Welcome to the chaos that is security = ). Let's get this first part over with quickly:
Your GRC is safe. The exploit used to stake all those blocks in a row does not endanger your GRC or information in any way.
As has been noted, the 1 millionth block was mined by developer Tomáš Brod (tomasbrod on github and Brod on slack).
As has also been noted, he did this by utilizing a known exploit.
After an in depth conversation with Brod, it is clear that this was not a malicious attack. He will not be accepting the 1 Millionth Commemorative Coin. He has surrendered that honor to the staker of block 999998, pomegranate-.
So, why did Brod do this?
Weeks ago, Brod tested and submitted a fix to this exploit in the form of a protocol tweak. The update is sitting on the development branch on github. You can find his testings on GRCstats around June 3rd. He was unable to test the exploit on testnet as he claims that it is too easy to stake on the testnet even without the exploit. Having lurked around many conversations regarding testnet staking, I do not find this difficult to believe.
Brod's fix is a new stake kernel called StakeV8. You can find documentation on this fix here. Keep in mind that the wiki is a work in progress.
While analyzing all of this information for yourself, keep in mind that the reasons for delaying the roll-out of StakeV8 include holding off until the mandatory update currently under production is completed. This way we would only need to contact exchanges once.
What is the exploit?
In short, the attack takes advantage of how the current PoS protocol helps a new user increase their probability to stake. For those seeking more information, we recommend you look at the Wiki for StakeV8. The exploit involves the variable RSAWeight along with a second PoW exploit meant to ensure a block is staked. Both of these exploits are fixed with StakeV8.
Brod exploited these flaws at a high profile event that he knew would get a response. How we respond is up to us.
These exploits need attention. Much of Gridcoin needs attention. Attention that has only just begun to receive, so do not be dismayed! Security and communication are particularly crucial issues that need rapid corrections, and these appear to be happening with the Github Community and the new method of contacting devs. If you don't know what I'm talking about here, either stay tuned or give a listen to the most recent Beyond Bitcoin or GRC Hangout talks given by @cm-steem.
Regarding the Comm Coin:
We must find pomegranate- and see what he wants us to do with the coin!
If anyone finds him let him know he has 14 days to claim the coin before it goes to the foundation.
Otherwise, keep an eye out for some updates coming from @dutch regarding the milling of the coin!
Signed by:
@jringo
@brod
@m3rcos1ty
Nice overview of a quite hectic timeframe :) thanks alot for writing things down ;)
Very bad advertising for GridCoin...
1 Millionth Block supposed to be a big day for GRC...
Why tomas brod ruined that event?!??
Irrespective of whether the exploit worked, Brod could have announced at a time shortly after, 'I tried to attack the 1M block and was/wasnt (delete as needed) successful'.
Why did it take watching eyes to find this out?
That doesnt give me a good feeling. Im a trusting person and the devs are great, but this kind of behaviour isnt ideal.
Question - Was there any other developer(s), aside from @brod, aware this was planned for the 1,000,0000 block?
He/We made jokes after the mumble this last Saturday I am not sure if it was being recorded but I made a joke , because Thomas was there and said " you know we should make the 1m block hit as the eclipse starts and then release the blockchain when its over " and Thomas said " You know I can use my blah blah tools and start an attack and make that happen " . So this was obviously pre-planned by him and there were others whom are on this forum that were there and heard it.
To my knowledge, brod acted alone.
"Brod exploited these flaws at a high profile event that he knew would get a response. How we respond is up to us." - - -
Is the right answer for us to bend over and laugh it off? If the new stake kernal (StakeV8) will fix the exploits then why were they executed in production? What did it prove?
This isn't some kind of game. Paid, unpaid, volunteer, and/or charity workers can be let go or fired.
If an investor / researcher performed a stunt like this I'm pretty sure we'd be banned from participating in Gridcoin. Considering a developer, who is also an investor / researcher, did this I would expect the same. This was premeditated by an insider. Unacceptable.
Forgive me if any of this was said in the other replies to this thread. I have minimized that conversation and hopefully will never have to look at it again = ).
With regards to what to do about the actor of these exploits:
I think a conversation needs to be had about the method used to shed light on these exploits. I think a conversation also needs to be had to determine what actions, if any, should be taken against Brod. For now, I will leave my personal opinion out of it, but I ask that people keep as much emotion as possible away from that conversation.
I think the more important conversation to have revolves around what we can build to give us a clear path of action should something like this happen again. We need to build something out of this instead of just looking for fault and retribution. We need governance. It's difficult to govern without knowing what we are governing, so we also need a whitepaper.
Join the conversation on slack where both of these are already under production. The more who contribute ideas the better!
No , the typical " shrug it off is NOT the way to handle this , its not the way to handle any of the shit as we have in the past , forks and black swans etc. We are a damn Financial Institution and do you think this is how things are supposed to be handled? Yes going forward is great but how to avoid apparently out dev team from making horrible choices for US without our say as normally something would have a vote " do we let tomasb hack gridcoin , and if we do do we care if he does it as many times and when ever he wants and lol about it. You also you have to step back and take a look and in total Tomas's actions have been 100% destructive since July 5th when I started dropping his CPID in #gridcoin to show the 12k GRC blackswan to his CPID and what about the 36k ( https://gridcoinstats.eu/cpid/46f64d69eb8c5ee9cd24178b589af83f ) the 12k is gone from his history along with after the 36k a 30k withdrawl that others saw too so can he do more to Gridcoin that we dont know about and did that all get given back? I mean if he was working with the dev's it should have been or was that his treat for hacking all the users PoR twice now and fucking everything up and causing this current magnitude issue along with the false new user influx. Per governing how about finally forming a real Gridcoin foundation with checks and balances and that goes for not just what money goes where from the foundation but what the dev's do and the way and direction Gridcoin heads. Yes we have a vote system , but anyone can make a vote they don't have to be honored. I tell you what , lets take the first step and stop this blackhat shit right now , people already got very little compensation via Gridcoin for their Boinc contributions and now its way way less thanks to this. So cheers to TomasCoin! - Yes go to slack the latest myspace and when the next facebook comes out move there.. IRC has been around since 1988 , 1991 if you want to go with more than just a few users and its not going anywhere its long known freenode is the chat support medium for opensource projects just the people that run #gridcoin dont know how to use it properly. Slack is crap.
^ This.
This and the fact that
I seem to be banned from the subreddit (my posts are not visible to anyone?), for asking about whysomeone who is TRYING to contribute to the community gets so many negative comments and downvotes.These are things that make me lose faith.
Edit: Reddit issue seems to be something technical...
Erkan, stop producing these stupid clones. It's pathetic.
https://steemd.com/@texke
Baseless accusations against people not even involved in the thread do not further the discussion.
Not involved in the thread, but the whole company upvotes the post at the same time? I guess they forgot it's all recorded on the blockchain.
Not to mention that these clone posts are always the same, spreading some Reddit nonsense, praising Erkan, with a touch of FUD in the end. Like I said, it's ridiculous.
THIS is what I'm talking about, djezes christ.
I'm a person on my own thank you very much, I made this account just to reply.
Wanne see my ID, or CPID? Here it is: https://www.gridcoinstats.eu/cpid/77e8b5f5fe415a06ddc0f23d0b612715
Boincstats? https://boincstats.com/en/stats/-1/user/detail/144356/overview (yes, I left the team yesterday)
Google my nick and you'll find out my realname you can facebook aswell if you want (warning: contents may be Dutch (the language).
Is it so much to ask to keep the professionalism higher than this, where even a simple member gets accused of something while he only wants to point out he's sick of the fights in the community and just wants to see everyone get along instead of fighting...
Antwerp? Cool! My parents go there all the time.
When your first post/comment on Steemit EVER is complaining about getting flagged, I guess you don't expect to start some high-quality discussion, do you? Low quality in->low quality out.
this is not my account
and if you want to use such dirty tactics, I will claim from now on:
You have the subtlety of an elephant in the proverbial glass shop.
Things don't have to be this way, man. Wouldn't you rather upvote some quality stuff and earn SBD? Wouldn't you rather see me upvoting your good stuff, instead of wasting my VP on downvoting this clone-nonsense over and over?
Depends! Did it hurt anybody? Did it endanger the network? Did it spawn quarrel within the circle of developers? If the answer to this is yes, then I would condemn such action. If not, then where is the problem?
He needed to try the exploit (as he says the testnet is not suitable), to make sure it works and needs to be fixed (even already providing a solution), so the timepoint is irrelevant. As long as the network does not suffer, is not this what an developer does?
Not telling his peers, acting alone, and don't forget
" [irc] TomasBrod APP [10:44 AM]
The whole 1M exploit was set up to run auto. I was not even home. "
We cannot function as a team with this behavior.
To be clear: I also prefer a clearly communicated collaboration, no doubt about that. There would have been more elegant ways. What I am intrested in is the motivation and how carefully he analyzed the situation and the impact of it. Is there anything known from the other devs? How do they think about it?
Really, @kuradikurat, flagging for a controversial opinion? Why not a comment? Flagging is not downvoting(!), and I do not see my post being spam or in any way against steemit - guidelines.
flagging is downvoting: https://steemit.com/faq.html#What_is_the_difference_between_a_downvote_and_a_flag
@kuradikurat, @theissen,
I have to apologize. The FAQs state flagging as a method to downvote, I was wrong. I relied on posts about flagging (on steemit), that had the consensus that only flagging spam and abusive content is part of the etiquette, but the FAQs say something different. The posts were obviously on how to improve flagging, not the current system. Again, my apologies!
Sorry, but flagging is the only option here to downvote content...
Thomas write the v8 kernel , so do you trust it? I don't.
Even if we disregard the fact that banning someone from crypto is an absurdity (one can rejoin the next minute with a different nickname/CPID/wallet/everything), shouldn't we also investigate the dev who implemented the staking boost feature with so many exploits? Pretty soon, all we would have left are noobz asking for bans.
So we have a dev who has ruined the 1 millionth block event to proof a point. He just could have waited till after the 1 millionth block to prove his point. Looks to me like this dev has developed some grudge againts Gridcoin.
This is very bad publicity for Gridcoin and for me it is a serious warning. Can I still trust this coin or should I move over to another coin?
If this dev stay's on the team I will surely move away from Gridcoin.
Ruined? As someone who helped put together the comm coin, I do not see anything as ruined. It is frustrating that Brod did not contact us at all before moving forward, but he did not ruin the experience... merely made it a bit more... complicated xD
Great to see that it does not affect you.
Had I helped with the comm coin I would be furious.
No offense jringo, honest, but, I'm so damned pissed about what I view as the ruining of the event and the behavior that has resulted from it, that I am actually showing it, publicly.
You can call a blackhat a whitehat , hell you can call them a pink flamingo go go dancer too it doesn't mean that they are. Its 100% fact that when Thomas first took advantage of this exploit ( yes he tried to contact Rob but thanks to Rob's wonderful email filtering nobody can ever email him ) that Gridcoin has been fucked up ever since , the community and the value and the LIE that its been due to new user influx that Gridcoin has doubled and they are all on grcpool.com. So his July 5th hack that the Gridcoin devs " allowed " him to do that was " accidentally done on the wrong network and meant for testnet " may have been whitehat'ish but now you add on the 1m block bullshit and that is blackhat. Its a fact that Gridcoin was doing great and then July 5th when he caused the 1rst superblock issue that we were lied to and told it was due to a massive new user influx basically TomasBrod owns Gridcoin because of his exploit and until we switch to v8 kernel Gridcoin your currency is safe but Gridcoin as a network and coin is not , shitty but also Thomas wrote it so what does that say the future of Gridcoin and its ties with blackhat's in its dev team and allowing them to get away with shit that effects everybody in the community. Seems no better than kikipope in my book , thanks Thomas for fucking up Gridcoin.
It IS a massive user influx. Just look at your own magnitude graph and how it has been declining since April. Way before your hypothetical, network damaging superblock.
Mine is the same but around May:
But I guess that's not as thrilling as a great conspiracy theory.
Well, I guess Brod got his point across. Gotta shake things up sometimes.
And his point being?
It is a ridiculous en damaging action.
his point being transparent and open until it hurts. Why you should not trust the gridcoin devs ? Was there any masquerade going on ? how much more in the open can you do such a thing?
By the way do you really think that all these dev teams out there with all that coins do not have similar problems ? iam long enough in the software dev environment to know exactly that they all do.
it was a big stunt and maybe personally i wouldnt have done the same. But i agree, he got his point across.
Good update
And well explained.
A little correction on names.
The hangouts are held by @cm-steem
it was bound to happen. i've been waiting to confuse your and cm's name for a while now xD
I did it two days ago, and only just realised haha. Happens to everyone...
Fixed it on my article - so thank you for making the same mistake so I can correct myself.
First of all: thanks for everyone's efforts around this coin. It is a very honorable approach to reducing the total societal cost that blockchains are generating (usually for the benefit of only a few people who are not exactly "in need").
Second: I really wonder if this radical "attack" was necessary, but in general with a crypto-project, security must come first. However, since less invested public contributors likely do not understand the nuances of this "hack", I just want to emphasize that it should always be communicated clearly that this was an attack on part of the "earning mechanisms", not an attack on the holdings. Aka THE WALLET IS SAFE. This is of course: as safe as can be - all software has problems.
Lastly: As unlikely as it may be, as long as the identity of pomegranate- is unclear, I think it would be a good idea to employ gender-neutral language, or at least say he/she ... :)
That said: Keep on mining and keep the fixes coming! The world needs a better alternative to "empty hashing".
I am pomegranate. How do I claim the coin? :)