You are viewing a single comment's thread from:
RE: GridcoinStats Faucet; Backed with rewards from a stable community
So, to cheat the (active) CPID reward one just has to create x BOINC accounts and prepare for those x the same (or more) Gridcoin wallets ?
(e.g. by just changing the email in the conf with a newly created wallet.dat; which could be bash-scripted to copied/made in there at each start)
And for being active: I could just use the same ONE (or say a few more, if we've a rich cheater) device to make those x BOINC accounts appear as active, after another.
(Let's say we wait also the time for the cpids getting into the superblock, being member of team Gridcoin, ...)
Plans to prevent such things are in place ?
Or perhaps some more criteria to be added to the reward checking ?
I'm taking cheating seriously and suggestions on fail safe measures are always welcome.
But this angle that you describe, I think, is not working. You gain a CPID from Boinc, not te Gridcoin wallet, once you start up. As only active CPIDs with a RAC score above 0 and has staked one block in the past 6 months are eligible for an extra reward, the way you describe wouldn't work. You would have to crunch with different BOINC clients, or rotate the CPID on them as well. And a RAC score diminish if you don't crunch.
Thr lower the score, the less likely to stake a block as well. One counter measure if anything, would be to increase the amounts of blocks you would have to do or make a smaller reward and do it up to a sum of new blocks for the user. Something like 5 GRC per first 2 blocks and additional 10 GRC for the third.
This doesn't mean I dont think someone would try to fool my system, but I do all the means I can to prevent it without harming normal users.
yes, I am aware that CPID is from boinc
and I am pretty sure what I outlined above will work, one doesn't even need much coding skills
we can talk more in mumble about a solution
I'm all up for a system that works and can't be fooled and if you think they can, we need to look at it and how to prevent it. I'll try to attend this mumble session that are up for Saturday. Thanks for your help and commitment @erkan.
Generally, with enough effort, it's possible to cheat anything and every input to prevent that is of course very valuable, so thanks @erkan for bringing this up.
However, let's set aside the technical aspect for a moment and look at this solely through cost-benefit. We can spend some GRC on this from the Foundation to attract newbies, provide them with a quick 'first payment' and create some positive promotion for Gridcoin in the end ('the most advanced faucet' etc). That objective is worthy and benefitial even if we are cheated of some GRC in the process, simply because in this case pros outweigh the cons (at least in my opinion).
Consider an analogous example - our advertising with Google AdWords. We spend 5 USD every day on AdWords and it's certainly possible that individuals who don't like Gridcoin click our ads simply to incur us more costs, since we have to pay for every single click. In other words, such individuals are cheating on us (in a way). Of course, Google has mechanisms to prevent such cheating on a massive scale, but it's certainly impossible to stop every malicious individual. Coincidentally, every such malicious click is costing us about 14 cents on average, which is roughly equal to 20 GRC (i.e. same as the 'researcher's bounty' offered through this faucet). Shall we completely stop with advertising because of this? No, because pros of advertising outweigh the cons. No risk, no gain.
Going to have a chat with Erkan about some possible counter messures. Already put some more in place that would prevent anyone to empty the faucet in a hurry.