Open Ethereum Classic Mining Pool Payout Address

[marcel1982]

Hi,

Please help me.

I've mined 3 blocks in total already but the payout goes to a different payout address as my geth account.

geth account: 0xc4c23dc7fbd40fb8bae2686e5a945fc1e21d1c49

All mined blocks goes to address: 0x96a5296eb1d8f8098d35f300659c95f7d6362d15

Thanks

[mmitech]

This has nothing to do with the pool code but with your geth setup, can you look (ls -lh) in ~/.ethereum/keystore and tell us what do you see there ?

you should find both accounts in there, the coinbase which is
0x96a5296eb1d8f8098d35f300659c95f7d6362d15 and your other address.

[marcel1982]

Thanks for your reply, this is what I see :

root@MineHost:/# ls -lh ~/.ethereum/keystore
total 4.0K
-rw------- 1 root root 491 Aug 5 09:36 UTC--2016-08-05T07-36-10.667587109Z--c4c23dc7fbd40fb8bae2686e5a945fc1e21d1c49
root@MineHost:/#

[marcel1982]

when starting geth attach :

root@MineHost:/# geth attach
Welcome to the Geth JavaScript console!

instance: Geth/v1.4.10-stable/linux/go1.6.2
coinbase: 0xc4c23dc7fbd40fb8bae2686e5a945fc1e21d1c49
at block: 2043237 (Wed, 10 Aug 2016 12:21:07 SAST)
datadir: /root/.ethereum
modules: admin:1.0 debug:1.0 eth:1.0 miner:1.0 net:1.0 personal:1.0 rpc:1.0 txpool:1.0 web3:1.0

[mmitech]

hmmm, and yes I see that the first address mined the 3 blocks and already had 3 payouts to the second address

So it doesn't seem that all mined blocks goes to the second but it seems like payouts are going to the second address, do you own the second address ?

[marcel1982]

No, I don't own it, and don't know how it has gotten there. Do you perhaps think it will be better to create a new geth account and start over again? For me to test this will probably take me another day or so to solo mine a new block. Can I paste my config.json file to make sure everything is fine in there?

Thanks for the help

[mmitech]

you should investigate how did this happen in the first place! mining again on the same server with the same settings wouldn't magically solve your problem.

[marcel1982]

Ok, thanks, I will see what I can find, so far everything looks OK but this has happened meaning something is somewhere out of place.

[marcel1982]

Sorry, last question. Does the pool script for sending payment stay the same if you use either ETH or ETC as a transaction? No modification needed

[mmitech]

yes, the pool code is the same for both ETH/ETC.

[marcel1982]

Thank you very much, case closed

[marcel1982]

Just to update quickly, my pool is now working like it should, problem was with my geth account.

Thanks mmitech for pointing it out.

[Perfect-Web]

@marcel1982 i have exactly the same problem, what did u exactly do ? how did u fix it ? i got already 3 blocks that went to 0x96A5296EB1d8f8098d35F300659C95f7D6362d15 and dunno why is that. thx

[marcel1982]

Hi there

Sorry for the late reply.

I fixed this by just deleting my wallet account and then by recreating a new wallet account.

This worked for me.

Hope it helps

Cheers

From: Alin Jurj [mailto:notifications@github.com]
Sent: Friday, October 14, 2016 11:03 PM
To: sammy007/open-ethereum-pool open-ethereum-pool@noreply.github.com
Cc: marcel1982 marcel@evilgenius.co.za; Mention mention@noreply.github.com
Subject: Re: [sammy007/open-ethereum-pool] Open Ethereum Classic Mining Pool Payout Address (#66)

@marcel1982 https://github.com/marcel1982 i have exactly the same problem, what did u exactly do ? how did u fix it ? i got already 3 blocks that went to 0x96A5296EB1d8f8098d35F300659C95f7D6362d15 and dunno why is that. thx

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub #66 (comment) , or mute the thread https://github.com/notifications/unsubscribe-auth/AT-R9HCpAhqRuHVvs56thWp0M_Sj0WGOks5qz-3mgaJpZM4Jg2x0 . https://github.com/notifications/beacon/AT-R9Aekog0KgIFx5aAMidZgjfKesu9jks5qz-3mgaJpZM4Jg2x0.gif

[LeChuckDE]

@Perfect-Web pls run grep -ri '0x96A5296EB1d8f8098d35F300659C95f7D6362d15' in your open-ethereum-pool directory. and post the output. seems that you have this currently running with this sended eth to this address... we need you to deep investigate

[Perfect-Web]

@LeChuckDE it gives nothing, so that wallet address is not found anywhere.
@marcel1982 im gonna do the same, but this ***** managed to steal around 18 ether so far and this is insane ...

[mikeyb]

Do you guys have your RPC ports open to the internet?

[Perfect-Web]

i did had, but when i found out that the RPC can be a problem i blocked it, and even after that he managed to steal some more ... so that is the strange issue. atm i am forced to use the pool without unlocker or payments of any kind and with a new address. soooo this would mean there is no way in earth that the node or the pool has access to the author address besides delivering the block reward

[LeChuckDE]

then you are the fault in this chain ...
you could send over rpc a tx and it is on hold until balance is enough for sending ...
i understood was attacker has done ! portscan over the internet to the defaultport and try to set tx over rpc.... 20 - 30 times each node and everytime the balance reached the configured transaction will be send... that is why only people should run pools that have the skill and undertstanding about security ...

so it hits the right ones ...
learning due pain ....

HAHAHA

[LeChuckDE]

So now we have identified how the "Attacker" has went of the mined block-rewards...
All users with this problem have rpc open to internet without password ...
It don't depends if it was for a short time or permanent.
Seems that he has done a portscan over the internet to the eth / etc default port.
Tries to do a rpc call like eth_coinbase.
If he got correct answer he set multible tx's over rpc with the block-reward size - gas ...
Same for unlce rewards.
There is a tx queue in geth/parity, if the balance isn't enough it would wait until the balance is enough to do the transaction.
Block mined... Reward goes to miner-wallet and directly with the next block import the tx will be send !
So it isn't a bug in pool or wallet, it is the stupidity of people that means to host a pool is easy like pee a hole in the snow...
No it isn't, many security depending things have to be well developed and researched.

1. Make a concept based on identified security issues. work against them with given security features.
2. Setup the pool, test it in stress-test szenarios
3. Make a concept of datasecurity / backup.
4. Write a emergency plan
   (many people smiles about it, but let you say I am now 20 years an it consultant and in case of emergency,
   you will not have the time to think how could I fix this or that, how could I minimize the impact etc.).
5. Test your security concept / backupstrategy.
6. Now you are ready for first public tests. Identify where you could do tweaks and optimization
7. Yet are you ready to make it public

So that is the point why I will not longer support people that haven't the basic skills to host a pool!
If you want an own pool, talk to a consultant that will setup it and maintain it for you on your own hardware or rent a full managed pool!

[Perfect-Web]

@LeChuckDE dude are you making lobby here ? why are you just talking about half of the things i said ? i acknowledge that the first time was my bad as i didnt setup any sort of firewall, but after i did setup, it still managed to do it. So ppl just suppose to hire you as consultant when you only read half a answer ?

[LeChuckDE]

@Perfect-Web nope i don't do comercials here. have enough work to do and don't need to do it...

1. I have clearly describbed how it works. (proof of concept with a nodes list and what should I say ?!, 14 from 100 nodes are world wide open without a password, did only a eth_coinbase)
2. If you have read my answer and more important understood what I am saying then you are realize that my answer isn't only based on your half informations ....

if you have the geth rpc open for some time and then closed the rpc port due firewall or listen onl localhost and use the same wallet account then it is to late !!!
READ THE TEXT CAREFULLY the attack hits you at the time where rpc was world wide open !
The TX Queue has hold the requested tx's from Attacker until Balance reached the requested amount, then the tx and executed on the fly ...

by the way sounds like you shouldn't host a pool, if you not able to read a detailed attack description / or understand what happens here ... Security isn't your thing ... that is the part that I have read out of all your comments ...

IF YOU HAVE OPENED YOUR RPC FOR SOME TIME TO ALL, THEN IT IS POSSIBLE THAT SUCH A ATTACK IS STORED INTO YOUR WALLET AND WILL HAPPEND WHEN BALANCE REACHED THE REQUESTED PAYOUT FROM ATTACKER.
IT ISN'T COUNTING IF YOU CLOSE THE PORTS AFTER IT STAYS FOR SOME TIME WORLD WIDE OPEN!!!! THE ATTACK HAPPENDS AT THE TIME IT WAS OPEN AND NOT AT MININGTIME !

Now read the description of your walletsoftware of choise to get it "How to identify if there are TX Backlogs / Queued TX's" ....

It is like install a Windows XP PC without any Firewall or Virus-Scanner on it.
let it stay for a hour at internet connection.
then remove the internetconnection.
The system is full of viruses and the disconnection from internet didn't solve it ....
it only prevents that more viruses are loaded,
but the installed ones will not disapear from them self ....

[sammy007]

@LeChuckDE I dunno why you are wasting you time on retards by the way.

[mikeyb]

@christynelson467 see #87 (comment)

[Perfect-Web]

@sammy007 what @LeChuckDE did was common sense, and i take this occasion on thanking him for enlighten me on that matter and apologize. You should pull your head out of your ass and google what common sense mean before you make everyone a retard