Chainlink penalty fee exploit

File: 13 KB, 219x219, 9A71608A-4D40-47C5-8B17-3D7E43C6D8B7.jpg [View same] [iqdb] [saucenao] [google]

Chainlink penalty fee exploit Anonymous Mon Jul 20 13:27:23 2020 No.20525398 [Reply] [Original]

Chainlink is vulnerable to a penalty fee exploit, as follows .

The exploit arises where:

1. Smart contract owners select their own oracle nodes

2. Oracle nodes are penalized for bad data

3. Smart contract owners collect the penalty fees

This is problematic because Oracle nodes can the simply:

- create their own smart contracts

- select a majority of their own nodes

- entice users to the contact (optional)

- provide bad data to the contract

- collect the penalty fees

If you want to invest in a If you want a decentralized oracle service that is not vulnerable to penalty fee exploits...

...be a chad and invest in Blocknet

>>	Anonymous Mon Jul 20 13:29:09 2020 No.20525466 >>20525398 Wouldn't they just be paying themselves with their own stake while damaging their reputation? Am I missing something here?

>>	Anonymous Mon Jul 20 13:32:02 2020 No.20525545 >>20525466 yes anon is just totaly retarded like the 20 page normie fud that was on reddit

>>	Anonymous Mon Jul 20 13:37:09 2020 No.20525687 If they have majority of nodes for contact then their bad data is actually the majority. So they would collect penalty fee form oracle nodes that actually provided good data

>>	Anonymous Mon Jul 20 13:42:09 2020 No.20525818 >>20525687 Just because this is intended to be fully permissionless doesn't mean some reputation isn't involved. No one will trust any of your nodes after you pull this once

Anonymous Mon Jul 20 13:43:49 2020 No.20525871
File: 395 KB, 1120x880, IMG-20200711-WA0000.jpg [View same] [iqdb] [saucenao] [google]

>>20525398
>>20525398
already discussed this with the team that was 2 fucking years ago you filthy fucking newfag.

basically what they responded is that there will be service agreements signed between the aggregator contract and the nodes. in the SA the terms of the penalty are coded. so unless the node operator is a retard, he shouldnt accept service agreements that fucks him over in case of bad data.

works both ways

>>	Anonymous Mon Jul 20 13:54:27 2020 No.20526147 It’s both a problem for nodes and users of smart contracts There is no way for a node owner or user of smart contact to know whether the majority of the SA nodes are controlled by owner of the contact

>>	Anonymous Mon Jul 20 14:07:01 2020 No.20526462 Those blockheads got no chill

Advanced search
Text to find
Subject [?]Search by post subject. Leave empty for any.
Username [?]Search for user name. Leave empty for any user name.
Tripcode [?]Search for tripcode. Leave empty for any.
Email [?]Search by email. Leave empty for any.
Filename [?]Search by image filename. Leave empty for any.
From Date [?]Enter what date to start searching from. Format is YYYY-MM-DD
To Date [?]Enter what date to start searching until. Format is YYYY-MM-DD
Image hash
Search in	All Posts OPs Only
Deleted posts	Show all posts Show only deleted posts Only show non-deleted posts
Internal posts	Show all posts Show only internal posts Show only archived posts
Order	New posts first Old posts first
Capcode	All Posts Only by Users Only by Mods Only by Admins Only by Developers
Results	Posts Threads
Action	[ Simple ]

/biz/ - Business & Finance