|
what https://twitter.com/wallstreetpro/status/1515368043265863683
|
# ? Apr 17, 2022 21:44 |
|
|
# ? Apr 24, 2024 18:25 |
|
And then you create a disc that two programs throw at the block and then they ride some kind of bikes that leave a solid trace of code behind.
|
# ? Apr 17, 2022 21:49 |
|
the source of this vision just might be a billion-dollar block of cocaine in realspace
|
# ? Apr 17, 2022 21:55 |
|
finally, a bitcoinman talking some sense
|
# ? Apr 17, 2022 22:18 |
|
here's a fun one: https://twitter.com/web3isgreat/status/1515715410137694218 the "beanstalk" smart contract had a wonderful system where anyone with 67% of the currency could instantly pass any amendment they wanted so someone just took out a big rear end flash loan and used their borrowed pile of money to vote for "give all the money to me specifically"
|
# ? Apr 18, 2022 02:46 |
|
"the economic model was finally starting to demonstrate its efficacy" lmao it sure did
|
# ? Apr 18, 2022 03:23 |
|
also lol at calling it a "hack"
|
# ? Apr 18, 2022 03:24 |
|
lmao https://twitter.com/web3isgreat/status/1515717007689359367 mom someone stole all my beans
|
# ? Apr 18, 2022 03:26 |
|
Is there a marbles-themed coin/platform yet? People are losing their marbles as is, but losing their Marbles would be a whole new level.
|
# ? Apr 18, 2022 04:28 |
|
they look like poo poo e: holy poo poo they livestreamed the marble races with an announcer and everything https://twitch.tv/videos/1169221419 also it seems like they cut and ran at the beginning of Nov. 2021 because their series 2 is "coming mid-october" but the account just went inactive and it never landed. also the marbles don't even show up in the little racing minigame, they're only identified by numbers and not their ugly custom textures RPATDO_LAMD fucked around with this message at 05:42 on Apr 18, 2022 |
# ? Apr 18, 2022 04:32 |
|
big fan of the downloaded a free texture pack and applied it to the base uv sphere mesh in blender aestheticRPATDO_LAMD posted:e: holy poo poo they lifestreamed the marble races with an announcer and everything https://www.youtube.com/watch?v=fMupFVahVik njsykora fucked around with this message at 04:39 on Apr 18, 2022 |
# ? Apr 18, 2022 04:36 |
|
you had me scared for a moment that they flipped jelle
|
# ? Apr 18, 2022 04:44 |
|
but does marbula one have its own discord? or a spinoff copycat project apparently created after the first one rugpulled?
|
# ? Apr 18, 2022 04:48 |
|
RPATDO_LAMD posted:or a spinoff copycat project apparently created after the first one rugpulled? marble hands
|
# ? Apr 18, 2022 04:50 |
|
I'm so glad those exist(ed).
|
# ? Apr 18, 2022 04:50 |
|
RPATDO_LAMD posted:e: holy poo poo they lifestreamed the marble races with an announcer and everything the best part is I'm pretty sure this is just a preexisting game, so you could have all the fun of watching marbles go down tracks without paying hundreds to thousands of dollars!
|
# ? Apr 18, 2022 05:35 |
|
Boxturret posted:the best part is I'm pretty sure this is just a preexisting game, so you could have all the fun of watching marbles go down tracks without paying hundreds to thousands of dollars! Yeah, I've seen other streamers use it for channel rewards or something. I don't know how it works, because I only watch clips of Limmy streams, where he makes funny noises, and that thing is sometimes in the background.
|
# ? Apr 18, 2022 06:47 |
|
RPATDO_LAMD posted:the "beanstalk" smart contract had a wonderful system where anyone with 67% of the currency could instantly pass any amendment they wanted
|
# ? Apr 18, 2022 10:36 |
|
Jack, going back to his mom having sold the family cow for Beanstalk tokens: "mom, all my Beans gone"
|
# ? Apr 18, 2022 11:16 |
|
Shame Boy posted:lmao Hijack and the Beanstalk
|
# ? Apr 18, 2022 12:00 |
|
NoneMoreNegative posted:Hijack and the Beanstalk thread title
|
# ? Apr 18, 2022 12:19 |
|
Shame Boy posted:lmao I'm dying at this
|
# ? Apr 18, 2022 17:16 |
|
well it doesn't sound like the code was exploited as such? the code did exactly what they designed it to do. the problem is that what they designed it to do was stupid.
|
# ? Apr 18, 2022 18:08 |
|
NoneMoreNegative posted:Hijack and the Beanstalk
|
# ? Apr 18, 2022 18:11 |
|
jack and the beanstalk, the story of a guy getting scammed then robbing and murdering an unrelated third party, perfectly bitcoin
|
# ? Apr 18, 2022 18:25 |
|
Hammerite posted:well it doesn't sound like the code was exploited as such? the code did exactly what they designed it to do. the problem is that what they designed it to do was stupid. right, it wasn’t a bug in the code but an oversight that allowed a flash loan attack (i.e. what happens if someone with a lot of money is a bad actor) but flash loan attack vectors are exactly what auditors like omniscia claim to claim to find for their clients https://omniscia.io/about-us#services
|
# ? Apr 18, 2022 18:31 |
|
buttcoin: what they designed it to do was stupid
|
# ? Apr 18, 2022 18:43 |
|
flash loans are kinda cool (and also hilarious) because you can loan millions with no collateral because the smart contract ensures it's paid back in the same transaction, and if it's not paid back the transaction will simply never happen they are of course utterly useless for Real Finance stuff, but it's one of those curious things that could only exist in the anarchy of the blockchain world
|
# ? Apr 18, 2022 18:47 |
|
isn't HFT on stock exchanges also done with flash loans? I remember reading explanations of how it works and it seems insane from a human perspective
|
# ? Apr 18, 2022 18:55 |
|
haveblue posted:isn't HFT on stock exchanges also done with flash loans? I remember reading explanations of how it works and it seems insane from a human perspective not as far as I know, HFT is done by companies with billions of cash and stocks, because authorizing a loan, even a flash one, would cut into the precious nanoseconds you need to front run your competitors
|
# ? Apr 18, 2022 19:05 |
|
someone doing HFT would have a credit line with the bank anyway where all their poo poo clears as long as it’s below $X
|
# ? Apr 18, 2022 19:14 |
|
NoneMoreNegative posted:Hijack and the Beanstalk
|
# ? Apr 18, 2022 19:31 |
|
Booyah- posted:right, it wasn’t a bug in the code but an oversight that allowed a flash loan attack (i.e. what happens if someone with a lot of money is a bad actor) the flash loan isn't actually the core issue though, it just makes it more absurd. the issue is that it was designed so that 67% of the pool could steal all the money.
|
# ? Apr 18, 2022 20:06 |
|
if I'm reading the description correctly, it sounds like a proposed change has to both be proposed 24 hours in advance AND get a 2/3 majority which either means that the creators of the coin didn't notice a new proposal that was "give me all your money" had been introduced, or they were unable to revoke the proposal
|
# ? Apr 18, 2022 20:11 |
|
once you've stolen all the beans how are you turning that back into real bux? are there people who would still be in the market to buy the beans?
|
# ? Apr 18, 2022 20:13 |
|
Baxate posted:once you've stolen all the beans how are you turning that back into real bux? are there people who would still be in the market to buy the beans? from what I can tell the stolen beans were exchanged for as much of the base etherum currency as possible. it wasn't possible to convert all the beans, so the hackers abandoned the rest in a temporary account. converting ethereum into bux is presumably easier than random shitcoins
|
# ? Apr 18, 2022 20:18 |
|
I think the way some of these things work is that everyone buys in to the coin with various other, more liquid, coins, then the new coin is supposed to be backed by the pile of other coins in a wallet somewhere. Then most of these things end with the creator taking all the money out of the backing wallet, making the new coin worthless. Not sure though, there's so many different coin scams it's hard to tell which is which
|
# ? Apr 18, 2022 20:18 |
|
Chalks posted:the flash loan isn't actually the core issue though, it just makes it more absurd. that's true, the actual problem was basically "what if someone buys a super majority of votes and just transfers all the ether to themselves" from their post mortem it sounds like they didn't even notice the proposal that was added 24 hours prior to the instant vote Baxate posted:once you've stolen all the beans how are you turning that back into real bux? are there people who would still be in the market to buy the beans? what's happening is people deposit their actual ether in the swap to receive beans, so that they can "cash out" their beans back to ether later when selling them to the bigger fool attackers like this create scenarios where they can just transfer out the ether that everyone else had deposited, rendering all beans worthless because casino no longer has the deposits people traded for their casino chips
|
# ? Apr 18, 2022 20:25 |
|
I wouldn't be surprised if there's no mechanism to permanently deny a proposal. they would have relied on obviously malicious proposals being unable to attract a majority forever, because that's ideologically comfortable
|
# ? Apr 18, 2022 20:30 |
|
|
# ? Apr 24, 2024 18:25 |
|
ymgve posted:if I'm reading the description correctly, it sounds like a proposed change has to both be proposed 24 hours in advance AND get a 2/3 majority the creators being unable to revoke the proposal is intentional, so it can be ~distributed democracy~ the flaw that the auditing company pointed out in their post-mortem (after failing to find any issues in the pre-mortem audit) is that money can vote on a proposal even if the money enters the ecosystem after the change is proposed. if the protocol required you to have already had your 67% staked before the proposal was introduced, and disallowed votes on proposals older than your stake, it would be impossible to flashloan attack. you'd need to actually hold the money/debt for at least 24 hours before you could smash and grab. of course that wouldn't do anything to protect it from old fashioned malicious whales, but those people would never* torpedo a project for personal gain since they are invested in it themselves (*) except the several times that actually happened Baxate posted:once you've stolen all the beans how are you turning that back into real bux? are there people who would still be in the market to buy the beans? the attacker actually generously left 100% of the beans behind. they only took the non-bean currencies as long as you remember 1 bean = 1 bean you basically didn't lose any money! only useless bitcoin/usd/ethers RPATDO_LAMD fucked around with this message at 20:33 on Apr 18, 2022 |
# ? Apr 18, 2022 20:30 |