/biz/ - Business & Finance

>>8419577
nootropicat... so hot right now.

Reputation can only be gained from randomly assigned jobs where the data source is comfirmably publicly accessible.
Fixed.

Holy shit this guy is still going?

He fucking convinced me to dump my link. The datasource api can just cryptographically sign the data and one miner can be paid in ether or whatever currency to retrieve the data. 100x more effiecent and more secure since it is secured by math and not rule of majority.

Should not have listened to autists on 4chan but rather on clever redditors.

>>8420105
what will it take to convince you to stop shitting upon the streets of mumbai?

>>8419825
So you're smarter than vornth?

Don't you think it's pathetic that the technical community manager gets BTFO by some reddit nobody?

Doesn't it make you question whether or not they thought things through before publishing their white paper?

>>8420573
Yes anon some random redditor is smarter than Ari Juels, the Zeppelin team, all of REQ, HCL Technologies, SWIFT, DocuSign and everyone else.
He didn't even read the whitepaper but he completely BTFO the developers with his surface-level elementary hypotheticals. How will they ever recover?

Honestly though can you stop shitposting. This meme stopped being funny the first day you started doing it.

>>8420706
holy shit, just sodld 100k

>>8420706
You forgot the part where this guy asked his surface-level elementary question and CL DIDN'T HAVE AN ANSWER FOR IT.

I don't care how many names you throw at me, if the CL team (and vornth specifically said the team, not himself) can't provide a satisfactory answer to such an "elementary" scenario then that puts into question the feasibility of their entire tech

I hope you guys know what you're talking about. I don't fall in love with my bags and my rational side gets a little anxious when rather than a logical refutation the only defense I see in these threads is you think you're smarter than x, y, z...

You realize thomas is just there to placate the neckbeards so no one goes rogue and sabatoges the project? They routinely withhold information and don't give full answers to questions. In any case there are many different ways to prevent this and I have no doubt Andrew Miller and Ari Juels have or can think of ways to mitigate this risk. I'm sure everyone here realizes the obvious one.

>>8420706
>Yes anon some random redditor
>argument from authority

The whole point of pseudonymity is to have discussion based on merits

>>8420573
Reputation farming is such a basic scenario that I'm shocked they don't have an answer for it and even more shocked that they hadn't even considered it. It literally throws their entire manual selection process off which was a feature they were heavily touting. This is some legit FUD

>mobius pays some guy to fud link and at the same time fish for info on how they solved problems that their team is stuck on

Can someone give me a link for that discussion?

>>8419734
He's like a superstar now. And all his fud is shit that has been dispelled on /biz/ months ago.

>>8421000
https://www.reddit.com/r/Chainlink/comments/84u52s/can_someone_answer_this/

>>8420959
I wouldn't be surprised desu

>>8419577
Thanks, just bought 100k

>>8420105
Yeah buddy 100x more secure... until that single node fails. Or the power goes out.

AAAAAAAAAAAAAAHHHHHHHHHHHHH
YOU WILL SEE!!!
SERGEY WILL TAKE US TO THE MOON!!!
WE'LL REACH PLANET $1 AT THE END OF THE MONTH

>>8421041
thanks anon

vornth:
>For the node selection process, nodes that are able to retrieve the requested data would first signal (and pay the penalty deposit if required) that they would accept the job
nootropicat:
>This seems vulnerable to DDOS. If I see an exploitable contract being offered I have an incentive to DDOS other nodes so that only my own are able to respond.
vornth:
>Although I don't see how you would pull off a DDOS on other nodes.
n:
>I can easily get lots of node ips by offering many jobs for my own api.

I think what he means is first farm reputation and collect competitors' IPs. After that ddos collected IPs to knock competing nodes out. Attacker can obtain majority as a result.
Sounds like something hard to defend against. Any ideas?

>>8420927

Simply put, decentralized reputation is a hard problem, and many dApps are going to struggle with it.

There's research into it, however.

https://eprint.iacr.org/2017/156.pdf

>>8421280
fuck can someone answer this
all his arguments are getting to me
I'm losing my faith in link

>>8421487
So sell.

Where is you Assblaster nigger !!??
I will pump your ass to $1k asap !
Show yourself nigger and I will wreck yo ass !
C'm'ere nigger and I show you real pump nigger !!

>>8421280
DDoSs are fairly easily mitigated these days. it's not an issue for smart node operators.

>>8421487
>LINK is intrinsically worthless. Node operators can be payed in existing cryptocurrencies. Just look at the testnet right now, it only accepts ETH instead of LINK lmao. It means that ETH can easily be substituted for it, that is, if someone wants to fork the token to accept ETH (an established cryptocurrency instead of some fucking ERC20 token made with a two-man team), LINK is basically useless. That is besides the fact that everything LINK aims to do can be easily done by cryptographically signing the data from the API source.
>>muh next ETH
>Link, 5 months in: 35 cents (3.5x ICO)
>Ethereum, 5 months in: $5.50 (17x ICO)
>Uh oh, pissed stinker incoming HAHA.
LINK is intrinsically worthless. Node operators can be payed in existing cryptocurrencies. Just look at the testnet right now, it only accepts ETH instead of LINK lmao. It means that ETH can easily be substituted for it, that is, if someone wants to fork the token to accept ETH (an established cryptocurrency instead of some fucking ERC20 token made with a two-man team), LINK is basically useless. That is besides the fact that everything LINK aims to do can be easily done by cryptographically signing the data from the API source.
>muh next ETH

Link, 5 months in: 35 cents (3.5x ICO)
Ethereum, 5 months in: $5.50 (17x ICO)

Uh oh, pissed stinker incoming HAHA.

>>8421487
Intel SGX

>>8421620
where is assblaster? what on earth happened to assblaster? ASSBLASTER?!?!

Have to love the chainlink devs, any hard question comes up they go off into long tangential paragraphs about their plans for the future instead of actually giving simple answers.

>>8419577
It's actually very simple
don't include reputation gained from manually chosen nodes

Problem solved

>be API
>install ETH oracle
>everybody who wants to use your data in smart contracts now has access
what am I missing

>>8421815
yeah that's his original point, that api providers are going to start selling data directly

>>8421815
A brain

wheres the "were all in this together" retard lmao

>>8421868
Doesn't this FUD decentralization as well

Expecting biz to know anything about link besides memes kek

>>8421868
and why wouldn't they? he's saying they'd sign the data and somebody else would be the oracle, but the providers can also make their own oracles directly for very little effort. just don't see how it's gonna be any different

>>8421886
very rude

>>8421948
the data has to come from a single source anyway

>>8419577
Except it did and your fud is shit

Bought 2500@.29 = comfy

>>8421650
wow you completely fucked up that pasta

>>8420862
this
I'm also sure Sergey will run a shitload of his own nodes to overpower any potential attack
that's why they are careful with spending ico money now, because they will need it later too.

They cannot reveal all the ways they will counterfight bad actors right now

>>8421982
What was the answer

>>8422112
>I'm also sure Sergey will run a shitload of his own nodes to overpower any potential attack

If most nodes belong to Sergey that would make chainlink a centralized oracle company...

>>8422112
the fact that they'll need to devise plans to counteract bad actors isn't reassuring. it should be at the core of their operations.

>>8421815
>>8421868
A) Not everyone wants to use ETH.
2. This leaves a single centralized point of failure/attack/tampering.
* This system still requires an overarching way of handling any transaction that is more complex than "query API > ??? > profit". Look up what a 'smart oracle' is.
- And it doesn't matter if the API puts out its own oracle. Regulations like PSD2 are forcing financial institutions to open up their internal APIs to third parties anyway. So the API's own oracle is just going to be one in a sea of potential oracles making use of the API.

I'm trying to cut down on my spoonfeeding, so enjoy it while it lasts.

You have no idea when your Oracle is being used for a data pull. So you would have to continually give bad data in hopes that one of those times your bad data is pulled. Except everytime you send bad data , where it's pulled or not , it gets identified and penalized.

It could be done but it's very costly .

Not to mention your reputation gets wiped out once you change the data your sending . So you can't farm reputation sending weather info , then change to sending bond rates and use the same reputation . You start over at square 1.

>>8422159
>the fact that they'll need to devise plans to counteract bad actors isn't reassuring
You'd prefer it if they didn't make an effort to counteract bad actors?
lmao

>>8421974
>but the providers can also make their own oracles directly for very little effort
yes they can but would these oracles be trustless?

>the data has to come from a single source anyway
no it doesn't

regarding the DDOS fud
Mark Zuckerberg in 2004:
>I have this amazing idea for a website where people can be friends
plebbitor:
>but the website can get DDOSed so why create it?

>>8422222
Kek rewards me for my spoonfeeding.

>>8422147
yea because Sergey will sabotage his own project,
or you think you'll be able to detec and attack all his nodes lmao

>>8422159
that's the reality of decentralization, nothing is 100%, no one will give you insurance for anything. ETH team has a separate departament to research and work on potential bad actors attack preventing scenarios. You think they're gonna share what they work on?

