensitive parts are limited to a few lines of code and variables, I'll see if we can just feed that information through a makefile and #define constants to hide those parts.

Mediafire is an example, sites like that are for sharing any type of files including .exe files such as yours while github is first and foremost a "code" sharing platform even though it has no restrictions on file types being uploaded.

I was addressing you and NF, in the same post; he mentioned "giving more credibility" if x y and z compiled it.

I have no issues hanging it anywhere as there is no malicious code in it. I do not know about mediafire, can you elaborate on the differences vs github?

I never said such a thing and that is not what open source means.

Being open source means anyone can see the code and compile it for themselves if they choose to. Otherwise trusting X over Y with an already complied binary is the same problem all over again no matter who X and Y are or how much merit they have!
For example do you think I run Electrum because I trust Thomas. V.? Absolutely not. I use it because I can see every single line of code and can compile it myself for my own use.

Bottom line is that there was a big elephant in the room that needed to be addressed and I would have probably never said anything if the .exe was uploaded anywhere else like mediafire instead of github.

None of the software does an auto pay out. That will all be done manually.

If you know what the pool is about and understand how the client works in its original form and how the actual cracking software works in its original form, you can conclude how easy it would be to manipulate work done, i.e. your percentage of work done to receive more than your fair share or flat out take the private key and claim all the BTC for yourself.

Some people have already tested the programs. I can see how many people use a different cracking software to try and run with the client software. But without the version on github, they can run their program all day but receive zero credit because it is "fake" work/not validated. That is because there are 2 fail safes built into the software that detect bad actors and does not give them credit. One on the client side and one on the cracking side. If either are exposed, then the pool is worthless.

If you have ever ran TDs 64 bit pool and actually watch what is going on when your machine is running the program, which by the way, it is also closed course (hmmmm, I wonder why), you can see the vulnerabilities in it. But you have to pay attention...

I will discuss options with NotATether in private to see if their is a viable solution.

Clearly. I hope that I didn't offend you, but I've learned to be very careful with what I install/run.
It's not only about merit, it's also about the fact he's older here, more active, I interacted more with him than you... and higher ranked by the forum.
Usually the lower the rank, the higher the chance it does something fishy. It doesn't mean that you did or you will do that, clearly. It's just chances and numbers.

As I said, a higher rank can give more credibility to everything and attract more people to the project. Whether you do that or not, it's entirely your choice.



That's good to know. I'm still a bit wary about the client though.

Alright, to touch on your comments more. I get what you are saying and it is what it is. But I know you are an intelligent person pooya, and if you would just think about things regarding this thread and the nature of the pool, I would hope you would understand why it has to be closed source. There are details in the first post that elude to the "why" if you read it closely.

Trust is a serious thing. It is earned, I get that. But that works both ways. Why would I trust you or NotATether with the source code? Because maybe if you compile it people will be more receptive because you have x number of merit? Nah. Who's to say you wouldn't show it or give it to someone? Or who says you won't take the code and tweak it for your own benefit?

Trust...maybe I can put my own spin on that. People who do join the pool can trust and know that there is only one person who has the source code and it will not get passed from person to person, and maybe they can rest easier knowing that you or someone else who I could possibly give the code to, didn't pass it on to their friend, and their friends friend, etc. and one of those persons manipulated the code for their own benefit.

The bottom line, I am the only one with the source code. I have tried to think of every angle to keep someone from manipulating the pool and taking away from people who are actually participating in the pool.

Again, it's not about the money for me. It's about the concept. About doing something that mostly everyone says can't be done or will take a long time.

I have people who will vouch for me when it comes to being genuine. I send people eth/BTC just for helping out with things; even though they didn't expect it, because I know time is precious for everybody. Just last night, I tried to send a brilliant programmer some eth just for chatting with me for 30 minutes or so about how their particular program works and why they felt another program tasked the CPU more than this other one...just for sharing their thoughts and listening to mine. So yeah, it's not about the money for me. As Doc Holliday said, "It's about the reckoning." lol

People will make a choice to join the pool and run the program, or they won't.  But I at least hope they understand why it has to be closed source and won't trust me any less just because a few people with a lot of merit say I might as well keep it all, or lump me in with some individual from another project, etc.

And this is your choice, if you do not join because I don't have enough numbers by my merit, that is fine. But I will leave you with this, just because you sit in a garage, doesn't mean you're a car.

In fact I'm the one who modified and compiled the Kangaroo #120 server (more details in the discord server linked in the OP)

I think that if it would be you at least compiling the source it would give more credibility to the project (then I may even consider joining in when I could, although my NVidia card is on a laptop).

I'm working with the OP and two other people in our group DM on discord - I'll ask the other two if they've seen the source (@yoyodapro is the one compiling so he should at least know about it).

Well this is a closed source .exe file and the fact that it is uploaded to github doesn't mean it is safe to run. OP might as well be keeping 100% of any puzzle that the users may solve or worse the file could be doing a similar thing to the other puzzle solver (Large Bitcoin Collider) and execute any arbitrary scripts on users computers to do whatever...

Highly unlikely it would be in the 8 range. So far with all the found keys there have been no duplicates. Beginning with 137 only 8 and B have been used, therefore if anything it's more than likely in either 9, A, C, D, E, F ranges.

1378
134E
124A
126C
135D
125D
136D
137B
1349
124E
126E
126A
127E
1269
127F
137

Yeah, it would be our luck everyone sticks to the C D E F ranges and the key is in the 8 range lol

I'll make a 2-of-4 multisig wallet and each of you can get a key (the fourth person being dlystyr)


zahid888 exhausted part of a range IIRC and didn't find anything, I think you'll end up just wasting ports, than when everybody's throwing their hashpower at the full range.

Since this proof of concept project does offer a reward, .04 BTC for the key finder, I've been thinking about opening different ports up for different ranges.

That way people can search in whichever range they feel the key is in.

I'm willing to do 8, one for each top range.

Example:

port 80 = 800...8FF
port 81 = 900...9FF

all the way down to

port 87 = F00...FFF

What say you?

Or at least 2 ports, 1 for 800...BFF and 1 port for C00...FFF, since most people think the key lies in the C to F range.

Well I am not sure who would hold the "developer fee". I'm not interested in the money to be honest; for me it's about the challenge, the proof of concept.
I don't want to take money out of people's pockets for helping out in the hunt. If there is to be a developer fee, I'll gladly donate 2% of my earnings so all the hunters out there can keep hunting and not worry about fees.

If we ever move forward out of proof of concept, maybe then everyone can discuss what they deem as fair for any maintenance fees such as server costs, domain names, etc.

I agree, that or 0.5% from all users as a developer fee to contribute towards hosting, development, etc.

@WanderingPhilospher We should probably keep 2% of the remaining funds after the privkey finder bounty is accounted for so that we have (at least a little) funding for maintaining projects like this.