Topic: warning against CoinVisitor.com (Read 1305 times)

This doesn't really answer anything. Asking for the same information privately just takes away transparency rather than improving how the situation is being handled. So, specifically, how will they "fix the problem" for someone?

As mentioned above, I don't care about my token balance, either accumulated on CV or in my Instawallet wallet. For the former, I'd prefer that it was rolled back into the prize pot. I only ask how this is being handled because I'm curious and because those who do care -- specifically those with a large Instawallet balance potentially at risk -- should have a more concrete answer.

The text has been deleted many days ago. If you need assistance, then talk to an admin in chat and they will fix the problem for you.

I too don't have a deep mistrust for CV but it's best to safe than to be sorry!

If CV cannot find a way for members in adding different address for earning to be paid, then I see no problem in adding those earning in "pot"!

See, that's the problem... giving CV the Instawallet link is just not a solution. It's a risk to both parties. If CV is nefarious, they could file a claim for the Instawallet balance and try to steal your funds. If CV is honest, they could be blamed for somebody else stealing those funds, because there would be no way to definitively prove that they had the info to do so but did not act on it. Either way, the Instawallet user is at risk of losing funds, but -- in the "trust no one" model -- there's no reason they should trust CV with their Instawallet link (which means their balance thanks to the way Instawallet was set up). When I saw the request on CV for my Instawallet link, I did not provide it -- I don't have a deep mistrust for CV, but we have to mind our own resources.

Why anyone would have stored even as much as 1 BTC on Instawallet is beyond me, but that's a different issue.

Also...


True, for that subset of Instawallet users. For the other subset (those who, like me, would be satisfied with having my accumulated funds dumped back into the prize pool), it's related, as it would be a mechanism for that to happen.

I think that Kev needs to get in to explain process once and for all!

When I expect a refund over 2 btc, I'm sure you understand my reservations!

However, I might agree in providing the followings with extremely warning against CV:

• cv link containing instwallet address
• Instawallet address link
• New address

If I should find that instwallet couldn't provided refund on Jul 1, 2013, then I will know who to blame!

It is possible that after 1st of July there might be no way to get btc-address from url.
If you give them the url on July 2nd, then the coinvisitor guys may not be able to
verify it is really that of your current target instawallet-address.

Since we know instawallet gives members up to 90 days to claim refund, I personally know refunds start on July 1, 2013 which tells me cut-off date for claiming refund is June 30, 2013.

I think by allowing post their's instawallet link, wallet address (starting July 2013), including posting new address (when earning to be sent to), this should be safe enough! The admin can check posts and act accordingly! Ya, I know july seems a long wait but it worth the wait!

Meanwhile the claim-process has started on instawallet, and it became obvious,
that when you go to a wallet-url, then the associated address becomes visible.

The coinvisitor-team now has a way of "knowing" that a particular url is in a
coinvisitor-user's possession, and they could, based on that knowledge redirect
already-earned-but-not-yet-withdrawn coins to some new address.

Assuming, that
  a) one trusts the coinvisitor-admins that they will use the url only
        to verify the instawallet-address, and not make a claim themselves.
  b) one has little enough funds on instawallet to lightly risk it
  c) any crook that got an url from google wouldn't care about
        the "dust" he'd maybe be able to aquire from coinvisitor
then giving them the wallet-url may not be the worst decision at this point.

Whether the balances of users that just don't come back (whatever the wallet
they were using) are eventually voided is entirely unrelated to how users who
actually want their funds can get them.

How is a refund from Instawallet in any way related to funds accrued on CoinVisitor? Sure, the CV funds are pointed to a no-longer-usable Instawallet address, but after that there's no connection. Getting a refund from Instawallet doesn't mean anything about the funds sitting at CV.

I don't know how to resolve this problem accurately, to avoid having someone claim something that doesn't belong to them. OTOH, the site's published policy should include clarification that any address that is inactive - no new earnings, no payout request - for (n) days would have its funds rolled back to the prize pool. A fair "n" might be 60. There's no point holding on to a tiny balance forever for someone who never returns to the site, and this policy would eventually return all funds that were pointed to an Instawallet address back to the prize pool. This sucks a bit for people like me who were using Instawallet to aggregate micropayments, including from CV, but that's really the fault of Instawallet and users, not CoinVisitor. CV is just stuck in the middle. I can think of one other site that handles abandoned balances like this; the only problem with CV adopting this now is that it wasn't communicated before (at least not that I could find, I don't see any TOS on the site at all).

The Kev,

The only safe solution is to wait until instwallet process refunds, when I get the refund, the only member will need is to contact you with instawallet address so you can contact them to check if refund were done! So far that best ways instead providing actuall address link! when they start refund process, it might at least 90 days accordinbg to them!
---------------------------------------------------------------
Actually another safe way, is asking instawallet showing  list all addresses generated by them during refund process!
This way you look up at link that contain instawallet address, of it might mean to create another thread somewhere where member add link that contain instawallet address, (see below for example)

• your program link...instalwallet address
• New address that need to change to

Once member post those, you will need to compare against instawallet's list!
You can provide new link show new address including earming (stored in data based from old address into new one) or you can issue payout to new address!

This way is extremely safe than to ask member their instwallet link!

