Ive got 600 xvgs. Im not going to sell them. They mean nothing to me as you are, the verg team. Ive stopped mining xvg. A good project has been destroyed by a group of disgusting thieves. Im refraining so hard from swearing and cursing and name calling.
If you leave your door open and thieves come in and steal everything from your house, who is really at fault there..? I'm inclined to say that the responsibility is shared between you and the thieves. Thieves shouldn't exist, but they do. You were aware of their existence and you did nothing to prevent them from coming in.
In software industry there always going to be someone trying to find/exploit vulnerabilities, and someone trying to counter them. You will never be 100% secure because the solutions made by humans are by nature imperfect. The best thing we can do is become aware of the known weaknesses and try to patch them.
And here is where I challenge you:
In a project that concerns money, investments, trading and so forth. What exactly where the measures taken to assess the security of it..? You as a consumer/user of this project, what facts did you investigate and use to convince you of the security aspect of the project..? Thats the thing.. You talk about a good project, in what aspect..? Did you really investigate that it was a "good" project..? Today you read about a vulnerability that was there for 4 years. Of course this can happen (and it has) in the best companies and products. But those companies do regular security pen tests, hire security experts to do research and offer security bounties to communities. For every single vulnerability someone may find, you can be sure the companies have already found and patched a 1000 more of them.
Why don't you ask the team of your good project, to demonstrate to you, the actions they have taken in the last 4 years to assess the security status of the project..? Ask them to share with you the reports of the security assessments, to show you which security experts they invited/hired/asked for help to assess the code base. To show you how their development process exactly is, how regularly the codebase is assessed for security vulnerabilities, how and with what mechanisms do they ensure the quality of the process..?
But then again you shouldn't ask for them, that info should be publicly available right..? Or else you wouldn't put your hard earned money in a project that you are not sure if its secured "enough" (for your needs).
Thank you for the long and detailed post.
You know what? I am calling the verge team thieves. They are stealing xvgs and no one else whosoever!!!!! They can do what ocminer advised but they have closed their fucking ears. Do they have ears? I highly doubt. I didn't do enough research. But I didn't lose much money. I just only lost hope.
Fuck them. They will burn in hell with their loots.