Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1478. (Read 4670972 times)

Where is a current windows blockchain? The one in the op is over a month old.

I can't successly compile wallet&bitmonerod  from github source code now.
following is information by make :

anyone had encountered that and  found  a solution?
who can give some help for me?

Fee is just (inputs - outputs). So if there are no outputs the entire input becomes a fee. That was used for the tiny transactions in the overflow block too.

They entered the mempool a very long time ago, about 11 hours ago, a while after the initial attack.

Below is a current mempool state:

The 66 XMR fee tx is nowhere to be seen, so no idea where that is even coming from.

It looks like those weird "45" tx are being invalidated because the inputs are considered invalid:

In case anyone is wondering, I dont believe the attacker would require a massive amount of hash power to achieve this attack or a relatively large amount of XMR, but there are some other interesting things to consider about how they did it:

It looks like they prepared for the attack from around 1200 blocks before, injecting their large txes with the 0.1XMR fee each time, so even if there was one tx per block that's still only 120XMR expended. Suggests they were running a system with some code to automate the generation of those txes and send them into the network via a normal bitmonerod.

Tacotime's analysis points out they must have mined the naughty block 202612 on their own custom daemon because it includes tiny tx fees (if they mined it themselves they would have got the fees back so I guess there was another reason for keeping the fee so low), but once they had the blockchain "prepared" they would only need 0.5MH/s on their own pool to have a 50/50 chance of mining their next block within an hour. We've already figured out that they have some code for crafting custom txes, so it probably isnt tricky for them to have customised a bitmonerod to include their specially crafted tx set when one of their miners finds a block. Must be a reason why they generated two slightly different blocks tho?

The block which then causes the fork, 202614 was apparently mined on Dwarfpool (both of them), so they werent using their pool for that. They dont really need to though, as this time they just wanted to inject their duplicate txes, so they can use their custom tx generator and send them out to the network that way.


Getting hypothetical now, I'm wondering if their usage of Dwarfpool was deliberate - I notice that they have two mining servers in different parts of the world so perhaps they realised they could leverage that and Dwarfpool's hashpower. First they transmit one version of block 202612 to DwarfEU and the other version to DwarfUSA - the block header matches so the controlling server accepts everything, but the individual daemons are now on different forks without realising it. Then by sending their custom txes to the Dwarf servers they know it will only take a few minutes to cause a fork. Havent yet figured out how that would result in a major fork though, rather than just causing a small portion of the network to diverge.

Assuming I havent made any major errors in the above (pls correct me if so), then its certainly a clever attack - from finding the flaw in the code to execution, but by no means beyond the capability of a single individual or small group who thought they could gain from it.

I'm too tired to compute time differences now, when did they enter the mempool (relative to the timeline of the attack)? Was it around peak crisis management, at the darkest hour?

The 66 XMR fee tx is the wildcard. What's inside? No outputs? Why is it so 151byte-small and why is it in the mempool?

Could you create a chain > amend some blocks to steal small amounts from a number (hundreds or targeted) of wallets > join one or several pools to hide among others > increase your hash rate > cause a fork > use your increased hash to force everyone to join your rogue chain?

Non-standard denominations are allowed. They are spending from the two overflow attack transactions in block 202612.

Are the first two legal? They use nonstrandard denomination. Maybe that is the attack? Unmixable txo?

Is there any meaningful raw data in the corrupted tx? I don't know any way to access it.

I suspect the NSA or other government agency.......crypto is heading into worm hole and if it makes there going to have hell of a time tracing the wealth. Attack the biggest cyrptonote first try and start war between it and BBR. This would not be the first time that this tactic has been used  Divide and Conquer. There has even been a post over at BBR warning of potential regulatory intervention if James rolls out Supernet IPO on Poloniex. Rather than Fud each other, its time to work together. If we can't do it then they win. I don't care who started this attack on XMR all I can say to them is FUCK YOU. People bitching about code this code that
all code is a work in progress if it isn't then its dead or perfect and there isn't much perfection in the world.

Jon  

I don't know if this is related, but I basically reset everything out of fear. I'm all synced up, but i'm missing XMR. Not a lot, but 17 XMR difference from this morning to right now. The bad part is that I never saved the TX Id. Any way of getting/finding the missing xmr?

Two tx from the attackers are now present in the mempool and are waiting to enter a block. They spend the outputs from the overflow tx.

http://chainradar.com/xmr/transaction/e3b94625d8eb5513dbc98b599a86a3b8622a23dce0124334f5b9982b656c59c5
http://chainradar.com/xmr/transaction/f7a2c4d0c4ccbfae37d550253c5f032156d9e8d0897d76137e26ea5fa8a92f44

Additionally, there is a tx in the mempool that is corrupt for 66 XMR.

http://chainradar.com/xmr/txpool

No clue what the intention of these are.

You are on the right chain as far as I can see. See below:

I would like to say a big THANK YOU to the Monero Devs and its community

Devs
*Quickly identifying, releasing and sharing a fix
*Forum updates / damage control
*Exchange notification

Community
*Exchange notification
*Buy walls
*Donations

--edit--
adding BTC to the buy wall!

Why would he use a third party pool at all?

edit

yeah, difficulty looks down, blocks look up, relative to the diff drop?

please help how can i know that my wallet is in the right fork? i have bitmonero v 0.8.8.2  and the last block was 203753
thanks in advance...

He's mining drk as we speak. lol.

how could any organization smart enough to conduct this attack be stupid enough to think it would kill a coin?
What if they botched it? too many moving parts and they tried to shove a bunch of premade blocks and get N blocks ahead of the real chain. Then they could just feed in new blocks if the main chain ever got close and so with 1% of mining power actually needed get all the XMR from here to forever.

is that possible. It seems they did tack on a new block without mining it, so they just need to mine one block make a fork, shove in a decent sized chain and keep the rest of the thousands of pregenerated blocks in reserve.

I know, way too elaborate, but considering what they did...

anyway I am no expert on all this mining and blocks stuff, so just throwing out silly theories hoping someone that actually knows this in details might see the answer. I just have this feeling there is something else to find

James

Who says he isn't here already?