Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Pools
Re: [PPLNS] BTC Public Mining Pool
by
analpaper
on 12/11/2016, 17:53:08 UTC
Quote from: kano on November 12, 2016, 02:53:42 AM
Quote from: analpaper on November 12, 2016, 02:47:13 AM
Quote from: wmabern on November 11, 2016, 12:09:41 AM
Quote from: kano on November 10, 2016, 11:51:08 PM
This guy is a scammer - miners beware.

See here:
https://bitcointalk.org/index.php?topic=1675588.0

Kano, thanks for keeping newbies and others aware of shady characters. Not that I would dream of moving from Kano.is, but some people could be taken in. As usual, good work!  Smiley

yep, good work killing a non-profit pool asking for donations to local charity organizations (<< to who did/enjoyed it).

im not able to proof that im not a scammer, but shady is effectively incorrect. just browse the internets.

also, im going to maintain online the website (pool service is killed and warning texts displayed), just to keep the memory alive, you know, for newbies.

i would like to suggest to kano to add a config option in cgminer to each pool to set a expected string that the coinbase must cointain.
cgminer must disconnect as soon as it is missing the expected string, and pool operators could notice quick any hack soon after all miners left the pool at once.
doesn't seems so dificult to implement this easy security condition (if you really wanna help newbies/operators).
This is bullshit.
You have the code to the proxy in your git to do exactly what you are doing.
https://github.com/ctubio/php-proxy-stratum
Code:
php-proxy-stratum

ReactPHP stratum+tcp proxy between miners and pools with database and minimal web interface.

Used to demostrate how pools steal your hash by renaming worker names and redirecting the hashrate.

Used² to recommend you to mine only on trusted (self owned!) pools.

the creation of php-proxy-stratum was what make me think of having my own bitcoind/ckpool (a year ago)
i wanted to create a proxy for merge many miner connections into a signle conn to a pool but meanwhile i discovered how easily pools steal the hash of the miners with the agreement of authors of mining software.

you (mining software authors), simply need to allow miners to have 2 new config options:
- expected coinbase
- expected btc address

why this config options do now exists? and why mining software is not interested into validate this?

btw, im not able to explain wtf happened here. since effectively solo.mining-pool.io was compromised, i took a snapshot of the disk and killed with fire the running instance.