-
Notifications
You must be signed in to change notification settings - Fork 9
/
ghostcoin.txt
executable file
·62 lines (40 loc) · 3.44 KB
/
ghostcoin.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
ghostcoin https://bitcointalk.org/index.php?topic=803667.0
Heritage: some bits of nova... but not nova
Problems:
* MODERATE: Future time drift checking is disabled. This could be used by a 51% attack to mint blocks of very low difficulty far into the future.
Notes:
Mining began right on time and blockchain and difficulty curve looks good.
genesis seed is a news evetn
What is this?
@@ -1564,6 +1684,13 @@ bool CBlock::ConnectBlock(CTxDB& txdb, CBlockIndex* pindex, bool fJustCheck)
int64_t nTxValueIn = tx.GetValueIn(mapInputs);
int64_t nTxValueOut = tx.GetValueOut();
+
+ if (tx.IsCoinStake())
+ {
+ double nNetworkDriftBuffer = nTxValueOut*.02;
+ nTxValueOut = nTxValueOut - nNetworkDriftBuffer;
+ nStakeReward = nTxValueOut - nTxValueIn;
+ }
Some early miner appears to have their clock set about 4 minutes fast
30 10/04/2014 17:05:37 0.001729 1 0 4000 4000 0 6 PoW
29 10/04/2014 17:05:36 0.00229855 1 0 4000 4000 0 6 PoW
28 10/04/2014 17:01:48 0.00229855 1 0 4000 4000 0 6 PoW
27 10/04/2014 17:05:32 0.00203263 1 0 4000 4000 0 6 PoW
26 10/04/2014 17:05:31 0.00270221 1 0 4000 4000 0 6 PoW
25 10/04/2014 17:01:43 0.00270221 1 0 4000 4000 0 6 PoW
24 10/04/2014 17:05:27 0.00361883 1 0 4000 4000 0 6 PoW
23 10/04/2014 17:01:34 0.00319305 1 0 4000 4000 0 6 PoW
Watermarks: uint64_t, pos v2, no bloom
ADDENDUM:
This coin contains a live exploit. This is similar to mysterycoin
Basically, the network protocol check that ensured the proper amount of coins were mined by each block was removed. This allowed a malicious miner to change the amount of coins mined and freely mint however many coins they wish.
There is no real reason why I missed this. The diff for this coin had more noise than usual due to difficulty in finding the exact code it forked from. But looking at my logs of what I compared it against and such, the exploit was obviously there. I shouldn't have missed it, but I did. I guess it was just a bad time when I was reviewing it and skimmed over it. I will ensure that I remain vigilent in the future and to give each coin review the proper amount of time and attention to ensure this doesn't happen again.
FIXED CODE REVIEW
ghostcoin-fixed https://github.com/GhostCoinOfficial/ghostcoin https://bitcointalk.org/index.php?topic=803667.0
Change summary:
* alert and sync keys changed away from malicious dev
* Checkpoint added
* P2P port number changed
* Stake modifier checkpoint changed (it was probably wrong beforehand)
* LAST_POW_BLOCK changed so that they do a retroactive fork to PoS