>>8421650
and who's gonna run the nodes then ?
go fork btc or eth you faggot, no one will mine that trash for you
also LINK has additional features and it's slightly different standard than erc20, I'm 100% sure you had no idea about that like every fudding faggot

>>8420862
Isn't it an attempt to prevent reverse engineering of the thing they are creating?

>>8422262
Eth is working on corner cases in regards on bad actors. Chainlink apparently has problems with most basic of attacks

>>8422197
>A) Not everyone wants to use ETH.
well if the API provides signatures for each response then it doesn't matter who makes the oracle and relays the message, it can always be trusted
>2. This leaves a single centralized point of failure/attack/tampering.
what, the API?
>* This system still requires an overarching way of handling any transaction that is more complex than "query API > ??? > profit". Look up what a 'smart oracle' is.
that's probably what ethereum is intended to be used for?
>- And it doesn't matter if the API puts out its own oracle. Regulations like PSD2 are forcing financial institutions to open up their internal APIs to third parties anyway. So the API's own oracle is just going to be one in a sea of potential oracles making use of the API.
so everybody's gonna use APIs signed by banks as data sources anyway? how does that help

I'm not even trying to make you mad or something, I just dun geddit

>>8422245
>yes they can but would these oracles be trustless?
uh, if you trust the API in the first place you shouldn't have a problem trusting their oracle

>>8422159
->
>The problem with all countermeasures is that even it they prevent an attack 99.99% of the time, that 0.01% would destroy all trust in the system. All in all there are so many uncertainties and exploitation routes I wouldn't trust anything that relies on non-sgx chainlink nodes.
That's it, I'm going to sell my link on the next pump

>>8422197
>Regulations like PSD2 are forcing financial institutions to open up their internal APIs to third parties anyway
If they sign results it makes chainlink useless.

>>8422245
>but the website can get DDOSed so why create it?
The point is that ddosing during the contract period helps the attacker to obtain majority and push false data. If facebook is down all that happens is that normies don't know what to do with their life

>>8422313
Such as

>>8420105
>The datasource api can just cryptographically sign the data and one miner can be paid in ether or whatever currency to retrieve the data
Umm, sweetie, that's not what ChainLink is for

>>8422327
>>8422328
Like I said, I'm cutting down on my spoonfeeding. Also I actually want as many people as possible to sell.

by default autism causes people to pick holes in everything til the death. nothing is 100% perfection. there are many existing real world products and services that are imperfect, some more than others, there is always room to develop and improve. not fud.40k linky

>>8422216
This.
These hypotheticals all miss the forest for the trees, which makes sense, given that this FUDer admitted to not reading the whitepaper.

>>8422462
>this FUDer admitted to not reading the whitepaper
That was painfully obvious.

NOBODY on Reddit has any concern over this Mobius paid fudders info.

>>8421974
>very rude

>>8422328
>The point is that ddosing during the contract period helps the attacker to obtain majority and push false data
you can always push false data, but that would ruin the reputation now wouldn't it? moreover, if some smart contract requires confirmation from three nodes and one of the nodes decides to DDOS the shit out of the other two, the contract won't just forget that it requires three nodes

>>8422127
After some consideration, we decided as a team to address this question here, since we received some questions about it from the community.

A smart contract which could possibly hold millions of dollars needs to be evaluated end-to-end, as Sergey explains in this talk. An ideal scenario would require multiple data sources in order to validate data against peers, as discussed in our white paper in section 4.1. This is because no oracle service, decentralized or not, can validate if the obtained answer from a data source is truly correct, only that the provided answer is what the source said it was (the last few sentences of section 5.3 gives some insight into this). Using multiple data sources would obviously be optimal as it would fit in well with the trustless setting. If one data source is providing faulty information, that is easily caught before a smart contract could execute based on the data provided by nodes retrieved from other data sources.

>>8422127
Sometimes, utilizing multiple data sources is simply not possible because there is only one source available. When this happens, that data source would be considered as a single point of failure for the smart contract. It would be entirely up to the smart contract creator if they are willing to accept that amount of risk for their contract. However, using multiple oracles as the trigger for the smart contract, even if they're all connecting to the same source, is still advantageous over a single oracle acting as a trigger for the smart contract. This is because a centralized oracle would be considered another single point of failure.

It seems to me like the argument of using a notary for a centralized service being better than a decentralized oracle service isn't fully acknowledging the need for an end-to-end trustless smart contract ecosystem. Regardless if the centralized oracle knows what it's processing or not, it can still go down and prevent the smart contract from executing when it needs to. Utilizing centralized services sounds like the present day, where if someone doesn't fulfill their obligation of the agreement, you sue them (which has additional costs and headaches of its own). So it makes sense why this reasoning seems valid at first glance, because that's the world we live in right now. In a trustless world, however, relying on centralized services is simply too much risk. Why would one choose to use a single data source, with a single oracle, feeding data to a decentralized smart contract?

If we have a single data source as the sole supplier of some information, what can they do as we head towards a trustless world? They could create multiple independent endpoints for their API in order to provide some level of redundancy. This would at least prevent a single endpoint from being a point of failure.

>>8422327
>uh, if you trust the API in the first place you shouldn't have a problem trusting their oracle
the oracle is another step in the way that can be fucked with
Using chainlink you'll have nly 1 point of failure (data source)
using some centralized single oracles makes it 2 points of failure

>>8422127
However, it would still be up to the smart contract creator to determine if that reduces the risk enough to use as a factor for their contract, since it still does nothing to validate factual information.

We can even take it a step further and say that the data source doesn't even want any 3rd parties connecting to their API. How would they provide their data to smart contracts? Some may say that they will create their own oracles, I don't think so. There are a lot of technical issues that need consideration before one can simply create their own oracle. How do you handle blockchain forks, rollbacks, congestion, varying gas prices, etc.? Chainlink already has solutions in place for all of those issues. It would require significantly less effort to create an external adapter for their own API and run a node (or multiple for redundancy) than to start at the beginning of creating a specialized oracle.

>>8422127

All further points raised in the criticism were raised debated an refuted here

https://www.reddit.com/r/Chainlink/comments/84u52s/can_someone_answer_this/

Its fud. It has zero bearing on chainlink an its place and success.

"Reputation Poisoning"

>>8419825
>>8421756
well?

>>8422462
>FUDer admitted to not reading the whitepaper


Its at this point that the PnD team who have been using biz and trolling reddit with fud nee to stop and think. If they have reached the state where they are wasting the teams time and actively undermining the team just to accumulate, how dumb are they?

>>8422924
'As long as they are in a minority' and how does that work?

Such bullshit FUD.

>>8422462
>given that this FUDer admitted to not reading the whitepaper.

Where?

>>8422924
kys brainlet its shit fud but its cancer to waste the teams time on it.

>>8422985
Did you read the whitepaper? Nodes are penalized for providing false information, part of which includes a payment of staked LINK.


Either you choose them manually, in which case, why the network? You're already doing the work, you may as well choose several companies looking at reviews. Or there's some automatic rule that determines 'high-quality security' and reliability (I assume you include correctness in that) - but then the question of how is correctness determined returns.

Dude, go read the whitepaper, it's clear that you haven't based on the questions you're asking: https://link.smartcontract.com/whitepaper

Retarded little fudder with an ego problem spewing bullshit while high on drugs

>>8422985
https://www.reddit.com/r/Chainlink/comments/84u52s/can_someone_answer_this/

>>8419577
>Daily reminder that ChainLink had no answer to the reputation farming problem

Daily reminder that the PnD group that FUD link to accumulate are fucking cancer brainlets more like.

>>8423031
>Did you read the whitepaper? Nodes are penalized for providing false information, part of which includes a payment of staked LINK.

Even vornth agreed with him that they aren't

>Dude, go read the whitepaper, it's clear that you haven't based on the questions you're asking

You're quoting someone's opinion that he didn't read the whitepaper, not his admission that he didn't

>>8422924
I think this guy might be legit retarded. This is the stupidest thing I'd read so far. "Give correct data to my nodes and wrong data to competitors". Jesus Christ I'm surprised he can operate a computer with this level of expertise.
I think he's purposefully trying to waste the team's time.

>>8423078
The same pnd groups that shilled you your bags in the first place

>>8422924
this fud is older than Link memes
>what if I give bad data from my own API
how exactly would he give different data to different nodes fom 1 API?
Also you think the Node operators will trust some shady contracts/data sources?

>>8423195
>>8423299
We will see

>>8423439
lol dude you're looking for reassurance or trying to make the community look bad ? lmao
if you listened to Sergey's talk at devcon he taked about API library
you think average node operator will serve data from some shady sources just to get caught in a trap?

Chainlink will be usccessful because the customers are not at risk, only the node operators, and the community will weed out all the bad actors, but that's also why running a node is for people with an >double digit IQ

>>8423496
>you're looking for reassurance or trying to make the community look bad ?

The former

I updated my comment

...Anybody else, feel free to jump in

>>8423496
>>8423195
>>8422985
>>8422499

>>8423641
Not only is doing this impossible it's very premise is retarded.
He wants to create an order for HIS OWN API with zero reputation or past history and employ hundreds of nodes (because he has to control the majority for penalty payments). And he says he wants to REPEAT THIS hundreds of times, the nodes continuously accepting this shady job they're getting penalized for. And "reputation" will not be some singular value like in a fucking RPG or something either. People will be able to see what the nodes fucked up and where.

It's completely absolutely retarded. He's braindead trying to poke holes in something with his teenager level knowledge.

>>8421280
You can't ddos someone just by having their IP. You need the target to have some service running and listening on some port.

>>8423641
>>8423903
This guy is going off the deep end now.

He's the kind of sperg who would scrutinize water into not being wet.

>>8423903
I can't believe what I'm reading.
>I can share the data with my nodes in some other way
no you fucking can't, not only do the damn nodes not see what they're processing due to SGX they have to get the data from the requested API. If you modify the node code to circumvent this everybody on the network will see you're running modified code and refuse to work with you.

>>8423903
like I thought, he creates some sci-fi scenarios just to show off

his last sentence is just a repetition of the old fud
>hurr durr the api providers will serve the data themselves
it was already talked about, there is a reason why they still aren't doing it, because first of all it would be a centralized oracle (which already exist) and none of them will give you any insurance, second of all thinking that API provider will also become an Oracle is like thinking that Bank employees will have to be trained to cook their own food for launch instead of ordering catering.
S P E C I F I C I T Y, do you speak it?

The node operators will only serve data from trusted and known APIs, if some node operators decide to risk going into shady teritory it's their business, and once they get burned it will be flagged.
That's why the API library will be for.
Chainlink is for institutions to transfer data from sources that are already TRUSTED, it's all about the middle part, the trusted/trustless mailman (Chainlink) that's missing.
Chainlink is the missing link (see what I did here?)
Like I said, most data needed to be transfered already comes from trusted sources. It's all about transfering it safely from A to B
$10-$70 EOY, screencap this

>>8423942
This. DDoS is short for distributed denial of service. What service do you want to deny? Servicing requests? Well every request costs LINK so you better have a fuckton ready to employ one million requests a second.

>>8423948
Well look at it from my perspective

I am not a programmer, I understand the importance of Link at a high-level perspective but these technical what-ifs I can't comprehend fully. It is especially alarming when a team member says something like:

>I'm open to suggestions from anyone as to how this can be prevented

Seeing as nobody is countering his points I'm forced to post replies from this thread

>>8424140
>It is especially alarming when a team member says something like:
>>I'm open to suggestions from anyone as to how this can be prevented
Is it.

>>8424140
Because the scenario doesn't make sense.
There's no incentive to do this other than to sabotoge someone's conract and it will cost a significant amount of money. Once they've spent all that money farming reputation and release their nodes out into the wild the only way for them to successfully attack is to randomly be selected for more than 50% of the nodes chosen from among a vastly greater number of legitimate nodes (which there obviously be because those nodes have the incentive of making money to be honest). Then they'd end up losing the money (as you can you'll likely have to put put up a significant amount of "collateral" for this very reason) they staked on the contract and their nodes would lose their reputation. It could only be done once.

All of that was based on the existing incentive and reputation system. This isn't even to mention other things the team could implement to prevent such attacks and blacklist nodes that engaged in that sort of behavior. Thomas is open to suggestions but probably just humoring the guy because they have determined his scenario isn't a realistic threat and having other ideas for mitigating extreme edge cases like that isn't a bad idea.

>>8421694
I mean you can criticize link for that but its pretty much the crypto sphere at this point.

>>8421694
It's pretty clear they just don't care about responding to criticism on social media. Look at how thomas started his post. "after some deliberation."

At the end of the day it doesn't do anything. The project doesn't live or die based on what some neets on the internet think of it. This is quite literally the first time anyone has responded to any criticism online too so I'm not really sure what you're on about.

The only other thing I've seen them respond to was people questioning SWIFT. Which 1. happened when datadash said it was off to which rory replied it was not, and 2. Another time someone asked and Rory explicitly said they would tell us if it was off, neither of which were meandering or equivocating and pretty clearly bullish.

>>8424357
>only way for them to successfully attack is to randomly be selected for more than 50% of the nodes chosen from among a vastly greater number of legitimate nodes
THIS
that's why I'm 99% sure Sergey will run a fuckton of his own nodes (without ever disclosing it of course) to strengthen the network and make sure even the most relentless pajeet from mobius or italian faggot from oraclize won't be able to do any damage.

That's why they don't have to worry if enough neets on biz run the nodes. Like AssBlaster said, they didn't even want to run an ico in the first place but it looks good on paper to have it done for the open banking/decentralized narrative.

>>8424722
I'm glad you like chainlink but the idea that sergey would run a huge number of nodes to prevent an attack like that is retarded for 17 different reasons. Drop this line of argumentation and reread this thread so you don't make chainlink look bad.

>>8424140
Yeah its pretty concerning

>>8424768
what's so bad about having a lot of honest nodes low key especially at the early stages of the network?

>>8424768
>I'm glad you like chainlink but the idea that sergey would run a huge number of nodes to prevent an attack like that is retarded for 17 different reasons. Drop this line of argumentation and reread this thread so you don't make chainlink look bad.

To dumb to realise that majority node attacking requires owning a majority of staked chainlink AND nodes without being noticed by smartcontract.com. Expensive and implausible attack you have in mind there

>>8424891
>>8424722

That's a very different concept from saying sergey himself or just the company will operate a huge number of nodes as hedge against attacks. If that's what you mean, say that.

>>8424985
>To dumb to realise that majority node attacking requires owning a majority of staked chainlink AND nodes without being noticed by smartcontract.com plus defeating sgx and even if you managed that you would wipe out the value of the stake chainlink by conducting the attack. Expensive and implausible attack you have in mind there

>>8424985
yea, that's what I meant, what's stopping Sergey from running a lot of nodes by himself to make sure the network is safe and no bad actor will ever achieve majority for any attack.
Of course he doesn't have to run 51% of all the chainlink nodes in the world, becuse there will be enough other honest nodes, but just an amount he will think would be helpful

I don't know what you have against it?

>>8425043
Because unless he's also running an equal number of Ethereum nodes, it would be easy to see where a majority of node responses come from.

>>8420959
This

>>8425064
you think he cannot do it with $32m from the ico he got ? (which is now even more unless he sold everything right after)

>>8424357
You're not supposed to literally debunk the FUD, retard.

Unironically delete this

>>8424357
Finally someone gets it.

>>8424140
he's the tech community manager not a core dev. its probably just not something he's 100% on, but here's the answer.

If you farm reputation, you're only doing it on your own reputation contract. Its like saying, I'm the top of a CS:GO league, but im the only person in the league.

>>8425527
This is not correct, and nootropicat's assumption of reputation is incorrect as well.

>>8425306
You idiots shill this on here all day everyday. But yeah hurr durr delete because this guy actually tried to clear some fud. Without posts like that Link shill threads are actual literal pointless shitposting. Most link threads already are

>>8425306
Why delete? LINK price is tanking anyways.

That 'stochastic consensus' is an actual term, if you google it there are lot of academic papers with it in the title.
It's concerning that vornth apparently had no idea what it means.

>>8419577

Daily reminder something can have theoretical issues, but still make you a millionaire.

*cough* ethereum *cough*

>>8426522
And none of them about blockchain.

From Jonny
>You can't get node IP's from a contract, so you won't be able to DDoS them. With our LinkPool nodes, you can't ping them over the internet so theyre not susceptible to DDOS, they work in a private network.

>>8427054
anonymous atomic swaps

>>8426522
>>8426646
>conveniently leaving out thomas' response

Just face it you dumb niggers, chainlink isn't here to flatter your egos by giving you every single detail right now.

>>8427258
Here's some more Thomas.
>SGX wouldn't protect against DDoS. The underlying system could still be vulnerable to attack. But execution within that enclave would remain secure.

Chainlink is still under development. Lets not forget that even Sergey invited people to join and contribute to this open source project once they released the test net.

No matter if this ledditor is right or wrong, maybe he gave some ideas to the team if there was some details that were overlooked. It's better to clear these things now and come up with solutions before main net release rather than deploying a vulnerable network.

>>8427258
This can also be interpreted as them not having an answer.

Ask yourself: Why would they choose to not release those details? To keep it a secret from competitors? Seems like something that would belong in the white paper.

>>8428127
They're still working on it. At least they're honest. Would you rather they lie?

If the way this thing works cant be briefly summarised in a way normies can understand its never going to take off.

>>8423903
What the flying fuck is this idiot talking about?

>>8427552
not some shmo ledditor though...he's probably a guy that gets paid to find security flaws in projects and decided to he would take a stab at ChainLink for free since it is the only project with actual potential to change the world he could not help himself.

>>8425972
You're the only idiot here if you seriously need this "fud" debunked for you
Go get spoonfed into buying Mobius you insufferable faggot

Link bag holder here.

I bought link when it was ridiculousöy cheap not knowing anything about it. I still am too lazy to read up on it. I got no clue what it is.

However I see a dev talking openly about his product vs some faggots on this board who usually don't know shit about shit in any subject. So I think my link are fine.

>>8428786
sell your link please, we don't need any reddit spacing tards getting rich

>>8428838
I space however I want pissface.

>>8428838
Sorry I guess that was rude.

>>8428786

I think this is why I see this as bullish.

LINK has a technical director responding to specific questions on Reddit.

This should actually make people happy..

all of this link FUD is giving me anxiety. most of it makes sense but im not smart enough to know what it means

Following the discussion between vornth and nootropicat, the conclusion I am forced to draw at this point is that nootropicat has some legitimate criticism at least regarding how random node selection will work, and possibly about DDOS attacks on nodes and reputation farming.

I see some counterarguments in this thread that vornth hadn't brought up so maybe I'll post those if I can make sense of them. Or maybe you guys should do it yourselves, seeing as you're so smart and think this guy is retarded.

>>8428226
No, but it doesn't change the fact that nootropicat had a valid point.

Which makes me wonder how much you can trust that CL has thought about these security issues. I know that no crypto project is perfect but if the security questions raised by nootropicat are very elementary then it makes me question how feasible their tech is.

Unfortunately I don't know enough about security to decide if his scenarios are just edge case what-ifs or are things that make LINK's security model fundamentally flawed

so many nonlinkies who want to keep the price down with fud, its not because they want to accumulate, its so they dont neck themselves when it eventually reaches $100

Almost less than a week after their official subreddit release, some guy just shows up and starts shitting on everything. Really tingles my almonds.

>>8429038
just go outside and shit on the street. let it all out.

>>8429049
How? Everyone ITT explained how none of those "exploits" are feasible.

>>8423903
The fact that people can't argue against this or can't even understand what you're talking about is just a testament to the absolute state of LINK bagholders.

Basically, there exists an attack that would allow a malicious actor to damage the reputation of otherwise honest node
>b-b-buh that's just science fiction, nobody would ever carry out an exploit like this, that's just autism
Jesus Christ

>>8429199
Try reading the white paper, idiot

>>8429199
what are you trying to say?

>>8422222
Checked & Heil Hitler - and thanks for the spoonfeed. It does help. May Kek's blessings rain upon you

>>8429199
we already told you why those attacks will never happen, read the thread.
The only vector of attack he is proposing is by baiting node operators into a trap of his own shady API, no one will be stupid enough to even touch data from him (also this is just attempto to steal some money from the node operators, the customers would never get hurt)
end of story, go and hugg your boyfriend on reddit

>>8429433
Dubs confirm that only truth and no lie

>>8429199
>>8429433
btfo

True reputation farming is possible, let's say I wanted to boost my node's reputation. I could just use an obscure API that no nodes are providing and make repeated calls to it with a smart contract. After I do this X amount of times my node has provided X amount of correct andwers and now gets priority over less reputable nodes. It would cost gas on both ends for each API call, at the node and at the smart contract, but I would just be investing in pushing my node to the top of the list of other nodes when it comes to APIs other nodes are providing access to.

>>8429599
>>8429622
thanks boys, we all scored nice dubs, never will some faggot redditor be able to have anything on us!

He knows about us.

>>8429191
No one here said anything about random node selection, we'll see about the other two points if I get around to posting them in that thread

But really it'd be great if someone that fully understood his arguments posted instead, don't be all talk and no action

>>8429723
Now let's say I had a collection of nodes, all of which I boosted the reputation of with both availability and correct api calls. If I use them all to intentionally provide false data to a smart contract then I could manipulate the contract itself (which would be a profitable event itself considering a high value contract) while also penalizing other innocent, correct nodes

>>8429723
>>8429800
you're retaraded

>>8429723
if that's even possible (Johny said it isin't AFAIR) all it takes is separate or even exclude those nodes's reputation gained that way, or just flag it to make other people aware that they might be shady

>>8429800
how would you able to provide false data to a contract when you don't control the data source
Sorry to break it to you but no bank will ever need any data from some shady faggot lol

>>8429800
The danger is that not all nodes will be providing all APIs, so if I target a specific dataset then I could feasibly gain a majority with a network of nodes that I farmed the reputation of with meaningless API calls. Even if it cost many thousands of dollars it would be profitable to manipulate, say, a multimillion dollar insurance contract.

>>8429800
Or you could have node reputation on a per-job basis. So job rep that fetches swift data has different reputation from attacker-api data.

Wow so hard to fix this "problem". Nice FUD though, bet this convinced a lot of non-programmers.

>>8429829
if there's no risk of nodes providing false data then why did they go to such lengths to prevent it from happening as is delineated in the whitepaper?

>>8429878
that's certainly a solution, but right now it doesn't follow the current system of determining reputation listed in the whitepaper.

>>8419577
Stop BTFOing this faggot, I can't accumulate more until tomorrow.

>>8429779
>No one here said anything about random node selection
what random node selection?
>we'll see about the other two points if I get around to posting them in that thread
just fucking stop. if it's not obvious to you yet that he's a fucking autismlord that will never let up and will just keep making up sci-fi scenarios and what-ifs for brainlets to be scared by then you're... well, stupid, and belong on reddit not here

>>8422222
Quints, bitch.

>>8429912
I sent him a PM with a link to this thread

>>8429947
Great, can't wait for another redditard to come to /biz/ to shitpost

Sub $.4 linkies
Just broke 100
Also

>not trusting 4chin maymayes

>>8429973
I'm here probably longer than you
I didn't see this thread because I have link filtered out since you stinky fuckers spammed the entire fucking board for that 7777777 get

>>8430263
kys

>>8430263
I hope you enjoy >>8888888

>>8420105
Chainlink is PoB

>>8430263
kys

>>8430263
>>8430263
Kys

>>8430263
kys

welp there goes my attempt at a rational discussion

>>8422216
>You have no idea when your Oracle is being used for a data pull. So you would have to continually give bad data in hopes that one of those times your bad data is pulled. Except everytime you send bad data , where it's pulled or not , it gets identified and penalized.
this - and i never even thought of it b4 you mention it. more or less btfo's all fud coming from that angle.

>>8430263
kys

>>8430263
Thoughts on:

>You can't get node IP's from a contract, so you won't be able to DDoS them
>>8427054

>no you fucking can't, not only do the damn nodes not see what they're processing due to SGX they have to get the data from the requested API. If you modify the node code to circumvent this everybody on the network will see you're running modified code and refuse to work with you.
>>8424023

>>8424070
>>8424357

>ctrl+f "Excel"
>0 results
everyone knows Chainlink could be replaced by an Excel spreadsheet

>>8430747
>You can't get node IP's from a contract, so you won't be able to DDoS them
There was no response to the buying from my own api way. Lots of other options, like keeping many eth (or other network's the contract is supposed to be on) nodes. They have an approach to security prevalent in the crypto space that assumes if they can't think of how to do something it's impossible. Good for those that can do the 'impossible', heh.
>see what they're processing due to SGX
Sgx makes the whole decentralized network pointless as it's assumed to solve the trust issue. Centralized solutions are better in literally everything but trust. Including availability. It would be way easier to ddos to death the entire eth node network than one website behind a good cdn. Even if they persevere with the network model they're going to be more expensive (even if only in complexity and time to interact needed) than competition with sgx.

>>8428786
Same thing here my dude
Too long didn't read,but for sure
Not Fucking Selling.

>>8431238
>Sgx makes the whole decentralized network pointless
Very wrong. Very wrong in a basic way.

>>8423439
Holy fuck has this retard not heard of API keys?

>>8431303
Any argument?
>>8431353
Expand

>>8431399
>Any argument?

Nope. I don't mind what the price does, I hope everyone on biz sells, and I'm confident if you pulled this nonsense out in a public debate with sergey you would get unequivocally assraped.
I just want you to know that I think you're an idiot :)

>>8431238
What is your background in relation to software security?

Do you see CL being able to solve the issues with their reputation system, or is it such a fundamentally flawed system that they have to redo it from scratch?

>>8431580
>or is it such a fundamentally flawed system that they have to redo it from scratch?
I don't see any possibility to solve the oracle problem in that way, as even one failure of the security model is fatal. Maybe some weird scheme with multiparty computation that's secure as long as one node is, but that would be ridiculously resource intensive.
Unsafe solutions like theirs usually work for some period of time until one random day in which everything suddenly collapses.