Communitycoins.Archive/dem
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
52 commits 1 branch 0 tags 2.2 MiB
Find a file
Exact
Gerrit Oerlemans 34f9b85da0 Add new file
2023-02-24 18:23:45 +00:00
artifacts/volume-2 added volume 2 source code 2023-02-22 15:15:27 -05:00
Project elements Add new file 2023-02-24 18:23:45 +00:00
.gitignore added volume 2 source code 2023-02-22 15:15:27 -05:00
README.md Update README.md 2023-02-05 00:32:26 +00:00

README.md

DEM

Considerations

The Deutsche eMark network was hacked. In block 4074934 (19th oct 2022) 1,005,025.48111 DEM was created out of "nothing" in a POW block. It was caused by a transaction that used 50DEM as input and two outputs of 502,512.74 DEM and 502,512.74111 DEM respectively, increasing the outstanding amount of DEM with more than one million. The amount of outstanding DEM at that time was 109,375,526.136159 DEM. The hack has been repeated 16 times and by mid januari 2023 the amount outstanding was 277,753,695.558915 DEM. I was then that the communitycoin team was consulted, while by mid december rumours of a hack started to spread.

Since Deutsche eMark has a long history (the first block appeared 10/11/2013) and has an active community it could be a showcase for Communitycoins. The development of DEM was waning however. This highlights a structural problem with communitycoins. The community is typically hoarding and promoting the currency but has no capability or willingness to assist with development or with guarding the network. the burden of maintenance is substantial while the only reward for development, support and marketing is the value-increase of a stake if one has managed to obtain it. The DEM blockchain was also released idialisticly, without a premine which could have been used to Tax the community to support the prosperity of DEM. That means the only support from the community where it isn't capable of providing professional input is through donations. When that is absent it requires a lot of loyalty and devotion from people to participate professionaly.

One of the considerations behind the communitycoins initiative is that joining forces could benifit individual projects. Resolving a hack could be good case to test and demonstrate this. It remains however that the responsibility of a sound communitycoin ecosystem lies with the community itself and solving the problem for someone else is counter productive. That is why it was negotiated that the DEM community must cooperate. That cooperation was part of the solution.

Because DEM blockchain was thoroughly damaged the only solution was to create a new cryptocurrency network and to transfer all property form the old network to the new except for the property that illegally entered the network. Another consideration was the choice of technology. Should we repair the old software or use new technology. Although the hack already infested the blockchain for three months it would be devastating if it took months to implement new technology, to brand it, to make the community aware of it and to train them. More important even is to maintain the image of resistancy and durability of cryptocurrency. Abandoning the orininal software all together would be a capitulation and a time consuming process with the risk of losing all traction that still exists. So the choice was to leave innovation where it belongs: The near future and to concentrate on a speedy but solid patch and a cleansing of the blockchain.

Two other provisions were elaborated. Cleansing first means that the illegal transactions and their propagation in the blockchain are isolated and that all other possessions are transferred to a new blockchain starting with block 1. That means that all history is left in an old environment DEM-1 and that DEM-2 starts as a lean but performant blockchain. Users can continue to use their wallets while all keys remain valid. Next to this a small Tax for the entire community is provisioned by reserving a special address for six respected communitymembers and to fill it with a reward of 15M DEM. It's purpose is solely to reward new programmers for their contribution to improve and solidify the software and to reward, not compensate, community members for excellent contribution. Another 3M is reserved as a fund for communitycoins to help leverage the promotion of communitycoins in general and indirectly to the benefit of DEM.

The first hack-transaction

{
   "txid": "9935072fe321787c3afff266c9fa69337334ef891354bae363f284f67a76a620",
   "version": 1,
   "time": 1666130871,
   "locktime": 0,
   "vin": [
      {
         "txid": "37268099e5e6a0cba97bae6d2465635769ede99ebbe3f283963babb20a6057e1",
         "vout": 0,
         "scriptSig": {
            "asm": "3045022100e4bd7cc94bb51725993245b1b6e21ccb0adb8f33852247376246c2b5c36ea1f902203ec0b7fbc252319f17299b9e9e3581fef722bff03587a5875e3a5eaa9ac04bc701",
            "hex": "483045022100e4bd7cc94bb51725993245b1b6e21ccb0adb8f33852247376246c2b5c36ea1f902203ec0b7fbc252319f17299b9e9e3581fef722bff03587a5875e3a5eaa9ac04bc701"
         },
         "sequence": 4294967295
      }
   ],
   "vout": [
      {
         "value": 0,
         "n": 0,
         "scriptPubKey": {
            "asm": "",
            "type": "nonstandard"
         }
      },
      {
         "value": 502512.74,
         "n": 1,
         "scriptPubKey": {
            "asm": "OP_DUP OP_HASH160 7752a3dcd167e4d8dff0427d6cfc767fbe896a0b OP_EQUALVERIFY OP_CHECKSIG",
            "reqSigs": 1,
            "type": "pubkeyhash",
            "addresses": [
               "NWntbWyzcb9iGrNskzAeUskEPuq2z6YioM"
            ]
         }
      },
      {
         "value": 502512.74111,
         "n": 2,
         "scriptPubKey": {
            "asm": "OP_DUP OP_HASH160 d9a1114cae9eb6b1bf2bfb3ee3e9efad3a619477 OP_EQUALVERIFY OP_CHECKSIG",
            "reqSigs": 1,
            "type": "pubkeyhash",
            "addresses": [
               "NfkgmZ7koavEhr7mEWUm5hmjzF8iQUVCBG"
            ]
         }
      }
   ],
   "tx-comment": "",
   "blockhash": "000000000000014960fded7ae58928bdca71788aeacf87b6958dbf76a1071bbc",
   "confirmations": 152252,
   "blocktime": 1666132702
}

Project plan

Technical

  • 001 Detect all attacks/exploits in the blockchain
  • 002 Isolate all infected Unspend Outputs in the blockchain and list all involved public keys
  • 003 Determine a premine (lets call it Provision) to accomodate transfer of DEM to all non-involved public keys plus agreed development-fund addresses
  • Optional: prepare an extra provision in case too much will be erased and valid protests occur. This extra provision can be burned after a while.
  • 005 Isolate the vulnerability in the source code
  • Remove the vulnerability (Patch) in the source code
  • 007 The dem-community communicates new chain parameters to be implemented
  • Freeze the current blochchain with a few nodes configured with setnetworkactive=false
  • Implement a blockexplorer (volume1-explorer) on the old chain to keep a full history of DEM-volume-1
  • Prepare a new software release
  • prepare a few wallets that can be used for staking (so probably no mining pool necessary in the beginning of DEM-volume-2)
  • A new blockchain has to be set up with the new parameters, a new genesisblock and a provision
  • Transfer the provision to the required output adresses
  • Activate a volume2-explorer
  • Activate a few stacking nodes
  • Investigate the performance of the new nodes and the output of the volume2-explorer
  • Prepare for community questions; Especially lost funds and determination of legitimacy.

Communication (DEM-team)

  • Prepare a statement (German plus english) to the community and put it on the website for permanent reference (a part of the considerations above could be used). Include the motivation for the chosen path and for the new chainparameters. Include an action plan.
  • Isolate different audience groups and a media-matrix
  • Make a communication plan/schedule for each audience group and prepare statements to be communicated
  • A few names: Coindirectories (Coinmarketcap, coinpaprika, coingecko), Pool operators, Blockexplorer operators, exchanges, newsletter-lists, social media, websites
  • Prepare a support-desk. Don't rely on telegram. Difficult Telegram questions are best directed to support@ (for example freshdesk)
  • Prepare for fork related community questions.

General DEM-related verifications

  • Ownership of domain name(s)
  • Gitlab account
  • Ownership of Provisions (distribution, storage and procedures to release/award them)