Exploit found in Dynex, used by SRB Miner, whos to blame?

Exploit found in Dynex, used by SRB Miner, whos to blame?


SRB Miner has found an exploit in the Dynex algorithm and has taken advantage of it, giving their users an increased hash power. But as Dynex have found out what was going on they are implementing and updating their algorithm and security measures to address the situation. But what happened?


What is Dynex?

Dynex is the very first coin that has managed to implement PoUW, or Proof of Useful Work. This has for a long time been sort of a holy grail in mining, and something that people have been trying to figure out more or less after the inception of the concept. But until Dynex came along it had been nothing more than talk. 

Dynex saw an opportunity with Ethereum moving away from PoW, Proof of Work, to PoS, proof of Staking. This left a bunch of miners with hardware that where excellent at computing vast amounts fast. Otherwise known as GPUs or graphics cards. Thus they pivoted their project and turned what was not originally intended to be a crypto project into a crypto project. 

Without going into too much detail, and getting myself stuck in deep waters, Dynex works by dividing the computations the GPUs are asked to do into two parts. One is called ML, the machine learning part, and the other is called SAT. It is the SAT part that is doing the norma blockchain part, transactions, and all of that. And it is the ML or Machine Learning part that is the "useful work" part. This computing power can be rented out to different projects.

The exploit

As I mentioned Dynex algorithm is divided into two parts. SRB Miner, which provides the software you use for mining and earning a % of your rewards, had found an exploit that allowed them to almost entirely skip the SAT part, only solving the ML learning part fully. This allowed them to increase the hashrate of the people using their software. This means people would earn more Dynex in rewards.

72fda9398ab9ac660bce2dbf422051a6abc44d2d3f803b8fc498db01def8ade5.png

Dynext's twitter account has shared a more detailed breakdown of the exploit. As well as when the fix will be implemented. But they are also taking steps to remove SRB Miner from the Dynex network. This means you will not be able to use them anymore to mine Dynex, well not in the near future at least. The use of SRB Miners software will be allowed until a new AMD mining software has been put out. The talk at the water cooler is that the new AMD miner will be provided by BZ Miner. 

Take away from this

There are some parts here that are a bit interesting to take a look at. One is the fact that you are still allowed to use SRB Miner to mine, meaning you can get an advantage for some time if you are mining with AMD cards. This was most likely done in order to not "punish" the miners using only AMD GPUs to mine. There then would have been a gap in time where they would not have been allowed to mine Dynex, as SRB Miner where the only software available to use AMD GPUS on. 

Dynex developers have also received some negativity over this. And there is the whole "who is to blame" discussion. 

Let us talk a little about the first one. Fairness, well to me it looks like a bad situation no matter what Dynex does. But at least allowing the AMD GPUs to still mine means that a sort of status quo is still in effect. I am assuming not too many AMD GPUS will use the exploits for the relatively short amount of time it will still work. But I think most people will agree with the fact that it is not really fair for the people mining with non-AMD GPUS. They seem to get the short end of the stick here. But what one can or should do about it, I am not sure. But historically very few situations like this have been rectified retroactively, at least not that I am aware of. 

But who is to blame here? Surely it has to be... Yea, who to blame? Is Dynex to blame for missing the exploit, or is SRB Miner to blame for exploiting the exploit they found? One this is for sure, exploits like this will always be exploited if they are found out. Just look at Ethereum, currently, an exploit has become the go-to standard there. But regarding blame, I don't think we really should blame anyone here. I have today I agree with Son of a Tech who said that he thinks Dynex should still be in testnet. And if they were things like this would not really be an issue. But of course, there are some drawbacks to that as well. They might not be able to become the first PoUW project anymore. And everything that possibly comes with that.

I would love to hear your thoughts on those two takeaway points, do you think anyone is to blame? And if so who and why? Please sound of in the comment section below, and of course, any other thing related to the post is more than welcome as well. 

If you would like to support me and the content I make, please consider following me, reading my other posts, or why not do both instead. 

https://medium.com/@bo.daniel.jensen

 

 

See you on the interwebs!

 

 

 

Picture provided by: Fair use

 

How do you rate this article?

49


Patch
Patch Verified Member

I am a patchy reader and writer of words... I also publish on Hive under @daje10


Things of note and other interesting stuff
Things of note and other interesting stuff

Here I will post things I find interesting that may or may not have a connection between them. Well other then I find the topic interesting. =)

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.