Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
by
WanderingPhilospher
on 08/09/2025, 13:07:13 UTC
Quote from: FrozenThroneGuy on September 06, 2025, 05:57:02 AM
Quote from: POD5 on September 05, 2025, 08:24:15 PM
Quote from: zahid888 on September 05, 2025, 08:16:20 PM

This isn’t my program — it’s originally by @FrozenThroneGuy. I just made a few tweaks here and there… maybe around a thousand extra lines of code Tongue

Yes, Dookoo2 is the creator of Cyclone having had his illumination from JLP VanitySearch and he also has the merit of having added GPU version.
There were some other good derivations, but they went fishing... After deleting their whole GITHUB repository, because they feel atacked or offended by someone here at BITCOINTALK...  Cheesy

You right:) But I rebuilt my own pool for a better security, I will start it on Monday:)
What i have done already:
1. TLS between client and server either OPENSSL lib
2. TLS pinning for preventing private key stealing (SPKI).
3. HMAC-SHA256 verification for each client message + timestamp + nonce.
4. Each client has their own key for srv connect.
5. Fail2ban for preventing trash request.
6. Rate limit for key request.

Try to use spoofing after upgrades:)


The sad part is, you were told and warned that there was no security in your (old? older?) pool, but you did not listen.
You didn't even know about all the issues prior pools faced and how they implemented x y and z to combat said issues. It took some spoofing for you to finally understand and change. But ultimately, you are playing catch up to what other pools have had. And IMO, you are still overlooking some things.

It's good you finally realized some things, but you haven't realized all things.

Also, as you stated, "...my own pool..."; is very accurate, it is your own pool and YOU are the only one who has access to the key, if found. So now people have to "trust" that you do the right thing? LOL... Unless you changed it, you were also going to keep 1 BTC for yourself...which is also a red flag, to me anyways. I know some will join and run some hash power, but will most likely be people you know and yourself. You've offered a less secure pool, with less payout and the biggest flag, it requires people to trust you do the right thing, AND the searching program is slower than other VS forks/versions. Why would anyone in their right mind join?