Token Daily

2

3

2

3

4

2

12 3

btc-forextrader redditor for 3 months Yesterday

IMO, this situation and how it was so calmly handled by devs, miners and supporters alike is what makes Bitcoin so special.

1

88Fangtastic 5 months old | Karma CC: 53 Yesterday

Its a shit post period. How does this post help any newbies ? Regardless of what we all think its still a rookie space for the rest. Help rather than spreading horseshit.

0

TemporaryPudding 3 months old | New to crypto Yesterday

If we want to help newbs we'd shut this useless shithole sub down.

1

MagniGames 12809 karma | Karma CC: 3058 Yesterday

Yes, all bad news is horseshit and fud and we should only talk about good things.. This sub is like the fox news of crypto.. Do you not realize that, had this been exploited, your entire investment could be worth $0? Does that AT ALL bother you??? Christ almighty, you people and your whatabouting will be the downfall of these systems. This would be UNACCEPTABLE had it happened to the thing everyone touts as outdated (visa) yet with bitcoin it's just fud and let's just all pretend nothing bad ever happened.. Are you suggesting we should suppress negative info to try and trick newbies into buying?? No wonder Bitcoin didn't get the damn ETF...

1

88Fangtastic 5 months old | Karma CC: 53 Yesterday

Actually i suggest you learn how to move forward than cry like a bitch on reddit. Make some positive and be happy. Try to enjoy the weekend.

0

higher-plane Negative | 5 months old | Karma CC: 125 BTC: 786 Yesterday

Thanks to the Bitcoin Cash developer who found and discretely disclosed this bug.

Edit: why an I being downvoted for thanking the person who found and responsibly disclosed the bug? Crazy.

18

TechCynical Karma CC: 1223 Yesterday

Cause brigade.

1

MagniGames 12809 karma | Karma CC: 3058 Yesterday

You're being downvoted because this sub is garbage. People only fucking care about bull runs and Lambos anymore, nobody gives a shit about the technology apparently... I really hope there are supporters out there (not on reddit) that don't fall prey to this tribal bullshit...

10

btceacc 11 months old | CC: 1173 karma MIOTA: 2057 karma Yesterday

Exactly what isn't tribal about your accusatory title?

4

MagniGames 12809 karma | Karma CC: 3058 Yesterday

Now, I know we're all excited for the upcoming bull run, but be careful with downvoting posts like this, This is not "FUD", it's a real, serious problem. There was a network-breaking bug out there for OVER A YEAR that GOT WORSE over time, and developers decided to keep it a secret while they attempted to fix it.. That's SERIOUS..

Not only that, but projects that forked off Bitcoin in that time may also still have this vulnerability..

Luckily nobody discovered it or used it (as far as we know), but to everyone out there yelling "Bitcoin's never had a bug!!!", well, this doesn't look to great does it...

0

Robby16 5 months old | Karma CC: 1841 BTC: 568 Yesterday

Get a clue lol. No, that's standard practise in the security industry for disclosing vulnerabilities. Literally every single company in the world will not disclose discovered vulnerabilities until after they are fixed. Doing otherwise is suicide. Absolutely nothing remotely unprofessional with how they handled it

5

MagniGames 12809 karma | Karma CC: 3058 Yesterday

Funny you tell me to get a clue, so.. why are you using cryptocurrencies then? If you want some private company privately fixing bugs on their private network, then use Visa. We aren't using a product designed by a company, and for that exact reason your response makes no sense.. Bitcoin is owned and operated by it's users, and as such, should be maintained by its users. You want a big group of a few devs making decisions and modifying the whole network? That's what EOS does. Yet this sub shits all over EOS for essentially doing exactly what Btc did here...

0

grumpyfrench 10875 karma | Karma CC: 801 NANO: 367 3 hs ago

Agree

1

XavierFartboner Karma CC: 189 Yesterday

lol "bitcoin core". I'm no bitcoin fan either, but come on man. It's just bitcoin.

1

TechCynical Karma CC: 1223 Yesterday

Dumbass it affected bitcoin core and I believe bitcoin ABC.

0

higher-plane Negative | 5 months old | Karma CC: 125 BTC: 786 Yesterday

It was quite literally a "Bitcoin Core" bug. https://bitcoincore.org/en/2018/09/20/notice/

0

temporarilyembarasse 7 months old | Karma CC: 3534 Yesterday

>There was a network-breaking bug out there for OVER A YEAR that GOT WORSE over time, and developers decided to keep it a secret while they attempted to fix it.. That's SERIOUS.. The fact that you think developers should have made this exploit public makes me seriously doubt your intelligence.

15

MagniGames 12809 karma | Karma CC: 3058 Yesterday

Oh, I'm sorry, I didn't realize that a central entity controlled bitcoin. Oh wait, they don't, it's public, and we all develop it.. This fucking sub is a joke...

0

temporarilyembarasse 7 months old | Karma CC: 3534 Yesterday

>we all develop it you must have a very loose definition of "develop". if your name isn't on a repo or two, you aren't a BTC/crypto developer. you are a BTC/crypto user. Nothing wrong with that. Nothing wrong with a few developers discovering an exploit that is unknown to the public and quietly fixing it instead of making a big federal case about it.

4

btc-reddit Yesterday

This report should be updated to clearly state who found this bug (awemany of BU) and that he quickly and responsibly disclosed it and properly to acknowledge that.

0

cheezbeans redditor for 7 weeks Yesterday

This is actually scary, there needs to be ways to protect and reassurevpeople they’re not going to lose everything. What if theres another serious bug they havent found yet and a malicious hacker finds it first?

0

ISNT_A_ROBOT Yesterday

You can say the same thing about every major financial institution in the world.

0

btc-reddit Yesterday

This is never going to change. Get comfortable with it.

6

Bitcoin_21 redditor for 3 months Yesterday

the bug finder was anonymous and no affiliation with either BTC or BCH cited, it was also independently found by a dev called earlz.

0

btc-reddit Yesterday

We know that it was awemany of BU. Why can’t that be positively acknowledged ? earlz found it later according to the published timeline, and probably because the first DOS element lead directly to the inflation issue.

2

imbalancewoo 1 day ago

"According to Theymos: "Even if the bug had been exploited to its full extent, the theoretical damage to stored funds would have been rolled back."

Rolling back the chain like DAO? Oh, it's okay when bitcoin does it, right? :)

0

shit_frak_a_rando Yesterday

DAO had an error in private contact code, which is what made it controversial, while this is a bug in Bitcoin itself.

2

Jay27 Yesterday

No, rolled back because the longest chain is the valid one. The invalid, inflated chain, would not have been kept after the fix. The DAO happened due to a malicious dev making perfectly valid and legal use of Eth's scripting language.

4

po00on Yesterday

How would the chain be 'rolled back', in this circumstance ?

2

theymos Yesterday

The most important difference is that the DAO situation was a bailout of a private organization and a deviation from expected system behavior, whereas in this case an unexpected bug in the system would be uncontroversially undone. Nobody on Earth is going to seriously suggest that because of this bug, Bitcoin should now allow anyone to print as much BTC as they want. Similarly, if a bug in Script was found which allowed you to spend anyone's BTC, and this was exploited, then it would be totally justified to undo all of those theft transactions. You want to minimize this sort of manual intervention, firstly because it's just very disruptive, and secondly because in large part the point of Bitcoin is to remove fallible humans from this stuff. But economics/money is an inherently human thing, and furthermore nobody knows how to make bug-free software yet, so from time to time these sorts of manual adjustments have been and will continue to be necessary. The ability to make manual changes is what allows us to say that Bitcoin isn't ruled by miners. If "the code was king", then miners could softfork in anything they wanted (including certain types of evil denial-of-service+sidechain schemes which could be viewed as subsidy increases), and Bitcoin absolutely would be ruled by miners. This *isn't* the case only because we can hardfork to a different PoW in the event of such an attack by miners. --- A less philosophically-important but more practically-important difference between this and the DAO incident is that this was a softfork, so: * It has very clear precedent in the value overflow incident, which was a similar bug resolved in a similar softfork, though in that case some blocks were *actually* deleted / rolled back. * Only a majority of miners and/or an economic supermajority need to upgrade in order for everyone to be protected. You don't need *literally everyone* to upgrade. * In the aftermath of an attack, the end result would look like a long reorg, which is within the realm of expected system behavior. Risk is related to number of confirmations, in the end you get a consistent block chain with consistent transaction chains, etc.

13

alsomahler 1 day ago

The Ethereum controversy wasn't created by rolling back the chain. That was a fork to a new state and it left history intact. I think Theymos here really means rollback of history.

2

AdvancedExpert8 1 day ago

It sure is.

0

PurplePineapple12 redditor for 7 weeks 1 day ago

I wish it was exploited i want the price to crash so i can accumulate

0

invisibleblackcoat redditor for 2 days 1 day ago

Why don’t u give us ur Bitcoin?

2

Raiforst 1 day ago

Did you stop for a second to think how stupid your comment is?

5

artificintel 1 day ago

Did you stop for a second to think how unnecessarily aggressive your comment to his comment is?

0

Raiforst 1 day ago

Yeah, I feel bad, sorry.

3

artificintel Yesterday

Sorry.

1

dito67 redditor for 3 weeks 1 day ago

Let see how long will it take for this post to get censored since r/bitcoin made a reputation of being the most censored place in all history

0

suchClouds 1 day ago

If there was a list of the [50 most heavily moderated subreddits](https://www.reddit.com/r/dataisbeautiful/comments/9huvwc/oc_the_top_50_subreddits_in_july_2018_with_the/) made by sampling the data, and this one wasn't on it; would that convince you otherwise?

2

dito67 redditor for 3 weeks Yesterday

Yea yea good try, no one cares(and i mean sane people) about ur shitty list

1

suchClouds Yesterday

Cool. Is there any other objective data you'd like to disagree with?

0

dito67 redditor for 3 weeks Yesterday

Yes i m baffled how fake this thing is, trying to show everyone there is no censorship and core devs and blockstream r the best and divine beings in all existence

2

trentinparadise 1 day ago

>the most censored place in all history That is the most ridiculous statement I have seen for a long time 

10

dito67 redditor for 3 weeks Yesterday

Because it is dumbass

0

typtyphus Yesterday

it's still up. And so is the Cringe Cruise debate.

1

dito67 redditor for 3 weeks Yesterday

Yea its very sad it is not censored even now

0

S_Lowry 1 day ago

Not as censored as the other sub though.

4

dito67 redditor for 3 weeks Yesterday

Yea r/bitcoin should learn something from shitty country like china a thing about censorship

2

DesignerAccount 1 day ago

Not sure if you're being sarcastic or not, but the censorship you refer to I call moderation, and I'm very glad mods to enforce it strictly. (Not strict enough, sometimes, imo.) Makes the conversations around here much more pleasant and, mostly, about Bitcoin. shitcoins are not welcome here, and neither are their shills. Btw, keep talking about censorship... it's a great way to get banned. After a while, it just gets annoying, having to explain moderation is not censorship.

5

dito67 redditor for 3 weeks 1 day ago

sadly that what happens when u put brainless incompetent mods in charge since they r too dumb to even show their vileness

0

AdvancedExpert8 1 day ago

Thats the sad thing about bcashers, you just come in here to talk about censorship and not the actual problem. You're equivalent to saying Thanks Obama whenever something bad happens.

4

dito67 redditor for 3 weeks Yesterday

r u even capable of talking about the actual problem mr fake advancedexpert a tiny typical troll

1

Kalin101 Yesterday

Are you even capable of typing?

2

dito67 redditor for 3 weeks Yesterday

Not so sure, what about u another obvious troll

1

Kalin101 Yesterday

Get a life dude.

2

typtyphus Yesterday

that's because technical subjects are foreign language to them.

1

Mr_Vitriol redditor for 6 weeks 1 day ago

Keep your wrongthink out of here!

0

dito67 redditor for 3 weeks 1 day ago

Oh still not censored, wish i could see the concept of vile censorship in all history of this world a little bit

0

AdvancedExpert8 1 day ago

Should check out China they'll show you true censorship.

0

dito67 redditor for 3 weeks Yesterday

Saddly r/bitcoin can't even learn from that shitty country on how to do proper censorship

1

diamondcuts17765 redditor for 3 months 1 day ago

Damn. Thankfully this was caught by one of the good guys

13

ABitcoinAllBot 1 day ago

Here is the link to the original comment thread. Or you can comment here to start a discussion. Author: LongHash

1

14 2

ethereumfrenzy 1 - 2 years account age. 200 - 1000 comment karma. 1 h ago

Can somebody summarize what it says ? I understand transactions could be batched together more efficiently. Can this work with transactions going to many different adressed, or just if those go ti the same contract / address ?

1

domukas 7 hs ago

is there an estimation date for casper?

1

IllegalAlien333 Yesterday

500tx/sec...really that's it? That's the "potential" geez, bummer.

0

Galveira Yesterday

One layer 2 solution is to have subchains that handle their own transactions. So no, the entire ethereum network isn't going to be limited to 500 tx/sec.

3

IllegalAlien333 Yesterday

so what is the potential with subchains that max out at 500tx/sec?

0

Galveira Yesterday

subchains aren't limited in the same way the ethereum network is. Centralized chains are possible and preferable in certain situations, as long as the initial assets are created on the mainnet first.

1

IllegalAlien333 Yesterday

So in essence a linnked centralized chain built on ETH can handle the transactions needed for a popular dapp?

0

Galveira Yesterday

That's one solution, yes.

1

Theft_Via_Taxation Yesterday

If people were to use this option, their transactions would be anonymous correct? That would be awesome if anonymity was the default

16

symeof Developer Yesterday

No, they would still not be anonymous as the original signature itself is not anonymous. But the system could potentially be evolved to be anonymous, but that would require a lot more work than this.

1

vbuterin Ethereum - Vitalik Buterin Yesterday

No, they would not. SNARKs are used here for scalability, not privacy. Unfortunately adding strong privacy into this scheme would likely reduce gas efficiency by ~8x. Though that may be not that bad, given that strong privacy has efficiency tradeoffs around that level no matter what you do.

29

lambeingsarcastic Yesterday

I'm sorry if this is a dumb question but is that because you would need to add more to the blockchain to implement strong privacy and gas usage is proportional to the size of the data written to the blockchain?

5

vbuterin Ethereum - Vitalik Buterin Yesterday

> I'm sorry if this is a dumb question but is that because you would need to add more to the blockchain to implement strong privacy and gas usage is proportional to the size of the data written to the blockchain? It's because for strong privacy, the indices and transaction amounts would need to be "encrypted", and an encrypted value would need to be 32 bytes. Though maybe it's possible to make it be 32 bytes for the entire data, in which case the complexity would be pushed into the SNARK proof computation.

15

ericdevice Yesterday

I wonder if the gov would not like this

1

iamtheballoonman 1 - 2 year account age. 35 - 100 comment karma. Yesterday

I’d anticipate they wouldn’t, but... oh well. I do ¯\_(ツ)_/¯

4

BGoodej Yesterday

It would be fantastic if this could be done while waiting for casper.

15

symeof Developer Yesterday

This only applies for transactions to the same contract. So unless you have some dominant smart contract(s), this provides little benefits in total gas savings overall.

1

Heringsalat100 Redditor for 10 months. Yesterday

It is only meant for simple asset transfers like tokens. Nevertheless it is very exciting!

20

kwadrax Redditor for 9 months. Yesterday

Aren't these like the (vast) majority?

8

Heringsalat100 Redditor for 10 months. Yesterday

At the current time I would say yes. Only as an additional information because of the title of the post ;).

1

lazyj2020 Yesterday

yes

5

saddit42 Yesterday

Nice in theory, but is it really expected to happen before Shasper?

9

miker397 Yesterday

So what are the downsides to this as a stop gap before Casper+Sharding arrive?

5

LarsPensjo Yesterday

>Also, this is not a pivot, it's a layer 2 along with all the other layer 2's. If so, this is orthogonal to Casper and Sharding.

8

MilkDudDandy Yesterday

or·thog·o·nal ôrˈTHäɡənl/Submit adjective 1. of or involving right angles; at right angles. 2. **STATISTICS (of variates) statistically independent.**

2

nootropicat Yesterday

It's a very old idea, iirc older than bitcoin (only theoretical then). The main problem was always proving performance and trusted setup. Public data arguably makes multiparty trusted setup not a big issue. All currently practical solutions are also not quantum secure.

It also makes sharding pointless, as all scaling problems reduce to relatively trivial decentralized storage with many existing solutions. I hope this doesn't become yet another pivot (like beacon chain from hybrid PoS)...

25

vbuterin Just some guy Yesterday

I would argue proving performance is not a big deal in the long run; there have been large gains recently now that SNARK/STARKs are The Big New Thing, and if there's usage we can outsource proof generation to the mining industry and their GPU farms. And it's not true that it "reduces to decentralized storage"; it reduces to _scalable validation of data availability_, which is still a hard problem and requires some kind of "sharded" setup to solve. Also, this is not a pivot, it's a layer 2 along with all the other layer 2's.

65

nootropicat Yesterday

>I would argue proving performance is not a big deal in the long run Do you know how fast recursive zk-snark validation is now, on the bls12 curve (the one zcash switches to)? Is it reasonably practical now? >And it's not true that it "reduces to decentralized storage"; it reduces to scalable validation of data availability, which is still a hard problem Zk-snarks allow every shard validator to prove that he indeed does have the entire required state. Then the security assumption becomes that for some n, n validators aren't going to cooperate and hide the data from the public. Validators can be shuffled. What's the hard problem in this design? Zk-snarks also allow using rateless erasure codes for much better transmission, as every part can be proven to be correct. Unless it's in the multiple TB I don't see a reason for sharding at all.

13

vbuterin Just some guy Yesterday

> Unless it's in the multiple TB I don't see a reason for sharding at all. Currently the ethereum blockchain's data rate is ~25 kb per 15 sec, or ~50 GB per year. If we want to increase capacity by a factor of 1000, that becomes 50 TB per year. With the optimizations described here, that could go down to ~5 TB, but then if we have that much scalability we may as well include strong privacy support, which would push the numbers back up to ~50 TB. So yes, we are interested in literally scaling the blockchain to multiple terabytes.

14

nootropicat Yesterday

Fair enough. I would consider 2TB per validator to be the cutoff between high end pc and servers, as 2TB appears to be the maximum size of consumer versions of NVMe SSDs.

7

vbuterin Just some guy Yesterday

> Then the security assumption becomes that for some n, n validators aren't going to cooperate and hide the data from the public. Validators can be shuffled. What's the hard problem in this design? This requires every validator to actually have all the data. The design you *could* have is to require randomly sampled subsets of validators to prove ownership of different subsets of data, but then that *is* sharding.

25

FreeFactoid Yesterday

Woohoo! Thank you VB🙏

6

MilkDudDandy Redditor for 10 months. Yesterday

Starin' up straight in the face!!

6

phatalerror Bull Yesterday

open your mouth, close your eyes!

2

seb400_8 Yesterday

Holy shit. Finaly!

0

CommonMisspellingBot Yesterday

Hey, seb400\_8, just a quick heads-up: **finaly** is actually spelled **finally**. You can remember it by **two ls**. Have a nice day! ^^^^The ^^^^parent ^^^^commenter ^^^^can ^^^^reply ^^^^with ^^^^'delete' ^^^^to ^^^^delete ^^^^this ^^^^comment.

9

seb400_8 Yesterday

Keyboard warrior! 🙃

0

happyyellowball Gentleman Yesterday

sounds like a game changer until casper imo... i am not that technically inclined though

37

blackout24 Yesterday

Does Vitalik even sleep or go on vacation from time to time? By the time I finished reading one of his posts there is already another one.

55

CrystalETH_ Yesterday

He has his long vacation on planet earth

59

happyyellowball Yesterday

vitalik vacations during DevCons

51

Crackorjackzors Yesterday

I'd want to party with him, I imagine all the Devs want to get down as well.

3

Galveira Yesterday

God only knows what he'd look like drunk.

3

CoinedPrince 11 hs ago

Vitalik doesn't get drunk. Drunk gets Vitalik.

2

4

2

3

2

5 3

2

25 13

Andrew Miller - @socrates1024

RT @PeterRizun: The Bitcoin Cash and BU developer who discovered CVE-2018–17144 -- one of the most significant Bitcoin bugs ever and a bug that allowed miners to create coins out of thin air -- describes the story behind it and his experience with responsible disclosure. https://t.co/7tk26I3fDY

187 483

Martin Köppelmann - @koeppelmann

RT @PeterRizun: The Bitcoin Cash and BU developer who discovered CVE-2018–17144 -- one of the most significant Bitcoin bugs ever and a bug that allowed miners to create coins out of thin air -- describes the story behind it and his experience with responsible disclosure. https://t.co/7tk26I3fDY

171 433

Michelle Varron - @michellevarron

RT @ercwl: As a person guilty for throwing rocks in glass houses, this was a humbling read. We owe a great deal of gratitude to awemany for this. Thank you. https://t.co/p3n9J8Whbt

4 44

JP - @jpbaric

RT @PeterRizun: The Bitcoin Cash and BU developer who discovered CVE-2018–17144 -- one of the most significant Bitcoin bugs ever and a bug that allowed miners to create coins out of thin air -- describes the story behind it and his experience with responsible disclosure. https://t.co/7tk26I3fDY

113 283

Emin Gün Sirer - @el33th4xor

There is such a thing as Divine Justice, and it looks like this. Congrats to the BU team for discovering this bug. There are some extremely talented people in Bitcoin Cash, as anyone outside the echo chamber can tell you. https://t.co/W2Q1xmBDFH

0 3

Balaji S. Srinivasan - @balajis

RT @PeterRizun: The Bitcoin Cash and BU developer who discovered CVE-2018–17144 -- one of the most significant Bitcoin bugs ever and a bug that allowed miners to create coins out of thin air -- describes the story behind it and his experience with responsible disclosure. https://t.co/7tk26I3fDY

97 251

Taylor Gerring - @TaylorGerring

RT @CobraBitcoin: Turns out a Bitcoin Cash developer saved Bitcoin from one of its worst and most dangerous bugs ever. Let this be the end of the arrogance and hubris of the Core development team and their cult followers. Both communities are more powerful working together, not against! https://t.co/dID65JATID

55 184

Ryan X. Charles - @ryanxcharles

Wow. Amazing work, awemany! https://t.co/K0bjSnAC7R

1 5

Vinny Lingham - @VinnyLingham

RT @CobraBitcoin: Turns out a Bitcoin Cash developer saved Bitcoin from one of its worst and most dangerous bugs ever. Let this be the end of the arrogance and hubris of the Core development team and their cult followers. Both communities are more powerful working together, not against! https://t.co/dID65JATID

32 108

Jeff Garzik - @jgarzik

RT @CobraBitcoin: Turns out a Bitcoin Cash developer saved Bitcoin from one of its worst and most dangerous bugs ever. Let this be the end of the arrogance and hubris of the Core development team and their cult followers. Both communities are more powerful working together, not against! https://t.co/dID65JATID

32 106

ecurrencyhodler - @ecurrencyhodler

So a $BCH dev named awemany disclosed the bug to $BTC devs. https://t.co/uapVp16mAB I leave you now with Cory Fields's reason as to why he eventually decided to diclose a BCH vulnerability back in April: https://t.co/7KxqbQIHad

0 1

Eric Wall - @ercwl

As a person guilty for throwing rocks in glass houses, this was a humbling read. We owe a great deal of gratitude to ftrader for this. Thank you. https://t.co/p3n9J8Whbt

2 10

Cøbra - @CobraBitcoin

Turns out a Bitcoin Cash developer saved Bitcoin from one of its worst and most dangerous bugs ever. Let this be the end of the arrogance and hubris of the Core development team and their cult followers. Both communities are more powerful working together, not against! https://t.co/dID65JATID

15 41

moodytomatoes 1 h ago

why Core recklessly endangered the security of Bitcoin Cash as well endangering the myriad of altcoins that are out there and still susceptible with this premature and hasty publication

the fuck? bitcoin devs care about bitcoin. you fork? go your own way and stay safe on your own. it's actually counterproductive for security because you all shitcoin fork shills you will be delaying publication of the bug with thousands of shitfork coins code updates and giving a time window to yourselves to exploit it on Bitcoin.

1

circleio Yesterday

Come on all you dash instamine haters, where are you now? What goes around comes around.

1

minorman Yesterday

I'm glad to see u/awemany getting serious tips for this. Well done.

2

Chytrik Yesterday

Thankful the bug was discovered and patched quickly! Kudos to all those involved.

Gotta say though, this article is kinda absurd. How many paragraphs did I just read about ’big banks might’ve deliberately inserted this bug hurr durr’? It really hurts the image of professionalism to pack that much whining and conspiracy into one article.

Childish at best, but at least they did the write thing.

1

BobAlison Yesterday

I like to applaud deadalnix and the ABC team for what I was thinking the Core team should have done here as well: Bury the fix in a bit more and unrelated refactoring code so as to fix it but also to buy some more time for an upgrade.

That might sound ok at first, but what then? You want a lot of eyes on the fix to minimize the risk of breaking things further, but at the least to ensure that the solution fixes the problem.

Then there's the political aftermath and risk that the cat will be let out of the bag before you can explain yourself.

The anger around less than full disclosure up front is palpable as it is.

0

thethrowaccount21 Yesterday

Question: At what point do we as a network decide that we need to do independent testing of back-commits from BTC Core? Are we already doing that?

8

eric_sammons Yesterday

That’s a great question. We might think Dash is immune from the hubris and arrogance of Bitcoin Core, but this incident shows we’re all dependent on them to a degree.

2

thethrowaccount21 Yesterday

Yes, considering our significant ideological differences (segwit/no segwit, lightning, privacy, onchain-vs-offchain scaling, etc.), it would be wise I think to expand the scope of what we decline to port from BTC Core. It is possible this was an attack from a rogue-probankster dev, or maybe just the idea was an attack and the dev didn't realize the implications, but it is rather suspect that a critical vulnerability would arise with the exact outcome of removing bitcoin/crypto's inflation protection. I think its time we begin to consider the possibility that there will be hostile commits in the future and thus every back-commit should be rigorously tested for effect before being incorporated into our chain. We are no longer BTC's little brother. Although transactions wise we are far behind still, that can change in an instant.

7

tungfa Yesterday

very misleading title ! that was a security issue - NOT disaster , and it affected all btc forks , not only dash (but hey ... “journalism” ... ; )

3

eric_sammons Yesterday

Well, it had the potential to be a disaster, for Bitcoin, Dash, and all coins using the BTC code base. I can’t think of a worse bug than being able to create coins out of thin air.

3

thethrowaccount21 Yesterday

The price of freedom is eternal vigilance. On the bright side, our path and that of the open source community has been vindicated once again. Thanks to open source, a critical vulnerability was exposed within 2 years of its introduction. Because of this, the issue was fixed across blockchains (hopefully). Issues with legacy could and still do persist for decades even centuries without nary a peep or public input/inspection. This is the path that leads to financial independence. Not just lambos, but true choice in financial services. Powerful stuff.

2

solarguy2003 Moderator Yesterday

Exactly. Recent potential security issue would have far more accurate.

1

cryptogiraffewins redditor for 2 weeks Yesterday

Author is a Bcasher, or at very least, biased !

0

chek2fire Yesterday

This article is total garbage and another prof that bcash shitcoin will only survive with political propaganda blame against bitcoin.

0

mikenewhouse Yesterday

Thank God Dash is on the far away periphery of that feud. Who has time for that crap

2

blockmains Bitcoin fan Yesterday

While nice find and all that, the guy u/awemany claims he could have "rented hash" and attacked bitcoin. Seems to me he wanted some cheap publicity with this article instead of just sticking to facts he brings in political ideology. Kinda fits the role wth b^cash supporters they will do anything for attention.

LOOK AT ME. I COULD HAVE KILLED BITCOIN. BUT I AM SUCH A NICE PERSON.

0

TechCynical Karma CC: 1223 Yesterday

Classic bitcoin maximalist comment.

0

blockmains Bitcoin fan 11 hs ago

Better a fan of bitcoin than waste your life supporting cash grab scams like b trash

2

TechCynical Karma CC: 1223 10 hs ago

cash grab scams? this is crypto I spend It when I get it and it works like advertised 100% of the time without any bottleneck. oh wait your only here for the money sorry forget.

0

Thethirdtoken 83094 karma | Karma CC: 1790 NANO: 1869 Yesterday

Killing Bitcoin would have been catastrophic for this space. I don't own or support either coin and even I can see that.

1

Elidan456 Yesterday

Bitcore did just that to BitcoinXT, but okay.

5

blockmains Bitcoin fan Yesterday

Bitcore? https://coinmarketcap.com/currencies/bitcore/ How is an altcoin bitcore involved in this again? Again, more he did she did. You guys should keep politics on a separate page from technology. What was a perfectly good disclosure is now just another opportunity to sling mud because the person making the disclosure did not find it important not to stick his political ideologies right into his disclosure article. 🤦 Its as if he cannot sort out what is good for him and what is not...

0

TechCynical Karma CC: 1223 Yesterday

Read again?

1

Elidan456 Yesterday

https://bitcoincore.org/en/2018/09/20/notice/ *These people

8

Bitcoin_21 redditor for 3 months Yesterday

the bug finder was anonymous and no affiliation with either BTC or BCH cited, it was also independently found by a dev called earlz.

2

NikhilRao1334 Karma CC: 60 Yesterday

The fact that I could have gone and rented hash power and shorted BTC and exploited this. But also the fact that I did not!

Lmao. You cannot actually take someone who writes such horse crap seriously

Sums up all you need to know about the guy - a propaganda artist. No wonder he is a fan of a grand shitcoin like Btrashcash

0

Elidan456 Yesterday

Dev could have put BTC to its death bed. I think you should show some appreciation, troll.

7

NikhilRao1334 Karma CC: 60 Yesterday

Dev is just a brash peddling propaganda artist, his article makes him sound like a scammer. Peddle this crap elsewhere troll.

0

Elidan456 Yesterday

Someday you'll learn to show respect and gratitude to people who wipe your ass. but I guess kids like you have yet to reach that stage.

8

ENSChamp Monero fan Yesterday

LOL a disclosure article written to emphasise victimhood. Did he write this on his periods?

Here is Cory Field's disclosure of bugs on B Cash earlier: https://medium.com/mit-media-lab-digital-currency-initiative/http-coryfields-com-cash-48a99b85aad4

Which is to the point without going into politics and propaganda.

Whereas OP's article has more conspiracies and victimhood than actual facts.

0

Elidan456 Yesterday

This dev probably saved the cryptosphere from a problem, if abused, could have killed BTC. And you find a way to bash him? Amazing really. This is far from a simple node crash if you have not understood the problem.

9

ENSChamp Monero fan Yesterday

Read both the articles - the one in OP and the one linked by me above. Now tell me: which one of the two sounds like it is written like a professional, which one sounds like a bunch of assumptions and conspiracy theories stitched into one? Sure he discovered the bug and had he disclosed it and made a neutral report about it, it would be appreciated (still is) - instead he goes around stirring up drama and putting his propaganda machinery to work. "Oh I found a bug, must have been left behind by a bank shill to destroy beeetcoin" LOL come on dude...

0

Elidan456 Yesterday

Have you seen Bitcore devs? They are saying it's BCH dev faults that the information somehow leaked when they are the one leaking the information and someone just figured out how bad this problem was. This is the kind of shit from the BTC propaganda machine they have to deal everyday, and the twats here who just eat and spit whatever they are told. Proof, look just below, you got people calling scam on the article when it was confirmed by pretty much every devs, timestamp and BU stack.

4

belcher_ Yesterday

https://twitter.com/kaykurokawa/status/1043335093551542272

Ok , the BU dev that claims to have "found" CVE-2018–17144 is providing evidence on /r/btc using http://originstamp.org but the time does not line up!

This is his hashed data, it is timestamped 9/18 06:13 AM GMT, this is more than 15 hours after the disclosure according to the CVE which happened on 9/17 14:47 PM GMT !

It is also timestamped more than 8 hours after the PR to fix the bug was made public on the bitcoin github on 9/17 21:57 PM GMT after which it would have been possible for someone inspecting it to figure out the problem.

Don't trust verify. There is no verification that this guy found CVE-2018-17144. As long as there is no evidence, this is just an elaborate scam to fish for donations, or an operation to claim credit for BU and BCH where it is not due.

u/awemany comment? Someone is accusing your proof of being bunk.

8

awemany Yesterday

I have hopefully addressed this comprehensively here: https://old.reddit.com/r/Bitcoin/comments/9hvkc2/a_bch_dev_found_the_cve_vulnerability_it_reminds/e6fflo8/

16

kekcoin Yesterday

$ cat awemany.txt BitcoinABC does not check for duplicate inputs when processing a block, only when inserting a transaction into the mempool. This is dangerous as blocks can be generated with duplicate transactions and then sent through e.g. compact block missing transactions and avoid hitting the mempool, creating money out of thin air. /u/awemany $ sha256sum awemany.txt 5c45a1ba957362a2ba97c9f8c48d4d59d4fa990945b7094a8d2a98c3a91ed9b6 awemany.txt Verified. Also confirmed with someone I trust on the BU slack (I'm not on there myself) that you posted that hash before the bug was disclosed to Core.

11

awemany 7 hs ago

Thank you.

1

gerikson Yesterday

Read the entire thread, including the last one.

3

belcher_ Yesterday

This? > Just an update, http://originstamp.org does not provide accurate timestamping to the hour (minimum resolution of a day) so it *cannot be used as evidence against or for awemany's claim that he found the bug before the disclosure.* So as mentioned, his proof is not convincing. Fees are ~1 sat/byte right now, he could've easily gotten something confirmed in the next block if he wanted. The proof is bunk.

5

gerikson Yesterday

The Twitter author made a series of claims and was good enough to correct themselves, which I applaud. Their stated argument lacks merit though, in my opinion. Interesting choice of words there: "against or for" as opposed to the idiomatic "for or against".

2

presse_citron Yesterday

Core recklessly endangered the security of Bitcoin Cash

ROFL

10

Anduckk Yesterday

Yep! And much more other nonsense in there. It's not that trivial nonsense, that's why it's probably in the article. Btw bcash is all the time endangered as they use the same algorithm as Bitcoin, Bitcoin has tons more hash power, and it'd be quite easy for any medium sized Bitcoin pool to 51% attack it. There have been some cases of 51% attacks wrecking coins in the GPU-mined altcoin scene. Wonder why OP brings up conspiracy-like attack surfaces while ignoring the obvious, much worse and unsolved but solvable ones.

0

traderpat Yesterday

Thanks for posting this! What a great read. Headed over to other subs to read more about what happened and what's going on. Stumbled on this article which is also a great read:

@jonaldfyookball/the-bitcoin-social-contract-21-million-coins-and-the-future-of-peer-to-peer-cash-5d310a54fbb4">https://medium.com/@jonaldfyookball/the-bitcoin-social-contract-21-million-coins-and-the-future-of-peer-to-peer-cash-5d310a54fbb4

It's interesting to think about the debate between "code is law" vs "social contract". It also highlights the importance of "governance" in case there were to be an unexpected "social contract" breach that might need a decision on how to resolve it (Should we roll back the DAO hack? Should we roll back unintentional inflation? Or any number of other future unforeseen cases). Just another reminder of the value of DASH's already functional governance system!

E: I also like how the author points out BTC's "social contract" breach of changing from a peer-to-peer electronic cash to store-of-value.

8

btc-reddit Yesterday

I think a shoutout of appreciation to slushpool is in order. Reading the timeline of events it took less than 20 mins to upgrade.

20:30 Matt Corallo speaks with slushpool CTO and CEO and shares patch with disclosure of the Denial of Service

20:48 slushpool confirmed upgraded

10

HarmonicOG Yesterday

Shouts \*Appreciation\*

1

e3ee3 Yesterday

Is it proved that the author of this article is the same person who discovered and reported the bug?

9

sumBTC Yesterday

NO

0

cryptocomicon CC: 3 karma XMR: 3992 karma BTC: 2440 karma 1 day ago

https://twitter.com/peterktodd/status/1043376657342521344

0

ThisMustBeTrue CC: 349 karma Dashpay: 472 karma Yesterday

Looks like it was deleted. https://archive.fo/W1gdf

3

Dangler42 redditor for 3 months 1 day ago

Also wonderful that the developers didn't tell the shitcoin developers -- hopefully a bunch of them got smashed before the bug could be fixed there.

0

DesignerAccount 1 day ago

Some good news from bcash? I'll call Roger out for the scammer that he is any time of the day. And likewise his team of sockpuppet mods. But I'm glad to find out there's decent guys working on the other side as well. This was a great display of great professionalism, imo. (Ignoring the conspiracy-like bias and claims...)

Thanks to the dev for the responsible and civil disclosure of a pretty big bug.

If I wasn't banned in r/btc, I'd thank him directly there with a post.

Just don't mistake this for some kind of acceptance of BCash. Was, is, and will continue to be a scam, until you drop the "real bitcoin" shit.

5

alphabravoccharlie 1 day ago

How many coins extra did this add to the 21m cap?

11

AlreadyBannedOnce redditor for 1 week Yesterday

Considering lost and burned BTC, there is room for hundreds of thousands of exploit-driven new coins under the 21M cap.

0

Chytrik Yesterday

That’s not how this works -_-

3

lazarus_free redditor for 3 months Yesterday

The bug was never exploited

3

DesignerAccount 1 day ago

Zero, it was not exploited.

14

alphabravoccharlie 1 day ago

Thanks

8

Anduckk 1 day ago

None. This bug hasn't been exploited.

24

liquidify 1 day ago

Thanks for the good article and the bug find.

20

theymos 1 day ago

I disagree with a lot of what he's written here, but congrats on the find.

26

cryptoceelo Yesterday

its just a typical bcash fag post complaining about core what do you expect. Why he thinks core have any sense of obligation to tell them first that there was such a bug present in their codebase is absurd. This is the exact type of thing bcash fags would have actively exploited to prove a point some notion that fake bch is better than btc. Core did the right thing in patching themselves first

0

RareJahans Yesterday

Go die in a fire homophobe.

1

AlreadyBannedOnce redditor for 1 week Yesterday

Others may condemn your homophobia, but professionals understand that talking about your fears, even indirectly, and getting your fears out in the open is the first step in the healing process. My thoughts and prayers are with you as you confront your demons. I urge you to continue with your struggles against your fears and your upbringing. Good luck!  

12

cryptoceelo Yesterday

Thank you BCHFag shill for your words they mean nothing to me!

1

Kakifrucht 1 day ago

Feel free to elaborate.

12

DesignerAccount 1 day ago

It's littered with conspiracies and victimhood.

31

NigelClutterbuck 1 day ago

A not so well disguised attempt to inject politics where there are no room for such. A good find though.

12

theSentryandtheVoid redditor for 6 weeks 1 day ago

I'd love for some clarification about it too.

6

gizram84 1 day ago

> I always feared that someone from the bankster circles, someone injected into the Bitcoin development circles with the sole goal of wreaking unsalvageable havoc, would do exactly what happened. He seems to be implying that the bug was intentional, and that Matt Corallo is a bankster plant. That's an insane thing to casually throw into an article about a bug.

18

liquidify 1 day ago

He elaborates on this and says specifically that he doesn't believe this is the case for this particular situation. His point was that we should be aware that this is a valid way to target bitcoin, and that this situation is an example of a way things could look should bitcoin have been targeted in this way.

26

StopAndDecrypt Yesterday

I don't think you're an idiot, but that doesn't rule out the possibility that you may be an idiot, and some other people have been going around saying you're an idiot, but it totally wasn't me.

6

Ungolive Yesterday

„I don‘t believe it, but it could be“ then why mention it in the first place...

4

ThisMustBeTrue Yesterday

Because it's an attack vector to watch out for.

6

Ungolive Yesterday

Sure but if it has nothing to do with the topic he is blogging about he should have made a second blog post about attack vectors that are underestimated. There is enough conspiracy theories as is., don‘t need to fuel new ones...

1

2 3

2

2 2

4 11

Pontus Lindblom - @ponli137

RT @AaronvanW: The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

121 284

Marty Bent - @MartyBent

RT @AaronvanW: The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

96 239

Peter Todd - @peterktodd

RT @AaronvanW: The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

71 172

Tuur Demeester - @TuurDemeester

RT @AaronvanW: The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

48 129

Barry Silbert - @barrysilbert

Big thank you to everybody involved with identifying, diagnosing and fixing this issue https://t.co/Mafj1qEx5L

1 8

Angela Walch - @angela_walch

I'm going to be having a LOT to say about this #Bitcoin bug and the process of disclosure and fixing. At first blush, it validates pretty much all of the arguments I've made over the years, and shows not even Bitcoin is "truly decentralized." #crypto https://t.co/W28tQLpWmk

0 0

Matt Odell - @matt_odell

Great write-up by @AaronvanW https://t.co/rmwyNXvAKF

2 4

Dennis Parker⚡️ - @Xentagz

RT @AaronvanW: The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

31 94

Aaron van Wirdum - @AaronvanW

The Good, the Bad and the Ugly Details of One of Bitcoin’s Nastiest Bugs Yet https://t.co/9P6cQxsc1t

4 12

Andrea O'Sullivan - @anjiecast

RT @BitcoinMagazine: "It’s sobering for many that this bug made it into a release of Bitcoin’s leading software implementation, ... and remained unnoticed for about 18 months" #bitcoin #bug #crytpocurrencynews The Good, Bad & Ugly about a nasty Bitcoin bug: https://t.co/bAL33P1lyG https://t.co/NWA91KNI2I

7 7

Bitcoin Magazine - @BitcoinMagazine

"It’s sobering for many that this bug made it into a release of Bitcoin’s leading software implementation, ... and remained unnoticed for about 18 months" #bitcoin #bug #crytpocurrencynews The Good, Bad & Ugly about a nasty Bitcoin bug: https://t.co/bAL33P1lyG https://t.co/NWA91KNI2I

7 6

2

1 10

Ryan Selkis - @twobitidiot

RT @jbrukh: Safe harbors for noncustodial use would be a game changer. Not only would it solve clarity problems for products, it would also make it significantly cheaper to roll a decentralized product than a Coinbase-style custodial product. @katherineykwu https://t.co/gAA36KxvP3

25 44

Katherine Wu - @katherineykwu

RT @jbrukh: Safe harbors for noncustodial use would be a game changer. Not only would it solve clarity problems for products, it would also make it significantly cheaper to roll a decentralized product than a Coinbase-style custodial product. @katherineykwu https://t.co/gAA36KxvP3

17 37

Meltem Demirors - @Melt_Dem

US consumers and businesses would benefit greatly from the creation of “safe harbor” rules. the current scattershot approach by agencies and states is messy, confusing, and anti-competitive to all but the largest startups who raised the most money. https://t.co/XcZikCe8w2

0 9

Chris Burniske - @cburniske

"The resolution supports a light-touch approach to regulation, and the two bills create safe harbors, one for non-custodial use of cryptocurrencies and the other for taxpayers who report income from hard forks." -@jerrybrito https://t.co/iRfNmnrJlk

0 1

Eric Meltzer - @wheatpond

RT @cburniske: Three pro-cryptocurrency bills are being introduced in Congress: https://t.co/iRfNmnrJlk 🙏 @coincenter

10 25

#33kByJuly3018Moku //not_giving_away_ETH\\ - @CarpeNoctom

RT @NeerajKA: Three pro-cryptocurrency bills are being introduced in Congress https://t.co/3jtH3Sa72r

25 70

Marco Santori - @msantoriESQ

RT @jbrukh: Safe harbors for noncustodial use would be a game changer. Not only would it solve clarity problems for products, it would also make it significantly cheaper to roll a decentralized product than a Coinbase-style custodial product. @katherineykwu https://t.co/gAA36KxvP3

4 8