Interesting developments, will BCX break DarkCoin? I guess only time will sell, price is currently at 0.00612000
You meant "only time will tell", or did you wanted to say it is selling time?
Topic: The TRUTH about Darkcoin: ZERO Anonymity, EASY DOS attacks, & Amateur code base! - page 5. (Read 8990 times)
December 02, 2014, 04:06:34 AM
You meant "only time will tell", or did you wanted to say it is selling time?
December 02, 2014, 03:47:50 AM
He is probably being melodramatic about the dead change anonymity issue. See here: https://darkcointalk.org/threads/dead-change-an-anonymity-issue.3019/
It has been discussed at length with the team and a fix posted by DRK dev here: https://darkcointalk.org/threads/change-contracts-using-atomic-transfers.3067/
Nothing to worry about, if there are code bugs, Evan would release a patch within an hour or two. This has happened a few times before.
It has been discussed at length with the team and a fix posted by DRK dev here: https://darkcointalk.org/threads/change-contracts-using-atomic-transfers.3067/
Nothing to worry about, if there are code bugs, Evan would release a patch within an hour or two. This has happened a few times before.
Pretty much what I said.
~BCX~
December 02, 2014, 03:42:31 AM
He is probably being melodramatic about the dead change anonymity issue. See here: https://darkcointalk.org/threads/dead-change-an-anonymity-issue.3019/
It has been discussed at length with the team and a fix posted by DRK dev here: https://darkcointalk.org/threads/change-contracts-using-atomic-transfers.3067/
Nothing to worry about, if there are code bugs, Evan would release a patch within an hour or two. This has happened a few times before.
It has been discussed at length with the team and a fix posted by DRK dev here: https://darkcointalk.org/threads/change-contracts-using-atomic-transfers.3067/
Nothing to worry about, if there are code bugs, Evan would release a patch within an hour or two. This has happened a few times before.
December 02, 2014, 02:55:53 AM
Interesting developments, will BCX break DarkCoin?
"If it bleeds, [you] can kill it." Arnold Schwarzenegger
December 02, 2014, 02:41:57 AM
Interesting developments, will BCX break DarkCoin? I guess only time will sell, price is currently at 0.00612000
December 02, 2014, 01:00:53 AM
...
Couldn't this be fixed in about 5 minutes?
Couldn't this be fixed in about 5 minutes?
I would think so. The more interesting question here is the "Darkcoin Deanonymizer". There are several possibilities here:
1) This is pure FUD.
2) The OP actually sets up the "Darkcoin Deanonymizer" and it works.
3) The OP provides the exploit to the Darkcoin developers and they provide a fix that preserves Darkcoin anonymity.
4) The OP provides the exploit to the Darkcoin developers and they cannot provide a fix that preserves Darkcoin anonymity.
Care to bet on "odd" or "even" above?
probably should check with ole BCX ... heard he's in the market to redeem his name and cause some drama.
December 02, 2014, 12:31:10 AM
...
Couldn't this be fixed in about 5 minutes?
Couldn't this be fixed in about 5 minutes?
I would think so. The more interesting question here is the "Darkcoin Deanonymizer". There are several possibilities here:
1) This is pure FUD.
2) The OP actually sets up the "Darkcoin Deanonymizer" and it works.
3) The OP provides the exploit to the Darkcoin developers and they provide a fix that preserves Darkcoin anonymity.
4) The OP provides the exploit to the Darkcoin developers and they cannot provide a fix that preserves Darkcoin anonymity.
Care to bet on "odd" or "even" above?
December 01, 2014, 11:42:49 PM
Quote
Attack: You can destroy all darksend processes by not signing and not losing any of your collaterals ... sabotage for free basically.
Reason: When you push your collateral to the masternode it is incorrectly checked for validity.
Check: IsCollateralValid() in darksend.cpp - line 874ff
It basically checks:
are all inputs correct
are all outputs correct
wtxCollateral.IsAcceptable(true, false)
however, transaction with a nLockTime in the future are also passing "IsAcceptable". So push a collateral with a locktime 10000 blocks ahead, and you will never lose it because it will not make it into any block thus easily can be replaced by another one with a higher nSequence number.
Reason: When you push your collateral to the masternode it is incorrectly checked for validity.
Check: IsCollateralValid() in darksend.cpp - line 874ff
It basically checks:
are all inputs correct
are all outputs correct
wtxCollateral.IsAcceptable(true, false)
however, transaction with a nLockTime in the future are also passing "IsAcceptable". So push a collateral with a locktime 10000 blocks ahead, and you will never lose it because it will not make it into any block thus easily can be replaced by another one with a higher nSequence number.
Couldn't this be fixed in about 5 minutes?
December 01, 2014, 11:22:14 PM
Investors Beware:
Source: http://www.reddit.com/r/DRKCoin/comments/2nyifp/darkcoin_seriosuly_flawed_zero_anonymity_and/
From reddit:
hello friends,
please do not get confused by the fact, that I am a fresh user. In fact, I am very actively involed in crypto currencies but remaining anonymous requires certain countermeasures.
IN SHORT
It does not require many words to describe the problem. Darkcoin's code base remembers me of my childhood where I started coding on my AMIGA. Functions that easily can be implemented in O(1) are in fact implemented in polynomial complexity (like O(n5) or something). But this is not the problem.
The biggest problem is, that while indeed being savvy the developers have not much background knowledge about crypto and (in general) the very exact details about the bitcoin/darkcoin/whatever protocol.
After excessively revieweing the code and verifying everything on an offline testbox very scary facts popped up:
As I know the open source community, I will not get anything from publishing my ideas and helping to fix them. So I want to inform you, that I will shortly setup a "Darkcoin Deanonymizer" which will for every single darksend transaction be able to link incoming and outcoing transactions.
ALRIGHT, DUE TO EXCESSIVE TROLLING ACCUSATIONS I DISCLOSE ONE OF THREE DOS ATTACKS ON DARKCOIN HERE --- just for a start
Alright, I will disclose one of three DOS attacks right now.
Attack: You can destroy all darksend processes by not signing and not losing any of your collaterals ... sabotage for free basically.
Reason: When you push your collateral to the masternode it is incorrectly checked for validity.
Check: IsCollateralValid() in darksend.cpp - line 874ff
It basically checks:
however, transaction with a nLockTime in the future are also passing "IsAcceptable". So push a collateral with a locktime 10000 blocks ahead, and you will never lose it because it will not make it into any block thus easily can be replaced by another one with a higher nSequence number.
This is SERIOUS and can destroy the whole network.
3 other DOS points are there as well.
- Darkcoin is NOT anonymous. Every transaction can be automatically traced with a Darkcoin de-anonymizer.
- Darkcoin is prone to several cost-less DOS attacks that can destroy the whole network.
- Darkcoin code was written by amateurs who do not properly understand cryptography.
Source: http://www.reddit.com/r/DRKCoin/comments/2nyifp/darkcoin_seriosuly_flawed_zero_anonymity_and/
From reddit:
hello friends,
please do not get confused by the fact, that I am a fresh user. In fact, I am very actively involed in crypto currencies but remaining anonymous requires certain countermeasures.
IN SHORT
It does not require many words to describe the problem. Darkcoin's code base remembers me of my childhood where I started coding on my AMIGA. Functions that easily can be implemented in O(1) are in fact implemented in polynomial complexity (like O(n5) or something). But this is not the problem.
The biggest problem is, that while indeed being savvy the developers have not much background knowledge about crypto and (in general) the very exact details about the bitcoin/darkcoin/whatever protocol.
After excessively revieweing the code and verifying everything on an offline testbox very scary facts popped up:
- Darkcoin is prone to DOS attacks, there are at least 3 (confirmed) ways you can DOS the complete network at no cost at all. You do not even lose your collateral tx.
- More critical: Darkcoin has no anonymity. There is a very easy and reliable way to link inputs to outputs in every single Darksend (as well as automatic denonimating) transaction.
As I know the open source community, I will not get anything from publishing my ideas and helping to fix them. So I want to inform you, that I will shortly setup a "Darkcoin Deanonymizer" which will for every single darksend transaction be able to link incoming and outcoing transactions.
ALRIGHT, DUE TO EXCESSIVE TROLLING ACCUSATIONS I DISCLOSE ONE OF THREE DOS ATTACKS ON DARKCOIN HERE --- just for a start
Alright, I will disclose one of three DOS attacks right now.
Attack: You can destroy all darksend processes by not signing and not losing any of your collaterals ... sabotage for free basically.
Reason: When you push your collateral to the masternode it is incorrectly checked for validity.
Check: IsCollateralValid() in darksend.cpp - line 874ff
It basically checks:
- are all inputs correct
- are all outputs correct
- wtxCollateral.IsAcceptable(true, false)
however, transaction with a nLockTime in the future are also passing "IsAcceptable". So push a collateral with a locktime 10000 blocks ahead, and you will never lose it because it will not make it into any block thus easily can be replaced by another one with a higher nSequence number.
This is SERIOUS and can destroy the whole network.
3 other DOS points are there as well.
Jump to: