Good to know, in my opinion the digging of clam is to allow many people to benefit, not just 1 person or entity.
I understand your concern.
In a case like this you have to assume either the following;
- Person/entity found a bug and exploiting
- Actually have all those valid addresses, which i find still unlikely
- Malicious, they stole those addresses
Although it is common practice to call claiming CLAMs "digging" or even "claiming", the reality is that the distribution is much more fundamental and less complicated.
A bug/exploit would need involve the fundamental guarantees of
all crypto currencies.
In short, there is no evidence at all to suggest there is any exploit.
There is little doubt that the user claiming does control the private keys for the coins they are claiming.
How they gained access to those keys is anyone's guess.
Based on the above,
- Have there been a 'control' check to see if there is a potential bug/exploit
- if we are saying many people should benefit from the dig, surely there should be a limit on clam clients on how many addresses they can dig, daily or over the lifetime
m2c
There is absolutely no reason to believe there is any exploit.
If there is an exploit; I highly doubt the user begins by applying it to CLAM, when there are so many juicy BTC out there to steal (It would almost certainly apply to BTC as well).
Again, a change to the "claim" process is highly unlikely; and not presently planned.