Security Notice for pool operators
-
Watch your pool payouts and especially if you have active DDOS’ing going on:
https://github.com/TheSerapher/php-mpos/issues/1072 -
Another reason to go p2pool ::)
-
bumping up in case someone missed it during the holidays…
-
[quote name=“aatje92” post=“47782” timestamp=“1388129535”]
Another reason to go p2pool ::)
[/quote]Could be… though after reading through to the end of the discussion there, it may be a stratum issue, which could leave P2Pool open for some attack, no?
-
P2Pool server doesn’t have any funds on the server to get hacked / stolen, it is directly payed out to workers
-
I’ll be up front in admitting to never having looked into the setup or “how it all works” of the P2Pool code. That being said, I still don’t think P2Pool is in the clear if the nature of this attack is artificially increasing shares submitted to the stratum server. P2Pool would not loose anything out of a wallet, but other miners may be payed out less than what they may otherwise receive while the attacker receives a greater share. Or does P2Pool not divide up the reward proportional to the workload? I dunno :)
-
Idk P2pool has it’s own blockchain and shares thingy take a read here: