/biz/ - Business & Finance

AVAX requires nodes to be online
AVAX nodes even keep track of each others uptime
AVAX nodes each keep their private keys of their stack they stake and vote with
In the memory of the process

This means only a single remote code exploit in the node software
Boom your keys your avax are gone

Bitcoin doesnt work like this
A node doesnt need keys at all
Bitcoin is secure even if node is exploited

And bitcoin nodes also had remote code exploit

AVAX nodes, the security model is totally different
Educate yourself chumps

>>26383109
Any response from your mental health practitioner? Is lobotomy still the only treatment for your mentalism?

>>26383191
take your meds schizo

>>26383314
You’re literally projecting while conversing with yourself in your own thread.

>>26383109
HAAHHAHAAH AVAX LITERALLY BTFO!!

>>26383109
Rubic.

>>26383109
Based AVAX destroyer

>>26383109
Don't know what any of this shit means lol still buying for my 5x

dipshits, we tried to warn you about the fucking turkish roach shills that were relentlessly shilling this trash. these subhumans infest 4chan, you don't get it.

https://twitter.com/DastardlyDaniel/status/1352620577631166464

You've been refuted multiple times. At this point your motivations are obvious. Or you're some shatix pedot shill that saw that other anon fudding and refuted (While he agreed he was wrong here:>>/biz/thread/S26367324#p26371766)) and just copy paste it everywhere because it's higher level fud that retards can easily fall into.

>>26383455
3x tops. Remember the unlocking schedule, come March there gonna be a dumpening
Looking beyond that in my magic 8ball it says the dumpening will be immense once its more widely known outside of /biz/ the lack of security on this network. Which will be in June
The price graph will then look like a classical shitcoins graph

>>26383615
of course he's a seething lamix/pedodot shill.

>>26383615
> DastardlyDaniel
Literally who?
Wow such great argument, much technics just say debunked.

>>26383630
yeah it will dump to 0 like it did in december during the last unlock. keep seething rakesh

>>26383437
he's beautiful...

>>26383455
It means AVAX is the new ICON
It means pic related

>>26383688
DentaCoin
BitConnect
IOTA
Oyster Pearl
RaiBlocks

and many many more
but sure place your money in a network 1 hack away from suffered a stolen

wow, imagine holding avax right now. must feel bad man

>>26383746
He's my son, proud of him

>>26383765
What about Rubic?

>>26383109
oh my goodness I think you don't even understand the very basics. FUD

>>26383765
>1 hack away from suffered a stolen
ok rakesh, bought 100k more. see you at 100$

>>26383890

>>26384059
Imagine being this emotionally attached to a coin
They're not even holding bags yet, they should be thankful to the anon who's telling them about this shit they know nothing about

>>26383765
>>26384059
What about Rubic?? Are my tendies safe too??

>>26384178
rubic is scam don't get fooled by the indian scam

>>26384178
cant care enough to take a look at it

>>26384251
Why you care about AVAX but not my Rubic?

>>26383109
I sold. Had a good run. But this "ETH KILLER" is clearly dog shit, like most of the others.

>>26384320
Avax claimed novel consensus algorithm which piqued my interest
Rubic is what?

>>26384397
Will enjoy you serving my cocktails at the citadel pleb. Unless this is high tier FUD in which case keep it up brother

should i move my AVAX to ALGO?

I almost feel bad for all the people staking that cant sell now and have to hide the pain
Should have done their research

Question of muy importante when reading any whitepaper "what happens to the consensus rules when wormable exploit hits the nodes"
For some projects the block producer nodes are separate from block validators for this reason
For bitcoin its the same, miners and nodes perform different tasks
Another question to keep in mind is if the consensus decisions are immutably recorded or done "by the side" and thrown away.

>>26384703
You don't have any proof of what you're saying. Are you a hacker who alone has an exploit where you could take everyone's Avax? Nothing you've said is backed up. I'd probably an hero.

>>26384688
Fine choice

>>26384781
Im a white hat, the most relevant for this discussion is a remote code exploit I found in a shitcoins wallet in 2017 when it was still in top 30, wormable and I could have stolen everyones funds.
Its only a matter of time before a RCE is found in avalanchego, since it has such a huge attack surface.
The proof is, see the consensus description of avalanche, read the source code and see yes in fact the nodes sample each other, send messages and vote for reaching decisions based on their staked funds. To do this the nodes must be online. Thats why avalanche has node uptime requirement of 60%. Otherwise the liveness property of the network is unfulfilled.

This is a design flaw really, I raised it in different forums in 2018 summer after that Snowball team rocket paper, and people just well yeah thats an issue we will solve it later. But later is now and issue is unsolved.

>>26383109
I ditched the entirety of my AVAX for a 50% portfolio of ADA. I hold some ALGO too but fuck, ADA is really the only good long term ETH competitor

>>26385056
aaaaaaaaahahahaha so much bullshit. tell me the exact point where you want to attack. I know the technology behind avax pretty well and you seem to be a kiddo that wants to be cool on the internet pretending to be a hacker.

>>26385170
did you know that ADA, LINK and AVAX are working together? These projects will interact with each other.

>>26383183
>AVAX nodes each keep their private keys of their stack they stake and vote with
>In the memory of the process

Source? Seems to me like they keep staking keys, not private keys, in memory. staking key gone = idgaf I lose nothing

>>26385056
https://github.com/ava-labs/avalanchego/blob/master/node/node.go

Which line is the exploit?

>>26385236
Share more I’m intrigued

>>26385186

> tell me the exact point
I told you

> I know the technology behind avax
Sure you do chud

>>26385238
Why does the staking key need to be kept secret?
Because that key has a vote equal to the funds staked for that node.
Take that key by taking over a node, and you control the consensus decisions of the network.

For a more fun attack you dont need to take even 80% of the network nodes but its enough with 24% if you can select which nodes.

You see now, the entire security of avax rests on never having a RCE in the nodes.
While for better coins even when 90% of the nodes are taken over the attacker cant affect consensus decisions.
Polkadot for example separates the block producers from validators for this reason.
Algo is fine too.

>>26385437
>>26385263
The project was last updated on December 17th, 2020. You said you found the exploit in 2017. Here is the source code updated: https://github.com/ava-labs/avalanchego/blob/master/chains/manager.go

Which line is the exploit?

>>26385298
oh my god how old are you? 12?
you have absolutely no idea what you are talking about kiddo. please just stop that's cringe.

>>26385746
it was another shitcoin dumbass
avalanche whitepaper came out in 2018

>>26385804
great technical discussion there mr "hurr durr I know tech behind avax"

>>26385955
I am trying to have a technical discussion with you right now by asking the line of the exploit showing you the source code. Are you insinuating that go is not a safe programming language or that the AVAX Labs dev are incompetent?

>>26386125
As if I would just tell you what or where the exploit is? Responsible disclosure, bug bounty. You absolute unit

Go is not a safe language no, rust is better for that but best is of course Ada SPARK
Devs are competent but no dev team can produce a software without vulnerabilities
especially not a complicated one as avax if you think avalanchego is already audited and the entire software stack wont have a RCE ever
well then I have more shitcoins to sell to you my fren

>>26383578
this

>>26386247
you're a dwarf compared to emin when it comes to security in crypto dude, just saying.

>>26386125
What do you think the exploit is, that they put i>0 instead of i>1 somewhere on the code? lol
He explained to you that the failure lies in the consensus algorithm and explained you how. It's not that they forgot a fucking comma in the code you fucking moron

>>26386247
Ada SPARK for their compatibility with the Raspberry Pi I wonder. If that is your point, I am pretty sure that it is possible to have the nodes in Azure: https://docs.avax.network/build/tutorials/nodes-and-staking/set-up-an-avalanche-node-with-microsoft-azure
Doesn't this fix this security flaw?

>>26386371
Maybe you can refute my arguments instead of eating shit or makin appeals to authority

Emin is a theoretically inclined professor. His twitter handle is el33hax00r, so cringe. Theorists always get hit by the real world. Such as assuming software wont have security vulnerabiliites when designing a consensus algorithm.

>>26386527
You didn't answer my question >>26386449 .
The core of your argument against AVAX is really

>assuming software wont have security vulnerabiliites when designing a consensus algorithm

?

Because if it is, it is a very generic argument for a very specific coin

>>26383109
>be this anon
>FUD everyday for hours about an AVAX exploit
>even spend time making memes

Show us the exploit
>lul, i can totally do it, im just too moral

token unlock in 41 days
mega dump incoming

They still have some of the best memes.

>>26386786
Thank you anon, I was almost about to be shaken out by this fud

>>26386449
Ada SPARK is a formal language nothing to do with raspberry pis or azure.

>>26386786
The argument is avax is hit worse than other coins also suffering from sec vulns due to avax novel consensus

Really just a failure of a professor making a design where the world is perfect when its not. Avax consensus is really elegant otherwise. Very elegant, piqued my interest.

>>26386894
Always DYOR anon

>>26386953
I see, now to what degree of chance is this likely to happen in real life?
You see, sites like this https://walletgenerator.net/ have a small chance of generating the private code for the seed of a bitcoin wallet, but I do not see you ever complain about Bitcoin

>>26387070
Strawman arguments from you again which is irrelevant

Chance that avalanchego has a sec vuln is 100%
Ive explained already many times such a vuln affects avax much worse than when bitcoin nodes got hit

>>26383109
You fucking idiots convinced me to buy avax at the top today.

>Hurr durr best time is now

It's now 12.7 you fucks.

>>26383109
>look at me i am a super special security expert white hat
>i have raised so many valid points about avax nodes
>avax, a literal team of genius autists is too stupid to figure this out
>but i figured it out and so everyone trust me and sell
this is what you sound like faggot

>>26387237
why would you buy the literal top retard, jfc just wait a minute

Just hold 2 years

in addition ordering manipulation is an incentive to break the consensus protocol
nice posts OP

>>26387315

I asked in a thread should I buy at 13.3 and everyone said yes. Fucking idiot moon boy shills.

>>26383109
please keep reposting this fud because I need to accumulate more

Send me algorand tip if you liked this fud or critique

HFRECYR2WGPPO2VTHPS74UKHNYGPPGS5UTKPTTMOSDWWJAZOXAVHSDTZNA

>>26387394

Do you think this has any impact at all? kek

>>26387257
Wrong I didnt tell you to sell, I said itll x3
Because ppl are stoopid and markets irrational

Yes I am that damn good that I can critique a consensus design made by top people in cryptospace, so what there is many like me
There is many more like you tho

>>26387501
autists here single-handedly made the price of rubic go up from $0.005 to $0.20 so anything is possible

Notice my Id contains hax
Nice

>>26387534
>>26387620
>>26387734
bumping you

>>26387994

>>26387534
>3x
>Because ppl are stoopid and markets irrational

Why not more / less than 3x?

I am genuinely interested in learning, OP

>>26385437
>Take that key by taking over a node
the AVAX node doesnt store the key anywhere.

>>26389004
Read the rest fren

>>26387352
>I asked in a thread should I buy at 13.3 and everyone said yes. Fucking idiot moon boy shills.
retard

>>26389950
you are a brainlet that doesnt even understand how the Avalanche consensus works or what a sybil control mechanism is lmao.

>>26387417
>algorand
ah there we have it, Algorand is a centralized slow piece of shit that goes nowhere and that nobody will ever use.
give it up mongoloid or watch how AVAX will kill it together with your poorfolio.