Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Discussion
Re: BTC Stolen from Poloniex
by
ionux
on 08/03/2014, 20:37:41 UTC
Quote from: IamNotSure on March 08, 2014, 07:18:38 PM
Quote from: virtualprofit on March 08, 2014, 05:36:17 PM
Quote
busoni, you need to shut down Poloniex now and try to make your users whole from your own funds and debt. Do not continue trying to run an exchange. Your post mortem indicates that you do not have sufficient programming ability to handle other peoples money - no mention was even made of database transactions, which are a basic "database programming 101" topic. Your proposed fix of checking for negative balances is wrong and indicates that your code is almost certainly riddled with other exploitable bugs.

Please do the right thing and refund everyones outstanding balances, then wind up your operation.

This comment was from Mike Hearn, senior developer at google.

And yes mike is right.  The developer of Poloniex have no knowledge about database transactions and handle code in multithreaded environment.

 

Indeed. Poloniex is probably a disaster waiting to happen. All the honesty and hard work of busoni won't change that fact.

He was already warned with the XCP bug exploit and didn't learned the lesson, although he had his get out of jail free card by being was reimbursed of the stolen BTC.

The only question here is : Will the confiscated BTC be repaid before the next disaster ?

Guys this was not a Mark K/Mt Gox type of situation.  Busoni was sharp enough to discover the hack and take measures to ensure more wasn't stolen.  Mike Hearn's comments were more "talking-down" than helpful, quite honestly.  I've read his comments on the Mt Gox situation and they were nowhere as harsh as the comment above even though the Mt Gox fiasco was several orders of magnitude larger.  The point that I'm trying to make is, everyone seems to be an armchair quarterback with the code running these exchanges.  However, the people that seem to know best aren't actually helping these exchanges get better. 

The industry average is ~ 10 to 20 bugs per 1k LOC and it's probably fair to state that bitcoind has more lines of code than a small web-based exchange, like Poloniex...  Roll Eyes  All of the finger pointing needs to stop and the community needs to help these exchanges get better.