Pages:
Author

Topic: Testers needed for wallet - no payment - but prize money to win (2000$) (Read 401 times)

copper member
Activity: 183
Merit: 18
www.hodler.tech - HODLER - Open Source MultiWallet
We are sorry that you think that the competition may be unfair. During previous competitions with smaller amounts, they were organized in such a way that the amounts in the wallets did not have any confirmations, which gave equal opportunities to everyone. We are currently planning to publish the first few backups in the same way and the rest in one roll. If the transaction is unconfirmed, each person has an equal chance of sending a transaction to his address, if we send 50 backups at once, no one is able to open them simultaneously, even our developers.

We care about honest competition, the amount is not huge, but for many people it is good money, for us it is a low price for testing the performance of servers loaded with real users. These types of social tests will be repeated regularly. We hope you will join us.
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
Not that simple. I tried to claim last time. It was complicated.
Some QR, some Hodler wallet passwords, some privat keys. And some thing I did not find out.

Monday I will try to ask if some lucky/smart people from last time could post here.
Budget year ending at work to day. So time is limited to day.

If you scroll up here you can see it
https://t.me/HODLER_TECH_IN
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
So the team use +100 hours promoting to take 2k$ they already have?

Come on guys 😀


I'm defenately not accusing them, and I'm pretty sure they mean well... However, I don't think that the fact they've invested a lot of their time is a valid argument for a flawed airdrop distribution model.

$2k is $2k, and since there is no "provable fair" distribution method (as a matter of fact it's pretty easy for them to cheat) there is no way of being sure everything is distributed fairly.

I also think the argument of "some people being able to claim a couple wallets" is not just. I'm not going to invest my time in cheating, but i guess it wouldn't be to hard to:

- write a bot that monitors the project's telegram channel
- as soon as the wallets are posted, the bot will download them, together with the passwords
- as soon as a wallet is downloaded, he can use a script to automatically decrypt the wallet and export the xprv and first private key
- the script can then create a transaction that spends all funds in the wallet, and immediately broadcast said transaction to a lot of nodes.

I'm pretty sure that if a dedicated, knowledgeable thirth world programmer (because, let's face it, for somebody in a first world country, the $2k might not be worth the time you'd have to invest) really put his mind to this, he could grab all hundred wallets before honest participants even get the chance to download, open and spend from a single wallet...
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
So the team use +100 hours promoting to take 2k$ they already have?

Come on guys 😀
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
What is needed to gain trust for the competition?

How should a team member claim the BTC?
Wallets will be posted public so can’t see how to cheat.
One person could get more than one thats right.

Well, there's always the possibility the team already exported all private keys before the wallets were posted, maybe even generated transactions beforehand to spend all unspent outputs controlled by those 100 wallets but didn't broadcast them yet. After all, they were the ones that generated those wallets and funded them... So they have the wallet file and the password, nobody can prove wether or not they exported any keys.

If they wait 10 or 15 seconds after they've published the wallets untill they broadcast the pregenerated spending transactions, nobody will be able to prove they claimed everything themselfs. After all, it could be a member of the public who wrote a script to download the wallet files, decrypt them, export the private keys, generate a spending transaction and broadcast these transactions just a couple of seconds after the wallets were posted. The wallet is open source, it shouldn't be to hard to reverse engineer the encryption and write a script to decrypt those password protected wallets + rip the xprv or private keys automatically.

I'm not saying that this is what they'll do, i'm just listing a potential abuse scenario...

There are ways to create a fair distribution, i'm not convinced this one.
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
What is needed to gain trust for the competition?

How should a team member claim the BTC?
Wallets will be posted public so can’t see how to cheat.
One person could get more than one thats right.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
You should probably read this and other warnings in their thread before installing software from untrusted sources:

Thanks for the warnings and concerns. I also wanted to install onto an older phone I don't use anymore, but after reading this thread I decided it doesn't worth my time.


Not very important, however, also the way they give out the prizes is easy to abuse. There's a great chance all the prizes will be redeemed by the same person, possibly from their own team.
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
Anyone know what permissions the Android app requires?

One from team say

Camera Internet Read Write Internal Storage Vibrate

Exact list is available in Google Play description

In Android 6.0+ these permissions are switchable at runtime

So you can deny or allow eg. Camera permission while accessing qr code reader

Reply here
https://t.me/HODLER_TECH_IN
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
Anyone know what permissions the Android app requires?

I have asked team to reply
legendary
Activity: 2772
Merit: 3284
Anyone know what permissions the Android app requires?
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
I have made a review here : https://bitcointalk.org/index.php?topic=5032817.new#new
I wish you all the best , please take care of the above quote by @LoyceV and add more security to that wallet .

I know the team appreciate all feedback. Hope you join the BTC Airdrop later.
full member
Activity: 630
Merit: 107
I will updated this post with some reviews

 Cool

If possible could you post the reviews here
https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817

Of cause if any problems and worries here is fine as well. But to get feedback on your review please use https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817

I have made a review here : https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817.new#new
I wish you all the best , please take care of the above quote by @LoyceV and add more security to that wallet .
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
I will updated this post with some reviews

 Cool

If possible could you post the reviews here
https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817

Of cause if any problems and worries here is fine as well. But to get feedback on your review please use https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
I am going to download and test it but this LINK should have some good graphics . I will updated this post with some reviews . 10k is indeed a big goal. I always support companies having own blockchain.

Link for download
https://hodler.tech

>I always support companies having own blockchain.

If you mean the HDL tokens. It is ERC20.

NO FUNDS OF ANY KIND NEEDED TO GET THE BTC DROP. They post the keys etc and the fast and skilled just claim it and transfer it where they want.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
I'm defenately interested in testing your wallet
You should probably read this and other warnings in their thread before installing software from untrusted sources:

Thanks for the warning... I usually install untrusted apps on an old phone whose speaker died a long time ago tough, so it shouldn't be a real issue to test out their wallet Smiley

But you're right: as a public announcement i'd like to state that it's not because i'm willing to test an app on an old phone that it should be considered safe for other people to do the same!!! Use your own judgement before installing anything on a phone that is being actively used!
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
@LoyceV

The source code are open source.
https://bitcointalksearch.org/topic/hodler-wallet-the-only-open-source-multi-asset-wallet-5032817

I have not looked because I don't have the skills. Have seen a few very skilled people look.

The info you post are from ICO where people is more skeptical. Of course.

Have followed the project because I invested and earned tokens for small tasks. I my eyes they build more and more trust.
full member
Activity: 630
Merit: 107
The team say:

We will also publish wallet backups on Twitter, but in the first place they will be on Telegram

https://twitter.com/HODLER_TECH

I am going to download and test it but this LINK should have some good graphics . I will updated this post with some reviews . 10k is indeed a big goal . I always support companies having own blockchain .

@LoyceV

Quote
You should probably read this and other warnings in their thread before installing software from untrusted sources:

So this flaw can be recognised by AVS antivirus ?

Update : Windows wallet downloaded, looks good as of now .

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I'm defenately interested in testing your wallet
You should probably read this and other warnings in their thread before installing software from untrusted sources:
Being "Controled by Linux OS" provides no security. Please go into the more technical details of your security process (assuming you have one)

My bet: This is going to be some Android phone (Linux) with as many Wallet apps from Google Play installed as possible.



Their whitepaper is full of marketing bs, or they are just very uninformed.

Let's begin:

Quote
The current market of hardware wallets, generally considered the safest format of all available, is dominated by Ledger Nano S and Trezor. Unfortunately, they both require connecting to a computer, which is often inconvenient and can compromise security, as the computer is the security weak link.

Both the Ledger and Trezor are safe with infected computers, due to their design. Provide some info about why the computer is the weak link, and tell me why no viruses have been written to steal coins from my Trezor so far (minus phishing). Why are the only vulnerabilities (now patched) require physical address to the device, doing things such as freezing it, or opening it up? Why are people bothering with hacking the hardware using somewhat extreme cases instead of just making a program?

Quote
A user has fallen prey to phishing and installed spyware 
on the device.
This is not possible with HODLER. The device cannot install third party
applications, thanks to a specially designed operating system.

With time, and a Wifi accessible device, surely a bypass could be found? Nintendo Switch was designed to not allow 3rd party applications, yet people have had success getting Linux working on it.

Quote
Private keys have been stolen from the backup in the cloud. Again, not possible with HODLER

something something Bitfinex hack something something shapeshift hack something something coincheck hack something something etc
Claiming something in the cloud isn't hackable is wrong.

Quote
Private keys have been stolen during the execution of a backup from unsecured public WIFI network.
Impossible. The channel used to transfer the backup is point-to-point encrypted.

Point to point encryption has been cracked in the past. What future knowledge do you have to know that your encryption is safe from everything, even quantum computing and space aliens?

Quote
Breaking into a device through the network.
Unrealistic, due to a dedicated operating system with its own very
restrictive security features and automatic ‘switch offline’ mode between
payments.

Surprised you didn't call this one impossible. Care to elaborate on the security measures used?

(archive of thread, as I left negative trust feedback)

I consider this extremely shady, or intentionally misleading investors and customers at the very least.
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
This is exact date: 6.11.2018

Sorry for confusion I have fixed the dates.
hero member
Activity: 2422
Merit: 668
Community management 24/7 for hire
On request here are the rules from Telegram:

We'd like to invite you all to take part in the HODLER Wallet infrastructure tests. The total sum to be won this time is 2,000 USD worth of bitcoin. Every one of you has an equal chance to grab some of this money.

On 6.11.2018 in we will publish backups (including passwords) to 100 wallets, with 20USD worth of bitcoin on each of them. The total sum of the prizes is 2,000 USD. All you have to do in order to win this money is join our Telegram group where the backups will be published (https://telegram.me/HODLER_TECH_IN ), have HODLER Wallet installed, use it to restore a backup as fast as you can, and send the stored money to your own address. There's no limit to how many wallets one person can take funds from, so if you're quick there's a lot of money to be made.

The minimum number of people required for these tests to start is 5,000, but for them to give fully reliable results we would like around 10,000 people to participate. That's why we encourage you to share this information about the tests everywhere you can.
Pages:
Jump to: