Connect with us


‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP Addresses



Privacy coins are meant to be private: that’s their raison d’être. Without this functionality, they’re just altcoins, and dangerous ones at that for anyone relying on them for anonymity. Verge (XVG) is one of the best known privacy coins on the market, but it risks becoming famous for all the wrong reasons. A new website claims to list the IP addresses associated with hundreds of verge transactions, stripping bare the coin’s claims of anonymity.

Also read: Everything You Ever Wanted to Know About Privacy Coins

Verging on the Ridiculous

XVG has soared in price over the past month, which may owe more to the coin being heavily shilled by John McAfee than its strong fundamentals. Nevertheless, a combination of privacy coins being en vogue and XVG costing mere buttons – or rather satoshis – until recently have also contributed to its rise. Anyone snapping up the coin for its privacy features, however, could be in for a disappointment.

‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP AddressesIn a recent article on privacy coins, wrote: “The general consensus is that verge isn’t as private as some of its competitors, so don’t trust it with your life.” That may have been an understatement given that a website is now purportedly listing IP addresses pertaining to verge transactions. The operator of the website is anonymous, which is more than can be said of the transactions it reveals.

Publicizing Privacy

‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP AddressesThe revelatory site currently lists transactions that were conducted via the Verge Core wallet, but the Electrum XVG wallet will soon be added. There’s also the ability to determine transactions which went via a ‘rich list’ address; verge is notorious for having a large number of coins in possession of a handful of ‘whales’. One of these whales spent a cosy weekend with John McAfee before the former software tycoon extolled the virtues of verge, but the pair later fell out over claims that McAfee reportedly wanted millions from Verge and XVGWhale to shill the coin.

‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP AddressesThese claims are hard to verify, but coupled with the latest disclosures regarding verge’s anonymity, they emphasize the need to be cautious when using privacy coins for their intended purpose.

On its website, the cryptocurrency’s developers claim:

Verge uses multiple anonymity-centric networks such as Tor and I2P. The IP addresses of the users are obfuscated and the transactions are completely untraceable.

In a glossy video posted to the Verge Twitter account on December 20, a voiceover describes XVG as “the only untraceable currency devoted to everyday use”.

Concerns about the veracity of this claim have abounded for some time, with the creation of now seeming to confirm as much. Not only does verge fail to provide the privacy that is the coin’s USP, but it arguably provides less privacy than other cryptocurrencies in allowing IP addresses to be recorded.

As the whistleblowing site explains:

Obviously not all of the IPs below will be correct. Some might just be relaying a transaction. The point is that a large amount will be correct due to the Verge network being so small. If your IP appears in the list with a TX you didn’t do, it means you relayed it for someone else. Would you want your IP to be connected to other users’ transactions?

Verge has disputed the accuracy of the site purporting to publish transaction IPs, tweeting:

‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP Addresses

It is telling however that the development team have yet to issue an outright denial of the site’s claims. Even if a handful of IPs on the list are correct, it is evident that privacy proponents relying on verge are taking a risk every time they transact.

The roadmap for Verge – which began life as Dogecoin Dark – lists branded apparel and RSK smart contracts as next on its to-do list. Before it tackles these tasks, XVG’s development team may wish to return to the drawing board and take a look at their privacy coin’s alleged lack of privacy.

Do you think XVG’s development team have a case to answer, or are these claims unfounded? Let us know in the comments section below.

Images courtesy of Shutterstock, and Verge website.

Keep track of the bitcoin exchange rate in real-time.

The post ‘Privacy Coin’ Verge is Allegedly Leaking Users’ IP Addresses appeared first on Bitcoin News.


A lover of all things tech, love all things that uses creative juices (not an innuendo) an avid blogger and part time vlogger, now stop reading and go check out some awesome posts on this site.


United Bitcoin May Be the Most Controversial Fork to Date 2018



Back on December 12 the well-known developer Jeff Garzik launched a Bitcoin Core (BTC) based fork called United Bitcoin (UBTC) after Segwit2x failed. At block height 498,777 the snapshot took place, and the UBTC network began just like the rest of the forks in existence, but claiming the tokens is far more complicated than one would think

The Promises of United Bitcoin

A few months ago we reported on the UBTC project created by Jeff Garzik, his partner at the blockchain company, Bloq, chairman Matthew Roszak, and Bitbank Group’s Songxiu Hua. The team says it plans to create a credit currency system pegged against various fiat currencies alongside a native smart contract feature. The entire network is modeled after the bitcoin core blockchain prior to December 12, and all active wallet holders are able to receive UBTC at a 1:1 rate. The catch is inactive wallets will go towards the UB Foundation to support innovative blockchain development.

Over the past few weeks, the UBTC team have made some videos detailing their project’s goals to be serious cryptocurrency contender. One particular documentary shows Garzik describing why he thinks UBTC can be a digital asset that engages and unites with the entire cryptocurrency ecosystem. “If I could start with a clean slate what technologies would I include?” Garzik asks an audience during the video. Matthew Roszak says that United Bitcoin will encompass three really important pieces technology, community, and tokenomics by relying on cross-industry innovation.

United Bitcoin: Jeff Garzik's Fork Represents a 'Clean Slate'

One Out of Only Two Miners Controls 70% of the Network’s Hashrate

United Bitcoin: Jeff Garzik's Fork Represents a 'Clean Slate'So far the network has minimal infrastructure and community support. At the time of publication, there are only two miners who are processing UBTC blocks; an unknown entity and the mining pool The mining pool has more than 70 percent of the network’s hashrate. The network’s total hashrate is only 50,811.47 TH/s and block intervals can range from an hour and a half, to occasional sporadic 20-40 minute blocks. The network has an extremely low amount of users as there are only 20 pending transactions right now. Blocks are averaging roughly 20-100 transactions, and most block sizes are well below 1MB even though UBTC has the capacity for 8MB blocks.

UBTC has its own full node wallet client for Linux, Windows, and Macintosh operating systems and the source code is available for review. According to the distribution repository, there will also be a lightweight client release soon. There are three other wallets that support the UBTC protocol. As far as exchanges most of them are based in Asia, and a great majority of them are unknown and exchange very little trade volume besides the exchange Okex. At the moment, according to Coinmarketcap statistics, one UBTC is worth $82 USD.

Required Identity Verification and Claiming Inactive Addresses: United Bitcoin Is the Most Controversial Fork to Date

The most controversial part of the project is the opt-in airdrop feature which basically means a bitcoin holder must give up some form of identification to obtain UBTC. In order to even get started with UBTC, a user must supply a valid email address and a mobile phone number. After this process, the registrant has to have a valid bitcoin address as well to receive the 1:1 distribution. Another contentious issue with UBTC is the Foundation’s claiming of “unused addresses” which means after a period of time inactive addresses will be used for future development. At the moment the team has added a “grace period” which has extended the timeframe so bitcoin holders can claim their UBTC.

Because of the ‘KYC-like’ requirements and the fact that the development team will claim Satoshi Nakamoto’s and the inactive addresses of many whales, makes UBTC one of the most vexed bitcoin forks to date. These two tendentious issues plus the fact that the network has very little infrastructure may have a hard time gaining the crypto-community it hopes to progress.

What do you think about the UBTC project? Would you claim these airdrop tokens knowing you have to tie your identity to the platform? What do you think about the development team claiming inactive addresses? Let us know what you think about this project in the comments below.

Images via Pixabay, United Bitcoin archives, and website.

Source link

Continue Reading


Report Claims 34,000 Ethereum Smart Contracts Are Vulnerable to Bugs



Over 34,000 ethereum smart contracts containing $4.4 million in ETH may be vulnerable to exploitation. That’s the conclusion reached by a quintet of researchers hailing from Singapore and the UK. Their technical report, which is currently undergoing peer review, suggests that millions of dollars in ether may be at risk from poorly coded smart contracts that contain a variety of bugs.

Smart Contracts Are Only as Smart as Their Creator

“Finding The Greedy, Prodigal, and Suicidal Contracts at Scale” is the provocative title of a research paper submitted by British and Singaporean students last week. Its authors have dived deep into ethereum smart contracts, “finding contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone”. This latter flaw is precisely what happened to Parity last November.

The dangers of relying on smart contracts that have not been independently audited are well-documented. In the past year, $500 million has been lost due to bad code, and around half of that figure involved ethereum. The most notorious case was the Parity bug which led to $168 million of ether being rendered permanently inaccessible, though there have been plenty of smaller incidents where inexperienced or inattentive developers have been caught out.

A Small Drop in a Big Ocean

The authors of the report claim to have used a tool to analyze almost one million smart contracts, of which 34,200 were found to be vulnerable, with 2,365 of these stemming from distinct projects. That means that around 3.4% of all smart contracts are potentially vulnerable to being hacked, broken, or otherwise exploited. Of the contracts that the research team flagged as being exploitable, “the maximal amount of Ether that could have been withdrawn…is nearly 4,905 Ether” worth $4.4 million.

The report continues: “In addition, 6,239 Ether (7.5 million US dollars) is locked inside posthumous contracts currently on the blockchain, of which 313 Ether (379,940 US dollars) have been sent to dead contracts after they have been killed.” One thing the report deliberately omits is the identity of the smart contracts flagged as being at risk. But with almost 1 in 20 contracts vulnerable, and a jackpot of over $4.5 million in ether up for grabs, determined attackers have every incentive to put this research to the test.

What do you think can be done to make smart contracts safer? Let us know in the comments section below.

Images courtesy of Shutterstock.

Need to calculate your bitcoin holdings? Check this tools section.

The post Report Claims 34,000 Ethereum Smart Contracts Are Vulnerable to Bugs appeared first on Bitcoin News.

Source link

Continue Reading