Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1488. (Read 4671660 times)

With price-discovery in the markets, the definition of "artificial" is vague. In one sense, the decline from 510 to 400 and below was "artificial" (if we assume it was, at least partly, a product of preknowledge of the coming attack and speculation that it would further hurt the price). In the other sense, the essence of markets is that all knowledge is taken into account, information is not perfect, and seldom even the best informed players have access to many information that some of the others have, in turn.

If we discount the last week downturn altogether, the price should be much higher by now. The attack failed - it could not damage the confidence towards XMR, it exposed the old scammers more, and proved how capable the devteam is. "Rolling back" the preparation of the attack from price history would lift us to 600 by tomorrow.

But if the market collectively decides that a selloff is in order, we might find ourselves at 300 instead. That some buyers openly like XMR at 400, is no more artificial than others vowing in the trollbox that they will sell every one of theirs, at whatever price they can get once the trading starts. Depending who will prevail, buying at 400 may be the last opportunity to buy at 400, or the last opportunity to sell at 400. Most likely, given the meager actual effect of the attack, it won't be neither, and anyone making decisions based on what others have already done, is just impoverishing himself as a result.

I have a largish number of XMR and BTC in the exchange, ready to react. But my reaction will be to buy if the price goes down, and sell if it goes up. This is my way of making slow and steady profit. Others have their way, and without panickers, my income would be significantly lower.

I don't know who Peter Todd is but if he was HIRED to be a consultant for Monero it is really really unprofessional for him to be publicly defaming the code on twitter before privately giving his input to the devs. In the corporate world if say IBM were having some issues with their books and hired an outside accounting firm to come audit and straighten things out, then said firm went on twitter and publicly went "Hoo Boy! It's amazing IBM functions at all considering they basically use monkeys with crayons to do their accounting!" That would not fly and would immediately tank the price of the stock. When people have money on the line, why would this guy be publicly slandering the code when he has been hired as a consultant???

boiled down it is simple, if you (we) don't believe that a majority is able to make meaningful decisions, based on common sense we are doomed anyway, no matter what tech we are inventing/using.
stating that a blockchain should be always immutable is an indicator for the need to pass/deny decisions/responsibilty to another kind of centralized leadership, in this case, the swap to the blockchain.

i will stop here, because i don't want to derail this thread but i am very interested how this social experiment will evolve over time and if people understand they can't have both.

Mintpal price is about 0.00415 now, HitBTC was frozen at 0.00380 after some had dumped on low volume (2,500 XMR) at the last moment.

All I ask is that the most reputable and highest-volume exchange, Poloniex, would:
- announce the resumption of trading at least 1 hour in advance;
- allow traders to enter orders during this time;
- arrange a market-clearing procedure at the moment when the trading starts, so that the existing bids and asks that coincide, would be matched with each other at the midprice that clears all of them, to not favor sellers or buyers.

Any sign of a Win 64 blockchain download?

Just re-did mine from the one in the 1st post and it ended up on the wrong fork...

You raise a valid point. However, you make the free decision to accept or not the blockchain as absolute. If most people do, then consensus is achieved. You are free to limit your freedom when you decide which client you are running. The network works best when most people agree with the blockchain as a superior truth. In a sense, it is a mutual-relinquishment of freedom: if I accept that the blockchain is absolute (including over me), and you accept the same thing, and the blockchain is immutable, then we can trade with no trust. This is the Byzantine Generals problem. I don't trust anyone to make choices in my name. So I decide it is better if nobody, not even I, can.

It is not too dissimilar to a hypothetical of leaving your weapons in the lobby when you enter the council chamber. You are not free to carry them, but nobody else is. Everyone is free to decide whether they accept this arrangement or not.

If anyone had any questions regarding the competence and integrity of the Monero core team, here is the monero-dev irc log:

[13:13] the bug appears to be wrong calculation of variable "cnt" that is supposed to be rounded to 2^n but is not for 514
[13:14] testing and making PR
[13:14] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:15] * rfreeman_w has quit (Remote host closed the connection)
[13:15] * billotronic has quit (Read error: Connection reset by peer)
[13:15] * rfreeman_w (~rfreeman@gateway/tor-sasl/rfreemanw) has joined #monero-dev
[13:16] * dasdasdasd (b24ef1d5@gateway/web/cgi-irc/kiwiirc.com/ip.178.78.241.213) has joined #monero-dev
[13:16] are we garanted that there will be no rollback ?
[13:16] can the pool operators resume payment ?
[13:17] superresistant: yes - one 70kb bad block doesn't mess the entire chain up irrevocably
[13:17] and we're way past it anyway
[13:17] * bagad has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:17] * rerfe (4fb8f522@gateway/web/cgi-irc/kiwiirc.com/ip.79.184.245.34) has joined #monero-dev
[13:18] * rerfe has quit (Client Quit)
[13:19] * dEBRUYNE has quit (Ping timeout: 260 seconds)
[13:20] yeah but im wondering about the crazy rules about mixing types on bit shifts and stuf
[13:21] ...
[13:21] * wwww has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:21] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:22] smooth, the error is here:
[13:22]     for (i = 1; i < sizeof(size_t); i <<= 1) {      cnt |= cnt >> i;   }       cnt &= ~(cnt >> 1);
[13:22] whats wrong with it
[13:22] * sk00t3r (c0853e02@gateway/web/cgi-irc/kiwiirc.com/ip.192.133.62.2) has joined #monero-dev
[13:23] fills in all the lower bits then clears all but the upper bit
[13:23] for value of 514 it rounds it to 513, instead of power of two like 512 like in other cases
[13:23] errrrr
[13:24] or, is that not a problem?  for 514, and some other numbers like 1026 2050 3074 and so on, it produces odd numbers, while it seems they wanted to produce powers of two
[13:25] * dEBRUYNE ([email protected]) has joined #monero-dev
[13:27] * Teezy ([email protected]) has joined #monero-dev
[13:27] I assume resulting cnt is supposed to be nearest lesser power of two there?  If yes, then  http://p.suchdig.com/p/pvk. shows difference.
[13:28] * erl has quit (Quit: I used to think I was indecisive, but now I'm not too sure.)
[13:28] * xmining has quit (Ping timeout: 260 seconds)
[13:28] * xmining_ ([email protected]) has joined #monero-dev
[13:28] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[13:29] tewinget, first number that differs is the number that is used in the bad-block, so I think that was the bug that caused it.   Any thoughts?
[13:30] but we only forked 2 blocks later
[13:32] I think it caused that somehow. are the 2 next blocks fully correct?
[13:32] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:32] not sure how that problem is exactly resulting in chain split but that must be it
[13:33] I'm gonna go and get some breakfast so I have any energy at all.
[13:33] I don't suppose this code uses any implementation defined behavior (eg, unsigned overflow) ?
[13:34] Which might cause, eg, Linux and Windows builds to get different results ?
[13:34] moneromooo, well it does
[13:34] the verification of hash seems to depend on sizeof(size_t)
[13:35] * Davet (615c1b1d@gateway/web/cgi-irc/kiwiirc.com/ip.97.92.27.29) has joined #monero-dev
[13:35] it will break faster on 32 bit
[13:35] maybe for some implementation it would even pass for 514?
[13:35] How can I confirm I am on the correct chain? My deamon has not been on in a few days.
[13:36] rfreeman_w sizeof(size_t)*8 i think. it should be bits not bytes
[13:36] * taaku has quit (Client Quit)
[13:36] ok give me few minutes I will make PR that we can review
[13:36] * Davet has quit (Client Quit)
[13:37] * uzer111 (567fd0d9@gateway/web/cgi-irc/kiwiirc.com/ip.86.127.208.217) has joined #monero-dev
[13:38] Who ever written that original code anyway? With no comments and in style perfect to hide corner case bug
[13:38] its retarded there is a much better way to figure that out, maybe in O(1) some bit twiddling thing
[13:38] anding with cnt-1 or something
[13:39] i never remeber those tricks
[13:39] * Yolo (25b957a7@gateway/web/cgi-irc/kiwiirc.com/ip.37.185.87.167) has joined #monero-dev
[13:39] but as coded im pretty sure my fix is right
[13:39] if we're pretty sure on rounding down to nearest power of 2 (or up)
[13:39] * rdymac has quit (Excess Flood)
[13:39] * Yolo has quit (Client Quit)
[13:39] test it with smaller numbers
[13:39] you get the same results