The problem we are having is it does not take much to track where our payments were made to on the blockchain and we have no way of knowing which ones are instawallet and which ones are not. The only way we can think of verifying it is in fact an instawallet address was with the url. If anyone knows how to identify a wallet is in fact an instawallet we would appreciate the information.

 As is stands right now since we tried to keep it as simple and anonymous as possible we only have the address to tie to an account and not a specific user. It would take nothing for someone to use the blockchain and collect addresses of where payments were sent and request payments to be sent to a wallet that is not the rightful owners or applied to an account that is also not the rightful owners.

 This is a complex issue and we do not want the users to have to wait until instawallet handles it and even then not knowing how they are going to handle it if we waited until then if there will be a way to tie the old and new together.

 The earnings may be small by some standards but the users earned them and we want to not create another whole issue trying to make things right to them.

 Suggestions would be appreciated, if instawallet payments are not verified and sent back it may be a way to verify it is an instawallet perhaps, uncharted territory we have here. But tying all that data together would be insane. Collect the wallet address, verify the account, send payment, wait for it to be rejected, collect those addresses, match the old address with the new and then issue a payment and last of all void the old account out. For every single wallet, not diggin it.

 That is just an example and no idea if it would work at this moment. So any suggestions like I said would be appreciated.

Kev

Kev,

Thank for getting back to us in instawallet issue and we wait until resolution.

Perhaps, in payout section and instead having instant payout, why not add a section where we're require to enter our instawallet plus earning made, and our new wallet so earnings can be sent to new address? Of course design this so you can check post manually!

I think the best solution that I can think of. Agree Kev?

Hello,

 I have been trying to replace the notice posted prior and this is what it will be when I can get the control panel to function properly. Since we updated a few functions have been giving us grief. But here it is and sorry for any misunderstandings.

Kev

_______________________________________________________________________________ _____________________________


Those of you who used instawallet we issued a request for information on the accounts in order to handle the issue. We were unsure of how to exactly handle this issue and what information we needed.

We did not mean any security issue when asking for link and address but that was a oversight on our part. We will do our best to find a solution by using address only and information on new address.



Rest assured the very few that sent us such information it will be handled with great discretion. We at coinvisitor have never been for profit since day 1 and any thought of us using the information provided for any sort of gain goes down to the foundation of our very existence since day 1. We are trying to provide a service with well over 100% of all income being returned back to the visitors.

We have concentrated on building the community and getting our name, reputation and visit number up to an acceptable level where we feel we can be of great service to the community first. Until we reached that goal it was decided for us to be 100% non profit and then some.

We are a porthole for the newcommers and respect that, we wanted the first experiences for the new users of bitcoin who come to us as hassle free and rewarding as possible and in almost every user we talk to opinions we have been a success in that. I even have had contact with now current site owners who say they got their first free coins from us. Now that is rewarding......

But anyway we will address the instawallet issue as soon as we can and keep trying to be the best experience to our users as possible.



 Thanks for understanding and all the support,



Kev - [email protected]

"allow members changing their payout address" would require registered users in the first place.
coinvisitor faucet users aren't registered.

Many faucet-like sites identify their users only by the address they provided. If the address gets lost or inaccessible, then typically so do the user's earnings - even those not yet paid out to that address.

I think it's a nice try of the coinvisitor guys to offer recovery of address-targeted funds, even if it requires some trust to them.  Those who spend their time watching ads for bit-dust probably don't have all that much on their instawallets, anyway.

I think by allow members changing their payout address to a different one in their profile is best. Even coinworker did that! After reading that message on homepage it surprised me. It possible that "Goddog" didn't wallet link is the password to wallet though!

I wasn't accusing them of scamming but that message was suspicious! As of matter of fact, former instalwallet link were a key or password to respected owner of wallet. I sure hope the admin clear this!

Well, it did happen. You can grab a screenshot yourself after going to  http://coinvisitor.com

Primarily it is about faucet-visitors who have used their instawallet address for collecting
coins. Until they "withdraw" the coins are still in coinvisitor's wallet, and it would indeed
be a bad idea to request a payout, as that would go to an instawallet-address.

Because faucet-users aren't themselves authenticated, they need some "proof" that
whoever requests a change of payout address is indeed the one who originally set it
up as target for earned coins.

Passing them the instawallet-url, however, isn't of much use for such verification, as for
the time being, no one sees the btc-address behind an url.  I think it wasn't completely
thought through by "Goddog". Or, maybe, they're offering instwallet-draining as a service :-)

I'd be really surprised if they really intended stealing funds (that is: without eventually
passing them on to the new address).  

CV has never and will never scam anyone. I have emailed one of the admin's to ask why he asked for the URL. All money generated from CV goes back into the pools to pay users.

pics or it didnt happen

Hi,

As we all know that https://www.instawallet.org, is planning refunding coins to their member, I did found something suspicious at http://coinvisitor.com!

They asked instawallet members to sent email containing followings:

• instawallet address
• instawallet url
• new address

Please member do not any circumstances them that email as they can your coins as theirs, in facts, instawallet highly discourage against providing wallet url before the hack! Again, member don't do it and spread the news anywhere so coinvistor be stopped in their track!

Take warning coinvisitor!