Re: [ANN][XEL] Elastic Project - The Decentralized Supercomputer
Right now, testnet tokens are just "free" anyway, you can basically mine proof shares without actually doing the job's work... so if I need some coins I'll just "take" them from the network! 
(But that is another bug, for another day...)
(But that is another bug, for another day...)
So I guess that today is as good a day as any....
Let's look at an (only slightly more) interesting and fun bug, which we'll call "HMC bug #6" but which is more generally known as "basic work stealing." (Note that XEL is not the first design to encounter this problem!)
[...]
I'm impressed!!! Thank you so much for sharing your thoughts with us!
I have implemented a fix in the development branch! The most interesting part happens here:
https://github.com/OrdinaryDude/elastic-core/blob/development/src/java/nxt/Attachment.java#L274-L429
1. Miners have to provide a <=32byte long "seed" called the "multiplicator" instead of the direct integer arguments.
2. Then a random number stream is derived from the public key of the sender, the workId and the 32 byte long seed by hashing those values using sha256.
3. This random number stream is then used to obtain exactly 12 random integers which are then passed to the ElasticPL program.
Hijacking other people's proof of work therefore should be no longer possible. All that comes at the cost of an additional effort to compute the sha256 hashes for the random number inputs at the miner's side.
THANKS FOR SHARING!!! I HOPE TO GET MORE HINTS ON HOW TO "DECONSTRUCT" XEL SOON ;-)!!
EDIT: Miner has also been updated on the development branch!