[13:39] its when it gets bigger (since sizeof(size_t) =8) it doesn't work
[13:40] uint i = 1;  while (i < cnt) i << 1;  i >> 1;  cnt = cnt & ~i;
[13:40] done
[13:40] yeah that probably works too
[13:40] better make sure its exactly the same as the old one for smaller numbers though
[13:40] im a little more comfortable with the small fix, but this is fine if teted
[13:41] * sammy007 (~sammy007@unaffiliated/sammy007) has joined #monero-dev
[13:42] * rdymac (~rdymac@unaffiliated/rdymac) has joined #monero-dev
[13:44] * Jojatekok (50635747@gateway/web/freenode/ip.80.99.87.71) has joined #monero-dev
[13:45] hello!
[13:45] Jojatekok hi there
[13:45] good luck with recovering the situation of Monero... :/
[13:45] it will strenghten us, though
[13:45] and release weak hands
[13:45] Jojatekok we think we found the exploit
[13:45] still analyzing it
[13:46] smooth: freakin' awesome o.O
[13:46] acting in 8 hours, like a boss :O
[13:46] ive been up for like 80
[13:46] and took down Polo trading in 10 min
[13:46] i was getting ready to crash when the attack started
[13:46] yeah, awesome
[13:46] with the spam
[13:46] sk00t3r: use "diff" command inside your bitmonerod
[13:46] and look at the block level
[13:46] i had a really, really bad feeling about the spam attack being purposeful
[13:46] this detects and tests the bug: https://github.com/rfree2monero/bitmonero/commit/b417abfb7a297d09f1bbb6de29030f8de9952ac8
[13:47] diff
[13:47] 2014-Sep-04 14:46:57.879129 BH: 203144, DIFF: 1275428366, HR: 21257139 H/s
[13:47] wow guys
[13:47] current valid blockchain is 203144
[13:47] okay, Monero is officially a serious coin
[13:47] hegemo0n: Thanks man.
[13:48] the bug causes the hash function to run time too many, so it causes random results. For future all allocs should at least zero fill the memory.
[13:48] rfreeman how is it random
[13:49] uninitilized memory hashed into it?
[13:49] sk00t3r: if not, then download the blockchain boostrap, stop bitmonerod, erase the current blockchain.bin, and replace it by the fresh downloaded one and startagain bitmonerd
[13:49] so is fluffypony's patch is a preventive cure for now?
[13:49] smooth, seems so. didn't tested fully
[13:49] that would explain consensus failure i think
[13:49] or would it
[13:49] sammy007: not merged yet - we're deciding
[13:50] smooth, the fix for the bug is not released yet? because I'm preparing final PR
[13:50] nothing released yet
[13:50] the 30 block size is just temporary to fix miners right?  should I finish my PR? a
[13:50] seems to me the block woudl just get rejected a lot
[13:50] fluffypony: there should be an alarm system implemented into the blockchain, which core devs may control
[13:50] fluffypony: like in Bitcoin
[13:50] rfreeman_w yes that is temp
[13:50] 30kb
[13:50] hrgrmo0n: Thanks. I'll do that tonight if I see Im on the wrong one. I doubt it since it has been a few days since I have opened bitmonerod
[13:50] fluffypony: but our alarms may block outgoing TXes after block 'n'
[13:51] Jojatekok: that's centralised, we won't do that
[13:51] fluffypony: just my 5 cents, seems it can affect pool's payouts
[13:51] sk00t3r: you cannot know until you check
[13:51] ok, ikr, but BTC has it...
[13:51] Jojatekok: that's just an alerts system, which we will implement once we've decided how we want to do so
[13:52] fluffypony> Jojatekok well i could see it as a temporary measure while the code is so sucky
[13:52] smooth: exactly
[13:52] also just because an alert is issued doesn't mean people will upgrade
[13:52] fluffypony: that's why there should be alertimportance levels
[13:53] so, for instance, an alarm may talk about a mandatory update, and block all the incoming and outgoing TXes
[13:53] we may need to do somethign special about that block
[13:53] * taaku (7d105f0b@gateway/web/cgi-irc/kiwiirc.com/ip.125.16.95.11) has joined #monero-dev
[13:54] * tacotime has quit (Ping timeout: 240 seconds)
[13:54] * bobbydoe (48e58189@gateway/web/cgi-irc/kiwiirc.com/ip.72.229.129.137) has joined #monero-dev
[13:57] * dadadoo has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:00] * oiearg has quit (Quit: Page closed)
[14:00] * taaku has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:01] * oiaerga (175cd202@gateway/web/freenode/ip.23.92.210.2) has joined #monero-dev
[14:03] * rfreeman_w has quit (Ping timeout: 264 seconds)
[14:05] * eaf (54724df9@gateway/web/freenode/ip.84.114.77.249) has joined #monero-dev
[14:05] * Tom_Cruise ([email protected]) has joined #monero-dev
