Topic: Terracoin attack caused Bter.com 50BTC loss (Read 5329 times)
Since TRC is steadily rising and my deposits don't even show as pending, I'm worried you forked again without installing -48 in time. I've let support know (well in advance) and mentioned it on Twitter. Not sure how better to try and get your attention when you and customers are at risk of losing money again...
the most frequent attacked coin to date. I'm amazed how trc is still alive.
Hi there. I trust you upgraded to -48 in time before the mandatory block to avoid this happening again? I put in a support ticket ahead of time to make sure your staff knew another mandatory update was coming.
Length of chain does not matter, it is total amount of work (listed as log2_work in debug.log file) done on it that matters. Put differently:
99 blocks mined at difficulty 1
1 block mined at difficulty 100 <--- this chain wins
TRC hard-forked at block 175,000 but last checkpoint is still at block 110,197 which means attacker still has coins he generated during attack.
Given that he also still posses massive hashrate, much more than 51%, he can still double-spend his coins, orphan anyone else blocks and so on.
99 blocks mined at difficulty 1
1 block mined at difficulty 100 <--- this chain wins
TRC hard-forked at block 175,000 but last checkpoint is still at block 110,197 which means attacker still has coins he generated during attack.
Given that he also still posses massive hashrate, much more than 51%, he can still double-spend his coins, orphan anyone else blocks and so on.
So, does 101 blocks mined at difficulty 1 win over 1 block at difficulty 100?
I'd ask freeworm, who seems to be part of BTER staff, to post here all the trades done by the attacker.
I renew the request, this would be just fair and transparent.
There are risks in every business...you`ll get over this. Heads up - i appreciate your approach on this matter.
I'd ask freeworm, who seems to be part of BTER staff, to post here all the trades done by the attacker.
....unless those coins belongs to the attacker now and he's holding them somewhere, they disappeared from BTER but still are in the attacker's possesion, aren't they?
As lamiomni said, a profit happens when you double spend. In the current blockchain the deposit by the attacker would be invalid. So they are still with the attacker (unless they have been spent again).
Some of that TRC deposit may have been withdrawn by Bter users and should have vanished. Since nobody is reporting that it seems a tad fishy. Unless by luck all the withdrawls used other TRCs only.
Exchange wallet: 2,000,000 TRC
Attacker sends 120,000 TRC, coins go to his deposit address, then into exchange wallet.
Exchange wallet: 2,120,000 TRC
Attacker converts on site to BTC and withdraws
Exchange wallet: 2,120,000 TRC
Attacker invalidates original blockchain and deposit disappears
Exchange wallet: 2,000,000 TRC
Now, *IF* someone happened to withdraw from the exchange during this brief period, their TRC sent to other sites would disappear, but how often do people transfer out of an exchange?
Not really, since normally blockchain acceptation is weighted with transactions, the attacker's blockchain contains all the transactions except his own (as a node, you have the ability to rejects transactions).
Heads up and condolences for Bter.
But also a good illustration for us all who would invest in unsecured cryptocurrencies.
But also a good illustration for us all who would invest in unsecured cryptocurrencies.
....unless those coins belongs to the attacker now and he's holding them somewhere, they disappeared from BTER but still are in the attacker's possesion, aren't they?
As lamiomni said, a profit happens when you double spend. In the current blockchain the deposit by the attacker would be invalid. So they are still with the attacker (unless they have been spent again).
Some of that TRC deposit may have been withdrawn by Bter users and should have vanished. Since nobody is reporting that it seems a tad fishy. Unless by luck all the withdrawls used other TRCs only.
Exchange wallet: 2,000,000 TRC
Attacker sends 120,000 TRC, coins go to his deposit address, then into exchange wallet.
Exchange wallet: 2,120,000 TRC
Attacker converts on site to BTC and withdraws
Exchange wallet: 2,120,000 TRC
Attacker invalidates original blockchain and deposit disappears
Exchange wallet: 2,000,000 TRC
Now, *IF* someone happened to withdraw from the exchange during this brief period, their TRC sent to other sites would disappear, but how often do people transfer out of an exchange?
in other words he still have the cake and ate it too
Yup.
Here is a simplified explanation:
- 2 blockchains: One where you spend it (on the legit blockchain, B1), one where you keep it (on the attacker's one, B2)
- During the attack, you deposit your funds on an exchange and withdraw BTC, LTC, whatever, something different than TRC, these transactions takes place on B1 but not on B2
- You broadcast B2 to reverse TRC transactions you did on B1, this is likely to succeed only if you have more than 51% of the network
- Unfortunately, all the others blockchains didn't reverse the transaction so you still have withdrawn BTC, LTC... and TRC
Time warp attack seems to block difficulty to a low level, so the blocks can be minted at very high speed.
the blockchain now says:
175049 2013-07-29 11:49:19 36 126.31668153 294231.656 3501029.85549999
on the 23th before the attack there were 327049 TRC, here the situation at block 163500
163500 2013-07-23 03:36:06 1 20 20574.792 3270049.85549999
11549 blocks difference, 20 trc on each block: 230980 TRC total generated by these 11549 new blocks
3.270.049+230.980 = 3.501.029
EXACT!
so the frigging TRC coins generated by all those blocks are still counted by the block chain
but... if THEY DISAPPEARED, shouldn't they be erased and not computed anymore???
the mystery is still there... are those coins existing or not??
I still can't get it!
Try this explanation: Attacker has legally mined 100 coins175049 2013-07-29 11:49:19 36 126.31668153 294231.656 3501029.85549999
on the 23th before the attack there were 327049 TRC, here the situation at block 163500
163500 2013-07-23 03:36:06 1 20 20574.792 3270049.85549999
11549 blocks difference, 20 trc on each block: 230980 TRC total generated by these 11549 new blocks
3.270.049+230.980 = 3.501.029
EXACT!
so the frigging TRC coins generated by all those blocks are still counted by the block chain
but... if THEY DISAPPEARED, shouldn't they be erased and not computed anymore???
the mystery is still there... are those coins existing or not??
I still can't get it!
Code:
Original Blockchain Attacker Blockchain
Block 102, 1 transaction, 20 coins to A Block 102, 1 transaction, 20 coins to attacker (C)
block 103, 1 transaction, 20 coins to B Block 103, 1 transaction, 20 coins to attacker
block 104, 1 transaction, 20 coins to A Block 104, 1 transaction, 20 coins to attacker
block 105, 1 transaction, 20 coins to C Block 105, 1 transaction, 20 coins to attacker
block 106, 2 trans, 20 to A, 100 C->D Block 106, 1 transaction, 20 coins to attacker
block 107-113 1 trans, 20 each to A/B/E Block 197-113, 20 coins each to attacker
block 114, 1 trans 20 coins to E Block 114 attacker makes a longer chain by creating a larger transaction, orphaning true blocks 102-113
Example of attacker's transactions in block 114:
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2.06 1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 80.1575
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2.0975
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
Block 102, 1 transaction, 20 coins to A Block 102, 1 transaction, 20 coins to attacker (C)
block 103, 1 transaction, 20 coins to B Block 103, 1 transaction, 20 coins to attacker
block 104, 1 transaction, 20 coins to A Block 104, 1 transaction, 20 coins to attacker
block 105, 1 transaction, 20 coins to C Block 105, 1 transaction, 20 coins to attacker
block 106, 2 trans, 20 to A, 100 C->D Block 106, 1 transaction, 20 coins to attacker
block 107-113 1 trans, 20 each to A/B/E Block 197-113, 20 coins each to attacker
block 114, 1 trans 20 coins to E Block 114 attacker makes a longer chain by creating a larger transaction, orphaning true blocks 102-113
Example of attacker's transactions in block 114:
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2.06 1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 80.1575
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2.0975
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
1PAnMKuTs9R4U9FF7xdQSmQc655d2r9zeB: 2
Since the attacker's blockchain is longer and he has more hashrate, he forces his blockchain onto the network as the real one and the real one disappears (orphaned). The spend he made at block 106 to the Exchange at Address D 'disappears'(even though the exchange credits it after the 4/6 confirmations), the coins mined by A, B and E disappear, their blocks orphaned. Attacker goes to exchange, converts credited coins to BTC or other coins, transfers them out, Exchange later sees balance mismatch between wallet and their system and trace it back, but too late, attacker has run with converted coins.
Now, by this explanation, the attacker still has the coins. TRC developers though said the time warped blocked would be invalidated. What does this mean? Dunno. Maybe the attackers address is rendered invalid in the system and while the coins are 'in' his wallet, the client will never allow them to be spent. Maybe it's just a platitude given to us to calm the masses into thinking the attacker lost his coins, while they sweep it under the rug and let him go. Maybe...
We will never know the real truth unless the TRC dev's come right out and explain it in terms we can understand.
in other words he still have the cake and ate it too
....unless those coins belongs to the attacker now and he's holding them somewhere, they disappeared from BTER but still are in the attacker's possesion, aren't they?
As lamiomni said, a profit happens when you double spend. In the current blockchain the deposit by the attacker would be invalid. So they are still with the attacker (unless they have been spent again).
Some of that TRC deposit may have been withdrawn by Bter users and should have vanished. Since nobody is reporting that it seems a tad fishy. Unless by luck all the withdrawls used other TRCs only.
....unless those coins belongs to the attacker now and he's holding them somewhere, they disappeared from BTER but still are in the attacker's possesion, aren't they?
the blockchain now says:
175049 2013-07-29 11:49:19 36 126.31668153 294231.656 3501029.85549999
on the 23th before the attack there were 327049 TRC, here the situation at block 163500
163500 2013-07-23 03:36:06 1 20 20574.792 3270049.85549999
11549 blocks difference, 20 trc on each block: 230980 TRC total generated by these 11549 new blocks
3.270.049+230.980 = 3.501.029
EXACT!
so the frigging TRC coins generated by all those blocks are still counted by the block chain
but... if THEY DISAPPEARED, shouldn't they be erased and not computed anymore???
the mystery is still there... are those coins existing or not??
I still can't get it!
175049 2013-07-29 11:49:19 36 126.31668153 294231.656 3501029.85549999
on the 23th before the attack there were 327049 TRC, here the situation at block 163500
163500 2013-07-23 03:36:06 1 20 20574.792 3270049.85549999
11549 blocks difference, 20 trc on each block: 230980 TRC total generated by these 11549 new blocks
3.270.049+230.980 = 3.501.029
EXACT!
so the frigging TRC coins generated by all those blocks are still counted by the block chain
but... if THEY DISAPPEARED, shouldn't they be erased and not computed anymore???
the mystery is still there... are those coins existing or not??
I still can't get it!
Even smaller amount looking enornous compar to usual... Of course as said 24/24 monitoring is needed... Or the TRC trading should be stopped directly before any disaster... I agree on that
neotrix, did any TRC disappear from your exchange? any at all? not even 1.
Basicly this is what happens during a 51% attack:
You have to understand that the blockchain contains all the transactions and block are minted on top of it
The attacker build his own blockchain, with his mining speed, he can be faster than the network
Blockchain acceptation is done by consensus by all the nodes, basicly, the longest chain wins
The attacker spend his money on the network chain, but his money remains on his (and longer!)
The attacker broadcasts (release) his chain to all the node, in order to be accepted by them
The longest chain is validated, orphaning the network's chain, reversing his spending
The attacker, sucessfully spent his money (like exchanging TRC in BTC) and keep his money on the newly accepted chain
In this case, I think that he successfully use his minting reward because he doesn't seem to have balance before the attack
This attack seems to give 100% of minted blocks to the attacker
Please tell me if I'm wrong somewhere.
Quote
When you deposit, you just deposit to the exchange wallet; where other deposits happen too. Same happens with withdrawl. So you don't do a point to point transaction between buyer/seller.
thanks a lot for that answer
but I'm still confused!
what I would like to know is: which coins really disappeared??
1) the ones the attacker deposited on BTER? (this seems to be confirmed by BTER)
2) the ones the attacker sold on BTER but still sitting in the buyer's BTER account? (this also seems to be the case)
3) the ones that were moved out of BTER buyer's account into other exchange accounts (in this case any other exchange should have a total of TRC which is less that the total of its clients' TRC individual holdings, the difference made by the disappearead TRC brought in there)
are all the three cases true?
thanks for your help
What is in you account is just a number. You don't have a separate wallet. Bter's TRC balance reduced after the attackers TRCs disappeared.
When buyers withdrew TRC, it MAY been partly the attacker's ones too. If no user reports that they have any TRC missing, there is a very strong possibility that Bter is hiding something.
Even smaller amount looking enornous compar to usual... Of course as said 24/24 monitoring is needed... Or the TRC trading should be stopped directly before any disaster... I agree on that
neotrix, did any TRC disappear from your exchange? any at all? not even 1.
Quote
When you deposit, you just deposit to the exchange wallet; where other deposits happen too. Same happens with withdrawl. So you don't do a point to point transaction between buyer/seller.
thanks a lot for that answer
but I'm still confused!
what I would like to know is: which coins really disappeared??
1) the ones the attacker deposited on BTER? (this seems to be confirmed by BTER)
2) the ones the attacker sold on BTER but still sitting in the buyer's BTER account? (this also seems to be the case)
3) the ones that were moved out of BTER buyer's account into other exchange accounts (in this case any other exchange should have a total of TRC which is less that the total of its clients' TRC individual holdings, the difference made by the disappearead TRC brought in there)
are all the three cases true?
thanks for your help
Jump to: