Dump all the ppc
It's possible someone else figured out the attack too and has bought that many coins to abuse the proof of stake implementation and generate another bajillion coins.
How would that vulnerability allow people to generate a bajillion coins?
My understanding is it just makes it more feasible to perform double spend attacks without an enormous amount of coins.
Correct, they can drive up the difficulty and revert (but not steal) others up to 5 blocks back.
TacoTime is like salsa, he always likes to spice things up.
Source:
Jutarul has made a disclosure today of a stake generation vulnerability here:
https://bitcointalksearch.org/topic/ppcoin-stake-burn-through-vulnerability-131901We have been aware of this vulnerability for a while. A protocol upgrade has been designed and is currently being implemented. Jutarul did not attempt to communicate with us privately before his disclosure today. We appreciate Jutarul's independent research, however given the circumstances it would be more responsible to communicate with me privately to discuss the discovered vulnerability and the schedule of disclosure.
I'll give a summary of the impact here:
Impact level: severe
Description: The current stake generation hashing protocol is vulnerable to a search attack.
Attacker gains advantage of generating more blocks with limited coins.
Given the current checkpoint policy, the impact on the block chains is mostly limited to:
- Attacker may invalidate other nodes' proof-of-stake blocks and force short reorganizations up to 5 blocks (may be mitigated by strengthening the checkpoint policy)
- Pushing up proof-of-stake difficulty to very high level
Given the current checkpoint policy, it is
not likely that the following can be achieved by an attacker:
- Preventing transactions from being confirmed.
- Minting more coins than normal through the attack.
We will accelerate the development schedule for this fix so stay tuned. I will give an update in my weekly update later this week on the progress of the release.
