Please Update To v10.14.1 - Masternode Security Update

olymp

New Member
Sep 3, 2014
21
4
3
after update i got this:

2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED
2014-10-08 20:13:46 dsee - Got mismatched pubkey and vin
2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED
2014-10-08 20:13:46 dsee - Got mismatched pubkey and vin
2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED

Is this mean that i have to start from 0?
 
  • Like
Reactions: Light

oblox

Well-known Member
Aug 6, 2014
1,032
537
183
after update i got this:

2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED
2014-10-08 20:13:46 dsee - Got mismatched pubkey and vin
2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED
2014-10-08 20:13:46 dsee - Got mismatched pubkey and vin
2014-10-08 20:13:46 ProcessMessage(dsee, 217 bytes) FAILED

Is this mean that i have to start from 0?
No, it means it's rejecting the spoofed MNs.
 

stonehedge

Well-known Member
Foundation Member
Jul 31, 2014
696
333
233
The inability to 100% squash this kind of issue instantly is probably the only downside of being anonymous and decentralised!
 

OnetyOne

New Member
Aug 4, 2014
34
19
8
Forgive me if I'm wrong but wasn't the masternode patch a fix that only minimizes the current en prevents future damage? So it comes down the exploited masternode owner himself to update it or not, he can choose to keep it running and maximize his profits (till enough network compliance is met).

I've been watching his masternode adress and it's income has been steadily declining over the past day, probably due to the compliance of the other MN's and clients wich is rising. But what would be the impact if someone is not so willingly to coorperate?
 

HinnomTX

Active Member
Jul 22, 2014
166
196
103
Forgive me if I'm wrong but wasn't the masternode patch a fix that only minimizes the current en prevents future damage? So it comes down the exploited masternode owner himself to update it or not, he can choose to keep it running and maximize his profits (till enough network compliance is met).

I've been watching his masternode adress and it's income has been steadily declining over the past day, probably due to the compliance of the other MN's and clients wich is rising. But what would be the impact if someone is not so willingly to coorperate?
The rogue client is not actually a masternode owner. He/she is not staking any coins for the exploit. He/she can keep the exploit running indefinitely. However, the rogue's future earnings will evaporate as more peers upgrade to 0.10.14.x. There is a stricter version of masternode payment enforcement which is in the works, and rumor has it will require a hard fork. This will cut off the exploit for good.
 
  • Like
Reactions: OnetyOne

stonehedge

Well-known Member
Foundation Member
Jul 31, 2014
696
333
233
Just an observation but since this exploit my EC2 CPU and bandwidth usage has nearly trebled. Very, very odd. Almost like my iptables rules are being hammered... Will do some snooping.

EDIT: Nope, darkcoind is just working a lot harder and a lot more data is passing through!
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
He still got 15 payments today, and now has a little sister called XixmyNSGGGXEJEzKghoRnTto5ZVhficSek
I just brought up your post in the #darkcoin channel on freenode and elbereth said:

[12:46:06] <elberethzone> moli: only one block found with that pubkey
[12:46:24] <elberethzone> could be that it was a mn not yet in the list of the nodes on drk.mn

Where did you find this address?
 

crowning

Well-known Member
May 29, 2014
1,415
1,997
183
Alpha Centauri Bc
Forgive me if I'm wrong but wasn't the masternode patch a fix that only minimizes the current en prevents future damage? So it comes down the exploited masternode owner himself to update it or not, he can choose to keep it running and maximize his profits (till enough network compliance is met).

I've been watching his masternode adress and it's income has been steadily declining over the past day, probably due to the compliance of the other MN's and clients wich is rising. But what would be the impact if someone is not so willingly to coorperate?
I just brought up your post in the #darkcoin channel on freenode and elbereth said:

[12:46:06] <elberethzone> moli: only one block found with that pubkey
[12:46:24] <elberethzone> could be that it was a mn not yet in the list of the nodes on drk.mn

Where did you find this address?
Over at elbereth's site: https://drk.mn/blocks.html

His site is stuck, so this address is still at the top of the list.
 

LonnieDRR

Member
Jun 24, 2014
103
41
78
Canada
Is there a problem with the new Mac wallet?? I can't install it on either of my machines. It just hangs on "loading" and never opens. Had to go back to the 9.13.15 wallet. Nobody responded to my previous post about it. I know most all you guys are on windows...
 

hard_forker

Member
Jun 20, 2014
41
14
48
Is there a problem with the new Mac wallet?? I can't install it on either of my machines. It just hangs on "loading" and never opens. Had to go back to the 9.13.15 wallet. Nobody responded to my previous post about it. I know most all you guys are on windows...
Sorry, mine is also working fine on Maverics
 

LonnieDRR

Member
Jun 24, 2014
103
41
78
Canada
If i upgrade from the non dark send wallet to the new version it doesn't work. If i upgrade from the old darksend version, then it works. Cant upgrade directly from 9.13.15 to the new one.

I guess Ill have to transfer my coins to my other computer and fresh install the new wallet.
 
Last edited by a moderator:

LonnieDRR

Member
Jun 24, 2014
103
41
78
Canada
thats basically what i did. Transferred the coins to another laptop, then wiped the old wallet and reinstalled a fresh one. And made new backups. Works now. thanks.
 

elmad

New Member
May 27, 2014
13
5
3
He still got 15 payments today, and now has a little sister called XixmyNSGGGXEJEzKghoRnTto5ZVhficSek
Is it possible that a pool or a big miner is using the bug? How works the voting system?

This miner http://explorer.darkcoin.io/address/XhBLSR1HhoaWrdGgrjCHxJkCWWiFFhveHs pays ever the same fake masternode without 1000 drks XixmyNSGGGXEJEzKghoRnTto5ZVhficSek

Here it's evident:
http://drk.poolhash.org/masternode.html?srch&nmstr=XhBLSR1HhoaWrdGgrjCHxJkCWWiFFhveHs
 
Last edited by a moderator:

eduffield

Core Developer
Mar 9, 2014
1,084
5,319
183
Is it possible that a pool or a big miner is using the bug? How works the voting system?

This miner http://explorer.darkcoin.io/address/XhBLSR1HhoaWrdGgrjCHxJkCWWiFFhveHs pays ever the same fake masternode without 1000 drks XixmyNSGGGXEJEzKghoRnTto5ZVhficSek

Here it's evident:
http://drk.poolhash.org/masternode.html?srch&nmstr=XhBLSR1HhoaWrdGgrjCHxJkCWWiFFhveHs
Definitely not an exploit. Like I said before, I don't think this solution will get masternodes paid beyond 95% of the time. There will be some bad pools gaming the system. In this case it's a rouge solo miner, paying himself the extra 20%.

v10.15 addresses this and is not exploitable. But I'm still working on it. We'll get there, one step at a time :)
 

Walter

Active Member
Masternode Owner/Operator
Jul 17, 2014
231
201
103
Definitely not an exploit. Like I said before, I don't think this solution will get masternodes paid beyond 95% of the time. There will be some bad pools gaming the system. In this case it's a rouge solo miner, paying himself the extra 20%.

v10.15 addresses this and is not exploitable. But I'm still working on it. We'll get there, one step at a time :)
It's probably Sojayxt having a run at your bet ;)
 
  • Like
Reactions: fernando