[14:08] * amin0rex has quit (Read error: Connection reset by peer)
[14:08] * amin0rex ([email protected]) has joined #monero-dev
[14:09] * Tom_Cruise has quit (Ping timeout: 245 seconds)
[14:12] * rfreeman_w (~rfreeman@gateway/tor-sasl/rfreemanw) has joined #monero-dev
[14:15] * eaf has quit (Ping timeout: 246 seconds)
[14:16] * xmrhodler (57725749@gateway/web/cgi-irc/kiwiirc.com/ip.87.114.87.73) has joined #monero-dev
[14:17] smooth, maybe bin that block by hash and disable part of normal validation?
[14:17] pin
[14:18] * xmrhodler has quit (Client Quit)
[14:19] * xmrhodler (57725749@gateway/web/freenode/ip.87.114.87.73) has joined #monero-dev
[14:20] * grubles (~grubles@unaffiliated/grubles) has joined #monero-dev
[14:21] * PestoQuinty has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:24] * safas has quit (Ping timeout: 246 seconds)
[14:29] * Tom_Cruise ([email protected]) has joined #monero-dev
[14:30] * uzer111 has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:32] * MoneroChat has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:34] * Tom_Cruise has quit (Ping timeout: 264 seconds)
[14:36] * InfoFront (32f702cd@gateway/web/cgi-irc/kiwiirc.com/ip.50.247.2.205) has joined #monero-dev
[14:37] * lucasjones has quit (Remote host closed the connection)
[14:39] * MoneroChat (42831398@gateway/web/cgi-irc/kiwiirc.com/ip.66.131.19.152) has joined #monero-dev
[14:42] * etc (45fb29b7@gateway/web/freenode/ip.69.251.41.183) has joined #monero-dev
[14:43] rfreeman_w yes thats what we have to do
[14:44] is that expected result  of  fork/etc?    cryptonote_protocol_handler.inl:353 [73.46.4.206:54603 INC]sent wrong NOTIFY_RESPONSE_GET_OBJECTS: block with id=3a8a2b3a29b50fc86ff73dd087ea43c6f0d6b8f936c849194d5c84c737903966 wasn't requested, dropping connection
[14:44] rfreeman_w i dont know ask fluffypony
[14:45] rfreeman_w: the expected result is the fork
[14:45] I would imagine
[14:45] okey
[14:49] i think it's ok now
[14:51] Researched BBL: it seems they do the loop to sizeof(size_t) * 8  so it will also crash, just on bigger transactions numbers
[14:52] a friend will prepare a text to reply about BBL being (not)immune on forum, in fact this work fixes mistake in seemingly all CN coin
[14:52] it's...just why?  it's such a simple operation.
[14:53] it's literally bitshifting one way from 1 while you bitshift the other way from count...
[14:54] who needs math or CS classes when you can just duur the hurr C code.  Though personally I half-suspects malice.  But who knows
[14:54] 2014-Sep-04 15:51:34.069230 [P2P8]ERROR /home/netmonk/bm/bitmonero/src/cryptonote_core/tx_pool.cpp:108 Transaction with id= used already spent key images
[14:55] my pool has synd of http://monerochain.info/
[14:55] it looks ok now
[14:56] * Guest343 has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:57] * deliberately_unc has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[14:57] * dasdasdasd has quit (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[15:00] time to port the codebase to Rust I reckon
[15:01] nah
[15:01] ^
[15:01] JavaScript
[15:02] PHP is the best
[15:02] why not fortran? do they have boost for fortran?
[15:02] well i would think about ocaml
[15:02] Quanttek: you know that Timekoin is actually written in PHP...
[15:02] and I'm not even joking
[15:02] oh wow
[15:02] http://bjorn.tipling.com/if-programming-languages-were-weapons
[15:02] I like the php one
[15:04] https://github.com/knightmb/timekoin/tree/master/server/v3.51
[15:04] * pen has quit (Ping timeout: 260 seconds)
[15:06] I have a friend, who loves php 'because you can use it everywhere and wordpress is written in it, which I always use as foundation'
[15:06] * Kushedout ([email protected]) has joined #monero-dev
[15:08] Quanttek: fucking hell
[15:08] * dnaleor_ ([email protected]) has joined #monero-dev
[15:08] 2014-09-04 22:05:20 [pool] (Thread 2) New block to mine at height 202652 w/ difficulty of 1220524081
[15:09] you're on a fork
[15:09] so is there going to be a mandatory update pronto? some explanation of what happened beyond commit messages?
[15:09] of course jwinterm
[15:09] kinglark: you have to delete the blockchain and then bootstrap from op
[15:10] * xn2 ([email protected]) has joined #monero-dev
[15:10] kinglark: current pools, I know about, who use the current version are coolmining, cryptograben, cryptonotepool.og.uk, *.fr and hashinvest
[15:10] * [tymat] ([email protected]) has joined #monero-dev
[15:10] the corrupted block was accepted because of a memory overflow exploit? does that mean that all clients that accepted the block suffered from the same exploit?
[15:10] Quanttek: just finished that post
[15:10] I actually laughed
[15:10] cool othe
[15:10] it's really funny
[15:10] I will be patient
[15:12] jwinterm they got different hash results because they were reading from uninitizliaed memory
[15:12] jwinterm yes there will be an update very soon
[15:13] so it's not something that could be exploited to do bad things to someone's computer beyond the monero client, I guess is what I'm curious about?
[15:13] * iourzzz has quit (Ping timeout: 246 seconds)
[15:13] luckily I haven't synced my client(s) in about 30 days
[15:13] well it seems its not a classical buffer overflow
[15:13] but a basic bug on bit arithmetic
[15:14] you believe you test a certain value
[15:14] but you test another value
[15:14] so if your condition is <16 and in reality you compute <17
[15:14] there is a little space
[15:15] for 16 to be valid
[15:15] * tf2honeybadger (~kevin@unaffiliated/tf2honeybadger) has joined #monero-dev
[15:15] it seems: 14:22:11     rfreeman_w |     for (i = 1; i < sizeof(size_t); i <<= 1) {      cnt |= cnt >> i;   }       cnt &= ~(cnt >> 1);
[15:15] my wallet ver is 0.8.8.3
[15:16] the error is here, and the shift is not behaving as coder expected
[15:16] kinglark: its not a matter of wallet
[15:16] * tacotime ([email protected]) has joined #monero-dev
[15:16] kinglark: shut your daemon down, delete your blockchain, download the bootstrap from us, start it up again
[15:16] hegemoOn, I fixed the bug
[15:17] * grubles has quit (*.net *.split)
[15:17] * tymat has quit (*.net *.split)
[15:17] * heyyou has quit (*.net *.split)
[15:17] * TheNat has quit (*.net *.split)
[15:17] * Kushed has quit (*.net *.split)
[15:17] * dnaleor has quit (*.net *.split)
[15:17] * osensei has quit (*.net *.split)
[15:17] * beavisboy has quit (*.net *.split)
[15:17] * AJIekceu4_ has quit (*.net *.split)
[15:17] * xnbya has quit (*.net *.split)
[15:17] * sandor111 has quit (*.net *.split)
[15:17] fluffypony: problems he has +17 monerod to manage
[15:17] hegemoOn, there was a bug in way they calculate which parts of data need to be hashed and part ended up not hashed
[15:17] hegemoOn the shift is fine, it just doesn't looop enough times
[15:17] rfreeman_w: yeah so its not a buffer overflow
[15:17] it was counting bytes it sould count bits
[15:17] or integer overflow
[15:17]
[15:17] * billotronic (62dc12ca@gateway/web/freenode/ip.98.220.18.202) has joined #monero-dev
[15:17] well, its not buffer ovverflow but it does access uninitialized memory later in the function
[15:18] its just a wrong test
[15:18] no unitary test performed !  
[15:18] what miners should do? i stopped mining for now. But should i continue and if yes which pools are okay?
[15:18] everything should be fine from here
[15:18] rfreeman_w: patch?
[15:18] who signed the QA ?
[15:18] hegemoOn: lol
[15:18] QA
[15:18] good one
[15:19] im sure they do QA the exploits to make sure they work
[15:19] yeah i can have some humor
[15:19] * mikezackles ([email protected]) has joined #monero-dev
[15:19] nuke1989: swithc to my pool
[15:19] im on the right side of the blockchain
[15:19] http://monero.coolmining.club
[15:19] the risk is that you will mine on a pool on the wrong side of the blockchain
[15:20] and never get reward
[15:20] hegemoOn, okay
[15:21] Gekz, https://github.com/rfree2monero/bitmonero/commit/b417abfb7a297d09f1bbb6de29030f8de9952ac8  that is my fix look at date, cryptonote was later   Will release nicer patch soon
[15:21] I saw that one.
[15:21] looking for the clean one.
[15:21]
[15:21] * Guest78271 has quit (Quit: leaving)
[15:23] * AJIekceu4_ ([email protected]) has joined #monero-dev
[15:23] * TheNat ([email protected]) has joined #monero-dev
[15:26] * EsteNuno ([email protected]) has joined #monero-dev
[15:27] * etc has quit (Quit: Page closed)
[15:27] * EsteNuno_ has quit (Ping timeout: 255 seconds)
[15:27] * sandor111 (uid42202@gateway/web/irccloud.com/x-ygkvlfwjjthorbkl) has joined #monero-dev
[15:27] * sandor111 has quit (Client Quit)
[15:27] * sandor111 (uid42202@gateway/web/irccloud.com/x-tbnhijsrcbhvctgf) has joined #monero-dev
[15:27] * osensei ([email protected]) has joined #monero-dev
[15:28] * villabacho ([email protected]) has joined #monero-dev
[15:28] nuke1989: i dont see you
[15:29] * yo (2ebd2702@gateway/web/cgi-irc/kiwiirc.com/ip.46.189.39.2) has joined #monero-dev
[15:29] * yo is now known as Guest31350

Polo and every other exchange we were able to reach (which unfortunately did not include Mintpal) was frozen within minutes of the fork. Polo's UI has some issues with displaying frozen status though.

1) yes, it's an overflow bug in C.
2) yes, once the nodes all update no more corrupted blocks should be generated. the corrupted block now needs to be hardcoded into the software.

I'll answer both at the same time. This particular attack can't be mounted again. We haven't pushed out the official fix yet, but exploit it requires growing the blocks sizes, which takes time. We'd never let that happen. The full fix will be out soon. This hole is plugged.

Any software can have vulnerabilities and exploits. This is exacerbated by the fact that we got the code from a bunch of lying scammers who despite that character flaw, happen to have some talent when it comes to cryptography and to a lesser extent coding. We are reviewing the code and paying qualified people to review the code in order to identify and correct problems to the greatest extent possible. Further we will be restructuring, refactoring, and/or replacing some of the code in order to further increase its robustness and trustworthiness (removing obfuscation for example).

The reason for the hostility is a cross between sibling rivalry and the narcissism of minor differences.

The more we have in common with other people, the more horrified and antagonized we are upon disagreement.

A Christian and a Buddhist can more easily have a nice enlightening exchange of theological perspectives without conflict than say, an Orthodox Jew and an Ultra-orthodox one.  Because less cognitive dissonance is triggered and less ego is at stake.



Last night's Troll Block Crisis, however, did more to build bridges between and demonstrate the resiliency/anti-fragility of XMR/BBR than any grousing in the aftermath can undo.  

I think the XMR markets on Polo were/are actually stealth-frozen. Although nothing shows on the exchange page, I tried to put an order in, and it told me the market was frozen.

Careful timing.

I believe that MP and the XMR markets on Poloniex have operated continuously with no substantive price movement.  The moonshot may resume uninterrupted.

That wasn't recent, and it was Bytecoin that made use of that to do a massive pre-mine. There is/was no "mining exploit" in Monero. The uncovering of that was the whole reason Monero was created in the first place.


If you can't get your facts straight, then you shouldn't invest. There's no "unraveling" of problems here indicative of anything. Bitcoin also had bumps in the road.

As usual, I am delighted to see the outcome, and impressed by the rapid isolation of what is actually a fairly subtle defect in rather obfuscated code, the promptness and effectiveness of the damage control, and the well-ordered transparent process which got us there.

If this level of service does not suffice to elicit your financial contributions for the core commensurate with your financial benefit, you are a scoundrel and a cad.

interesting and i thought i can decide by which client i am running on my box and therefore which chain i am supporting. isn't this what you would call a free decision?

+1



-1


(Sorry for the sort of low content post, but sometimes, that's all the information that needs to be transmitted, imo.)


Back on topic:

Thanks, tacotime, smooth, fluffypony for keeping us update in realtime. This is precisely the emergency response I was hoping for.

Two questions:

1) Can you already rule out that the same (or similar) attack can be mounted again?

2) Can you already rule out conclusively that no lasting damage was done (as in: according to the pre-attack ownership situation)? Any chance that some subtle damage was done that'll be discovered only later?

I am kind of flattered to get a response from fluffypony...

Stop it.