I want to make a disclaimer first. I am not very active inside the GLS community but I am one of the top 100 GLX stakers and I have been invested from very early on. This post will not be without a vengeful tone since this has affected me and my portfolio. I was sick the last 10 days, otherwise this post would have come earlier.
A few weeks ago a number of top GLS investors colluded to steal north of 250k USD from the GLS game by using an exploit in one of the game systems. This is the biggest theft on Hive since Justin Sun.
The damage done goes far beyond the initial 250k and will increase over time since the exploiters bought game assets that earn them further GLX from the airdrop by holding those assets.
Its compounded theft!
Its like robbing a bank and then putting the cash you stole into a savings account in that same bank to get APR. Batshit crazy stuff.
They damaged everyone elses investment, increased their future influence on the game and reduced investor trust. While the market was moving up, the GLX price dropped by 50%.
EXPLANATION of what happened:
Top investors in a brand new platform that has no game or products yet, had a goal to manipulate the price of GLX and push it up significantly for 5 minutes to take advantage of the 5 minute average burn mechanic of GLX -> GLUSD. (Has been changed since)
With their goal in mind they bought up significant amounts of GLX over the course of a week. The price went up a bit.
Then after their bags were stuffed with liquid GLX they pumped the GLX price 4x higher and held it there for 5-10 minutes, so that they could unload newly acquired bags of GLX and lock in huge profits by burning the GLX for GLUSD. The pump allowed for up to 4x more GLUSD as they would have normally received.
@oliverschmid ended up with over $80,000 GLUSD. (equivalent to 80k USD)
The others involved, chose to buy 1000's of GLSPA packs, diluting the airdrop for packs for all the other players. (This improved their relative position at the expense of others)
In all, hundreds of thousands of $GLUSD was acquired by the crew @genepoolchlrn8r organized in that 5-10 minute window they created at a orchestrated discount reaching as high as 75% off.
Curtesy of Gank. @yabapmatt has confirmed that the exploit originated from the burning mechanic.
Exploits exist and can happen in early projects that are yet to even deliver a product. GLS is that type of project. If Aggroed and Matt havent proven themselves with Splinterlands already, this wasnt a relatively small amount stolen compared to the game size (still massive), or if any other team was behind the project, this might have killed the project before it got anywhere.
Even if the system was poorly designed, which does happen in new projects, it does not give individuals the right to exploit it for personal gain! The act of exploiting a vulnerability in a system to commit theft is typically considered illegal and can result in criminal charges.
The people behind this heist think that because you forget to lock the door of your house they have the right to rob you.
Code is law, right?
Well, if code is law and its all that matters, I guess they wont mind if their reputation is that of being dirtbags, scammers, conspirators and generally despicable characters.
These people are still active in the GLS community since they feel safe holding significant positions and being whales. Even more so after taking advantage of the exploit and further increasing their positions.
Their assets dumped would affect prices. Does that mean I give them a pass?
FUCK NO!
Here are the names of the fuckertons responsible for this fuckerific fuckery:
@oliverschmid
@genepoolchlrn8r
@josieb
@skipples
@michiel87
@lostintime
@mastersporta
If I find more were involved, ill update the list as I go. Please provide the names if you have them. Very much seems from reading their responses that the first two organized this heist.
I dont know how Blacklists work on Hive but if there was ever a justified reason to put anyone on it, its this. This is definitely worse than $0.03 selfvotes.
The community should be warned when dealing with these characters.
We got rid of Justins, Neds, but there are still snakes in the grass ready to pounce at the first opportunity.
At this point in time @genepoolchlrn8r has returned about 25k USD and apologized poorly, not admitting to what he actually did. This guy held a community leader position. Good lord.🤦♂
As far as I can see @oliverschmid has not returned anything, has dumped his heist coins and is active in the discord chat cynically laughing at the people pointing out his actions.
Lets give them some love they deserve. If possible they should be added to a blacklist and all their future posts zeroed for rewards. I never advocate for downvotes but thieves should not benefit from the Hive reward pool.
If it was my project and they took an advantage of an exploit and then left their funds in the project I would whip it off em
The GLS team doesnt believe in taking such actions against user accounts. Its their choice.
But its not only their game that was hurt, its all the rest of us invested in it that were affected in multiple ways.
arent we on a decentral blockchain to fork their stakes out due an proposal? recently justin got hit and had to pay back millions of Steem.
everything looks clear, also to people who not interacting with GL.
This theft happened on a Hive dapp called GLS. Not Hive itself.
i know - and the good part is they have an hive account which interact with dapp's like GLS.
Why fork them? They did nothing wrong.
"They did nothing wrong."
Here's a scenario and a challenge for you. I'm unfamiliar with GLS, and what's happening here is my first taste of it.
Convince me to invest.
If you like football, (soccer for the ones over the pond that prefer to use a fridge as a measuring unit instead of meters), then this is the game for you. It covers one of the most dynamic league, with one of the highest growth rates in the world. Remember, Pele, the greatest of all, never played in Europe, but played in MSL. This game is not released yet, but comes from the team that has blown two Kickstarter campaigns with the SPL game, the game with the most transactions of any cryptogame, where assets have 10x folded from the month they have been launched.
This is it, as the game is far from developed, where economy is not ready and most dump the airdrop as they did not invest a dime in it. Most who comment have 0 assets, 0 stake in it, and get the airdrop for free. I bought some packs, but dump the tokens, and when the game launches will probably buy them back at a discount. Same as I did on SPS, dumped the high value and bought them back for 50x less.
I'm not convinced.
This conversation present interesting problem.
5 years ago we played a game, steemmonsters. It was interesting relatively cheap funny game. Was it investment? Maybe at some levels? Definitely with time, when gaining value, it changed perspective of people and became investment. This perspective probably influence every next hive nft project to the point that investment and speculation becomes more important than game itself, can even exist without game.
It is much easier to convince someone to play the game than to invest.
This GLS thing is not even game yet but already investment.
We can agree that it is much better when game, being good change to investment eventually, than just investment from the start.
Not sure you can be convinced to invest, cause there is nothing still, maybe you can be tricked into it, by arguments above that Pele played MLS few decades ago and it's splinterlands developing game(not even sure about that, it could be just branding and new people hired), am not convinced by that either, could be tricked but experienced enough to just wait for a game, but I see how it is investment speculation, and how it damages project already.
I would like to play the game, and might try it when released but at this point it is purely investment, speculation, already with increased risk after this event. Little bit afraid already that game will not matter, scared that 90% of the game will be just farming tokens.
Something to think about as well. Mindset. The investor and the gamer are two different beasts. Both highly competitive for instance, but do not intertwine. Investor loses, it's game over. Gamer loses, it's time to start a new round. Investor feels like they're winning by getting in early. Gamer feels like they've lost before they started if they get in late. Investor wants a competitive edge. Gamer wants an even playing field. If the gamer wins every time, they lose interest. Investor wins every time, they gain interest.
Could go on and on but the point is, they're not even playing the same game. Some shared traits but built entirely different.
To end that with a joke, I want to say I'm certain these games would benefit from a few rounds of psychotherapy.
I, personally, do not want to single out any projects or individuals in this space. Nobody is right, nobody is wrong. It's their work, not mine. If I'm telling people how to do their jobs, I'm getting paid for it. I'm noticing many lean towards governance and governance tokens anyway. There's your say. No need to talk. But did anyone notice, by default, there are two conflicting parties? Naturally, it is highly unlikely the gamer will ever be in charge of the game. The hybrid is incredibly rare.
On another note, false advertising. Yeah, there's a lot of that and this new branch of industry seems hungry and doesn't mind eating itself to death, but since I'm not convinced, it's not my problem.
A fork was suggested to the team, they did not wish to do so.
Yeah, I have some staked myself. It's admirable that they don't believe in it. But still...
I know.
That is wild. I get it to some extent, they want to perpetuate the entire idea of decentralization. That said we are talking about a game which they have full control over so itll never be decentralized anyways. What a joke of a project. No way I'm getting involved.
Myself and Jron organised a large investment into the presale and secured the second highest presale pack purchase slot qualifying for the coach card design etc. There were many people that pointed out this exploit a long time before it happened (we have the DM receipts of the communications) to the devs, and many top level people working on and for the project.
Nothing was done which left the opportunity open for anyone. Many knew and all of the people that were pointing this out to each other and the team were pushing for a fix to be implemented. Only these bad actors chose act on the exploit by working secretly in unison to take advantage of it while others were trying to get the vulnerability rectified.
I am not surprised this vulnerability was exploited... It's degen crypto land with a non functioning game project.
However I was beyond shocked that it was perpetrated by some of the biggest and most involved members of our community. Genepool was (hopefully past tense) an SPL community leader and Michael87 was GLG MODERATOR no less, was squashing people speaking out against the colluders actions. The worst part was how all of the colluders/exploiters openly admitted and defended what they did for days against the people that understood what they had done and the scope of the theft or level of damage they had caused to the investors and to the project itself.
Genepool when confronted said I was just emotional and "code is king" This amoral plea from a dirtbag to justify their extractive theft is disgusting. The celebrations of look how much GLX we burned, we're so good for the community was GOD tier level gaslighting the likes I've never seen before. It was sad that some people seemed swayed, apathetic or ignorant of the depth of what occurred.
Only after Matt and Aggy deemed it (not after a week of defending their actions to the community) "manipulation" and "an exploit" did Genepool offer up a small fraction of what was gained as some sort of token penance. The others did nothing and some completely slid back into silence. It was and is not good enough.
I had been working on further securing significant investment into the platform and all of prospective parties rejected proceeding after seeing the exploitative theft and lack of protection that occurred. These parties have large connections and capital and this alone has greatly impacted the platform and all investors in a significant way that will never be able to be exactly quantified. Many more drama adverse whales (some that had been warning the team) in GLG/SPL just packed up and sold off entirely solely based on this event, this is another part of the tangible and real damage caused to the invest, platform and team by this group of trash bag, self serving exploiters.
The damage done to the investors, general sentiment and the platform is difficult to measure but it is extreme and Lordbutterfly is right this would have killed almost any other project at this stage. No one knows what this exploit has caused damage wise and where this project could have been without these black hats exploitation.
The members of this event celebrated their own actions and justified them constantly against all that were speaking up against their exploitative theft. They have lost all credibility and outed themselves openly as colluders, manipulators and thieves. Their actions fit many definitions of financial crimes.
They were happy to own it then and they should be marked by this heinous act in perpetuity. How any of them holds any respected or authoritative position let alone still shows their face in this community is beyond me. Our community deserves better.
That's annoying to hear what transpired with a mod kicking/muting people speaking against it and defending their actions, sorry.
"code is king" or "I thought this place was decentralized" is a common phrase abusers of many sorts like to use when confronted about their activity.
Appreciate it mate.
It's been weeks for me to digest it all now.
There were so many other crazy justification made when they were openly owning their actions.
It was maddening to be straight up gaslight for days.
That tune has changed now and I'm glad this is getting out in the community not just the GLG discord so people can know what type of people they are.
Some people were exploring legal options. Most of these people were concerned for the splash back this would have on SPL itself and their own SPL assets.
Unfortunately for the thieves reputation's, the investors and the GLS platform it seems the damage is done and they just want to dump their exploited assets on the heads of the legitimate investors or sit on their ill gotten compounded gains.
Pretty shitty thing to do, pretty much a "black hat" exploit where I'm sure they knew it's the community that suffers, not so much the creators of the game. (If one wants to argue they tried to warn the team and they ignored them)
Seeing a few names from the list active in the @wrestorgonline game, one was pretty vocal/dramatic over card price calculations for some reason and decided to rage/quit from the project.
I think one guy is behind the Rabona and Nextcolony games.
GLS has really been bleeding after this happened and these guys simply continued in chat mocking everyone that opposes what they did. The folks they basically stole from. Ive never seen something like that in my life.
Yup, I was seeing the same thing. Actually, @oliverschmid sent @bookerman a dm asking him to delete things in the discord. Actually, let me find the receipt.
He doesn't deserve his reputation hurt so he wants to change history.
~~~ embed:1642613797541011456 twitter metadata:Mjc3MDY0MzZ8fGh0dHBzOi8vdHdpdHRlci5jb20vMjc3MDY0MzYvc3RhdHVzLzE2NDI2MTM3OTc1NDEwMTE0NTZ8 ~~~
~~~ embed:1642623512585342976 twitter metadata:MTUyNzE4NTY3OTU0OTM0NTc5Mnx8aHR0cHM6Ly90d2l0dGVyLmNvbS8xNTI3MTg1Njc5NTQ5MzQ1NzkyL3N0YXR1cy8xNjQyNjIzNTEyNTg1MzQyOTc2fA== ~~~
~~~ embed:1642662728203370497 twitter metadata:MTQ5ODgzNzg3MTU2NTk3NTU1M3x8aHR0cHM6Ly90d2l0dGVyLmNvbS8xNDk4ODM3ODcxNTY1OTc1NTUzL3N0YXR1cy8xNjQyNjYyNzI4MjAzMzcwNDk3fA== ~~~
~~~ embed:1643722218642309121 twitter metadata:Nzg5MzI3NjI1fHxodHRwczovL3R3aXR0ZXIuY29tLzc4OTMyNzYyNS9zdGF0dXMvMTY0MzcyMjIxODY0MjMwOTEyMXw= ~~~
The rewards earned on this comment will go directly to the people( @lordbutterfly, @seckorama, @documentinghive, @jeffjagoe, @torran, @islandboi ) sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
Wow 75% zhiit .
Don't quote me, but as far I was informed they talked about this before doing it kinda openly and since there was no reaction from the Dev Team, they kinda went on. Also, I don't think Aggy is super impressed and will not follow up with sanctions.
Btw. is there a different calculation system in place now or is this the normal way to acquire assets now?
This is very thin ice, the Splinterlands community is not so cut and dry on this issue as far as I could find out so far, opinions vary in all directions.
Theres really nothing the team can do now after they fixed the exploit. They covered it in a townhall, they know what happened, how and who did it.
They believe in not taking action against their accounts. Its their choice.
I choose to spread the word as far as possible about who these people are and what they did.
Your post is the appropriate response.
If the Dev team takes action that is centralised Ban Hammering.
If the community takes action (as a result of your post) then that is decentralised community self-regulation.
Not much action the community can take, you can't get the funds out of their hands and they don't post so you can't downvote them. Everyone wants decentralization until shit they don't like happens.
Hmm, it would have been easy to fake out, use smurfs, or whatever. I think we're missing parts of the story and I'm confused about what it might be. The post of that one guy is pathetic at best.
I don't think you are missing much at all. It's simple, there was easy money to be had in exchange for ethics. Easy decision for most people.
we should expect, and be ready on this kind of scenario. we, are nonetheless a decentralized network. we learn as we go.
This is the way.
This is the way.
Cool, agree!
The test of decentralization is whether or not the devs can do it unilaterally (ie. without a broader consensus mechanism), not just choosing not to.
Crazy times, I heard about it on Youtube from Dwayne Cunningham a while ago. They had a lengthy talk about it. If more people would have been on guard, they could have not pulled that off. They had to buy off the whole market for a short time while doing their transactions. I think the "Steemmonster Inc" team knew of the risk and just decided to not act from the very beginning. Other whales could have abused that situation to drop GLX into those buy orders.
Deeper POOLs for arbitrage bots would probably also have done the job.
Everything too large for my capabilities, whale games.
I havent found any indication that the team somehow knew about this. Do you have any source for that?
Yaba said in the townhall that it was an exploit and that the actors acted maliciously.
Wow it comes from a vocal citation, I'd have to go back and watch the whole video again. Maybe Dwayne might know more details, w88888888888 I'll try
--- Timeleap ---
Some guy "Dark.Star" in his videos is saying that it was a matter of "when" and not "if".
that was the video. But I imagine you can't bring a bunch of people together for such a move in a super nitch community without somebody calling the shots. Is it clear right now who was spearheading?It looks like Genepool was spearheading all of it. You can see transfers going out from his account to the others in the screenshot. That only accounts for a smaller part of the stolen funds.
Wow one of them is a community leader? That is bewildering.
A community leader doesn't imply they have any authority or integrity.
Yeah, i think they vote you in or something like that.
Its literally like having sheep vote in a wolf to be their shepherd.
That is what it is.
Yes the team was made very aware of it. Receipts available.
Not trying to be conspiratorial but there may have been a short sighted or accidental benefit from just an increased number of pack sales or just additional funds received pack sales.
I lean towards laziness rather than evilness.
no time to read all the comments :D shared my opinions before few times, can also drop it here :)
Check glusd, they don't even try to fake it properly... They burned GLUSD in their database and send same burned tokens to people on engine xD possible this part of app was never really finished, so there is a bridge but, no control over supply and numbers at all...
Hard to talk about crime here, if they report it few times, asked for fix, then finally use it, as team never reacted properly, so you eventually do it cause others could do it too...
Intensions. If you want to create nft game but before you create it you make token farming game before real game, you should question intensions and think how it could look later, as farming tokens might be dominant part of game to the very end... https://farmfarmer.farm
That doesnt matter. That even more so proves that the team wasnt aware of the issue or understood it. People can be wrong and make mistakes. Doesnt mean you get to steal from them. "Oh well, I warned them. Now its ok I take the money."
Thats not how anything works.
Nor does it matter if it is or not fully blockchain integrated.
If someone takes your World Of Warcraft gold, thats theft, doesnt matter if its just numbers in a database.
If the team knew, and did nothing, or even encouraged to exploit, are they involved in crime ? What if it is intentionally designed this way cause someone in the team think that loopholes like that will make money for team, and it did actually :D
how many times exploits like that or similar happened to splinterlands and you don't even know ?
0? 1? 7?
how many times exploits like that or similar happened to splinterlands and team don't even know ?
0? 1? 5?
It's really hard to know if at the end you have database with "correct" numbers, can also fix it if some numbers are wrong :)
one more edit: it's not 0, cause I personally found few exploits and used it then reported almost all of them
Come on man, lol. Those are some tinfoil hat type arguments. I go with what they said, that it was an exploit. Even the exploiters admitted to it, some of them.
If you want to say they suck at designing games, well thats your right. I just dont see how that justifies those that took the money.
Not really arguments, mostly questions, if you know me you know that I have problem with truth and lies, you can even see that in my writing(questions, or basing sentences on "probability". I don't know everything, actually I understand that I know very little. Blockchain generally helps with records and accountability, and truth, like your post is based on blockchain data.
My point is that this design, with token in database is very much based on trust. I don't know either how many exploits or abuses happened on spl, that's the point. We can just believe it's not that bad... not the first time I point to this, cause I like blockchain technology and it's weird and risky for me to that application go around it instead of using it.
I don't try to justify taking money there, it was bad, but it was also reported from what I heard and people have interesting screenshots from discussions, someone sent me screenshot of aggroed response that this theoretical reported event "should be fun", I guess we can both agree with him that it is fun... Don't you think that both sides are responsible here? Have you talked with people who used that exploit? I did first or second day after, some of them have a feeling that they were tricked into it...
I don't think they suck at designing games, it's very hard to say, even with the record of farming games from aggroed, cause we don't really know the targets. For sure there is a huge difference between splinterlands and token farming games. Splinterlands have a history, it was a process to get there, in my opinion creating another project as copy of splinterlands, starting from last steps is a mistake, also could trick people in many ways, up to your point(this moment is probably effect of that mistake, maybe also multiplied by low effort in execution).
Edit: Possible they going to sell nodes that are not nodes but tokens farming other tokens in similar process where price manipulation could give you better price. Not sure if it still matters as exploiters already have huge advantage. To the point above, cause we can agree doing copy of splinterlands farming game before game is low effort and risky, probably mistake, would be much better to do it other way, make a game then add token farming elements, governance elements, that are working for splinterlands(at the moment I don't even know if nodes farming tokens do something else than farming tokens, and how this will work eventually, but they already doing it for another game?)
Edit2: There is another already recognized mistake in nft world. Bull market selling frenzy, when projects create and sell products just cause it is bull market. In the process they sell much more than it's really created, then try to build. Possible it happened here also at some levels, and it's hard to say which elements are actually developed, which are just sold ideas that will be developed at some point, maybe.
I made some applications too, made mistakes, it's hard to not make mistakes in this business, am always open to discuss my mistakes and learn. Same here I don't have any stake in this game, I just want to learn about mistakes made and avoid it for myself.
just because a criminal badmouths others doesn't make his deed any less bad. some people really live in a twisted world, don't they? maybe get out in the sun more!
you still think am trying to defend someone?
not really, am just pointing out that guilt is on both sides, maybe even 50%:50%
team:exploiters
is it 50:50% from the moment exploit was reported?
Could be true that every next day, and every next report increase % on team side, as team response, or lack of proper response is telling exploiters that exploit is not exploit but how things work.
Do you realize that after first report team could say, "Don't do it cause we will ban you from the game and remove your assets, let us fix it."
But they didn't.
and might happen again if we will build applications with such ignorance
That's farked. Fork them out and their assets!
Thats not something I would support honestly.
Wow! This is one of the risks of a supposedly decentralised system. If it gets exploited you can change the system to punish them or choose not to. I have been getting the airdrops, but I didn't invest in the game, so it's no big deal to me, but if others put money in they won't be happy. It's a shitty situation with no easy answers.
Well there kind of is an easy answer. We go on and we make sure these guys never benefit in any way from the Hive community. Thats the best we can do.
They've done themselves no favours when it comes to community support, but maybe they just don't care. Greed is a priority for some. I hope the game can keep going, but I can't promise I'll actually play it.
Makes me glad I dumped mine while it still had some value.
Too bad we can't just fast forward a year or two to find out how it worked out.
I think I put in something like 5000 HBD and got a few thousand from the airdrop for my SPL stake.
I wont dump now but I'm genuinely pissed.
Ouch.
I think it was drugwars and that space game that broke me from the spell.
I got a few splinterlands cards that I rent out for something to do, but until mass adoption is more likely to occur, I'm not seeing what I need to see for further faith in promises from this crowd.
I'd have been better off to have just powered up.
What gives with the new claiming ui that can't seem to get the claiming right?
"That space game" was the dev who stole this (Oliver was in charge of NextColony). They rugged their player base.
!lol
Classic.
lolztoken.com
But it folded.
Credit: reddit
@themarkymark, I sent you an $LOLZ on behalf of @antisocialist
(1/4)
Use the !LOL or !LOLZ command to share a joke and an $LOLZ
What, so that his style hey... Wow
That's most people's style, just most people haven't had the opportunity.
Claiming works fine for me.
I try to diversify a bit and its a risk. I mean longterm this probably wont matter but it does matter now and its felt for sure.
Whenever I try to claim I only get half.
I can come back later and the rest is there, but I doubt that is the intended design.
Refreshing doesn't help, only after some time will it be there.
Too bad people do not do proper pentesting on a network before using it as an investment utility. You bought snake oil, it happens.
I appreciate the transparency, courage to express your views, and the discussion now taking place.
I don't know those people but I know of some of them.
Haven't even heard of GLS before, so this is bad publicity finding out about it like this. Things like that don't happen when you got all your ducks in a row. At the same time, shit happens. Better hearing about it this way though, fully equipped with discussion and opposing viewpoints contained in one space, than hearing about it through gossip from some random passersby.
The splinterlands guys are behind this so I dont think the Hive publicity will affect the game much. Id say they made far less mistakes so far than would be expected to happen in this space.
I can agree with that and certainly don't hold mistakes against people. Well aware of their good track record.
In general, accumulating ill-gotten gains utilizing exploits is frowned upon, everywhere.
"I didn't know I shouldn't do that," doesn't work.
This look fairly convincing.
However, I like for the accused to defend themselves.
You can read more in the discord chat, deepdives. Around March 11. They admit it openly. They start by bragging and later Genepool apologizes on his blog. Oliver doesnt. Theyre really not hiding anything and have no need to defend themselves since the GLS team will not take any actions against their accounts.
This is the beauty and curse of decentralization. You don't want people to have centralized authority to do anything to anyone but you also don't want criminals to get away with crimes.
I can understand the teams decision. Still plenty the community can do.
Having them seen for what they are makes it more likely they never pass a single DAO proposal, no dapp they make ever gets any support from the community and they receive no Hive rewards.
Thats at least something.
Knowing the accounts involved, they have mostly already checked out long ago.
Even decentralized systems have a form of government. In fact, if the community asks that they should be penalized in some way, the GLS team should take action, otherwise they would be making the decision that seems to them and that sounds like centralization to me.
I see Gene's post. I haven't seen it before.
Disgusting
I refused to use splex after they continued to stay hitched to the archmage bot. I wasn't particularly thrilled that community proposal voting was setup there. It doesn't surprise me that an organization that has direct support for an exploit (automation) would branch out into other means, and doing so while ingratiating themselves with the community. Clearly not the actions of a white hat...
I and many others will not support any project associated with any of the members. This has negatively impacted splex already and therefore Yixn (spelling?)
They have openly admitted and celebrated the actions, it's not an accusation.
I have learned that. It was unknown to me but more than 24 hrs back
Thank you for writing this article and putting the facts out in public for everyone to see. I feel sorry for anyone who invested outside funds into GLS/GLX, because this move definitely sucks for the greater community. I only have what I've been given from GLX airdrop for staked SPS, but even then my bags are down around 50%. I'm not sure how much their exploit caused that, or just the tokenomics of the prolonged airdrops and selling into supply for GLX nodes, but it is a bad look for people who are supposed to be leaders of the Splinterlands community as well as flagbearers for Yield Guild Games - one of the premier eSports guild alliances in the world.
Its plenty to blame in more ways than one.
Yes it tarnishes YGG tremendously at least JosieB and Genepool are representatives
Not just representatives, but they are also very much known names in the community. It is a very troubling development indeed. I am a pretty recent addition to YGG with my GF alt account, so I don't know much about the politics involved with the guild, but it can't be good. Hopefully, there is more to be done to correct the exploit.
What a fking shitty situation and what a shitty team.
Why the fuck doesn't the team take any action?
The team doesnt believe in taking actions against their accounts. Its their
choice.
That doesnt mean the community should give them a pass for what they did.
And, this is why we can’t have good things.
We can, but only for a while apparently. lol
lets just zero out there other posts form a dv trail to just not let them make money on anything else until its paid back 10X and given back to the GLX dao.
That really seriously rots. At the same time, an object lesson in the reality that IF there's an exploit in a system, it will be exploited. Perhaps also an object lesson in the other bit of reality that the moment there's "money" involved in something, even the most unlikely people might start behaving badly. "Being on the blockchain" and "in crypto" doesn't exempt us from having to deal with the vagaries of human nature, sadly.
Thankfully my stake in GLS is very small, but it's still a shame that the project got tarnished with this.
=^..^=
My stake value is getting smaller by the day. lol.
I just hope the thief's are selling. Getting them out of the platform would be highly beneficial.
This is insane.
@oliverschmid was one of the founders of Rabona and I never thought he would participate in something like this, but increasingly I believe that we never really know anyone.
Unfortunately, one of the mentioned accounts posts on Hive, so the downvote idea won't do anything.
Here I only saw the possibility of the GLS team doing something about the subject, otherwise there could be a problem here that could jeopardize the future of the project.
They fixed it, as it seems. But yes, you never really truly know someone here.
I knew one guy on Hive, great guy, plagiarized his series of posts about raising children for years. Translated and copy pasted from German to English. Hundreds of posts.
You never truly know a guy. I keep my expectations low now.
This is a hard lesson and tough pill to swallow but we'll have to chuck it down as part of the growing pains. Even if they're blacklisted or whatnot, there's still no way to get back what they stole because the damage is in perpetuity.
Taking action against the said players will actually hurt investor confidence further and so, I understand why the project went down the route of peace.
Sets a terrible precedent. They should have been squeezed till they gave back every last GLUSD.
Shit. I feel sorry for the people who lost their hard earned money.
We didnt lose all of it. We are bleeding it slowly. We should recover over time.
i don't think there will be a complete recovery from this, maybe the token price will recover. but the game will never recover from this. because these people get more power/voting rights every day through more nodes and airdrop through this action
They should sell and gtfo. They need to get as much hate as possible on a continuous basis to either sell or give the money back. Rarely will anyone stick with a community openly hostile towards them. Id rather my investment dump another 50% just so these guys are not around.
Thanks for sharing this information. Now I know why GLX is dumped recently. I have a small investment in staking GLX. Luckily I also swapped some GLX rewards to SPS. It used to be 1 GLX = 1.3 SPS and now is only 0.44. I'm not sure if it can recover or not. Let's see.
While I have seen people benefiting from these exploits, I'm wondering if Splinterlands and GLS teams have done anything in order to prevent further occurrences. I think I have seen this happening twice, so it is imperative to solve this exploit one and for all otherwise others will attempt to do the same until they will drain the system.
Posted Using LeoFinance Beta
They have added a fix to the burn mechanism. You can see it on the screenshot, underlined in red.
Well, I think this is again a biased thing caused by gank and here is the reasoning:
If the price was pumped up, who pumped it down? This is the main question, as they burned the GLX and it did not flood back the market.
If 4 people managed to increase to 250k the value, with roughly 40k -50k, it means that there is not enough adoption and not enough liquidity on the market, so this is a trade, not an exploit. But again, who managed to bring it back down? Was it a few users who started dumping and due to low availability it crashed?
Most investors got a devaluation of their tokens, only because of the packs that have been generated. I'm also a holder, not top100. This is a risk, as there is no ripe economy behind and no game.
The same would happen to Hive or any other asset, if there wouldn't be a huge market cap for it.
This is my view on this. I don't defend them, but also don't blame them. I know a lot of people who blamed them, as they lost asset value, but did the same on other market opportunities.
I'm open to a fine debate, if I'm wrong on some points.
The pump and dump wasnt where the exploit happened.
The exploit happened due to a faulty platform mechanic. The 5 minute price average burn mechanism. It takes a few seconds to move that GLX into the dapp. There are no pools to worry about and extremely low liquidity.
It really wouldnt. Hive has no burn mechanism like that. The actual question is what would have happened if they had more funds on hand.
Who dumped then after? To hold a price for 5 minutes is long.
Also, from what I've read in the chat, it was told to the team that they will do it, so a lot of people have been aware of it.
The only major impact is the pack dilution. I know, trust is an issue, but an investor with a big pocket, could do the same also on the 24 hour price average, if he has enough funds and gets slowly that token under different accounts, to stay off radar.
I mean that any market can be manipulated, and every currency can be pumped or dumped, depending on the funds. Best case, Soros vs. the British Pound.
I know oli, he is like this, sees the opportunity and grabs it. I know lostintime and he has funds, but was not aware of the emotional impact it could cause.
Like said before, I don't defend them, and also don't praise the dealing. I see it as a high risk betting investment on an unfinished product, especially as they've announced it before.
I havent seen this but do you think that makes it ok to keep the money? I think it makes it worse as the team is obviously unaware or doesnt understand the danger.
Pack dilution, trust, investor airdrop % is affected since apparently licenses were bought from the stolen GLUSD. The damage is compounding and indefinite. It will only increase over time till the game is shut down far far into the future.
Sure, but you need the burn mechanism for this to be an exploit. A pump and dump is just market manipulation. We kind of look the other way in crypto when we see it.
Like said, game and economy is unripe, and it is a high risk investing in it. It is an emotional thing in the end, especially if the own return has been affected. Try to see it from a logical point of view, not moral, where could it be said that it was stealing, as stealing is a harsh word.
I'm also heavily invested into SPL, and don't like some stuff that it is going on, like insiders know when to buy and exploit some stuff, like it was on the land sales, when some managed to buy many regions in the first go. It is my own risk, as the firm does not keep separately the insiders from the investors.
Just from a logical point of view, pumping it up and burning it, should have held it up there, and it would be better than pump and dump. Who dumped after that, so that the price tanked?
Will reply tomorrow, if you reply, as I go to bed.
Possibly someone that knew what they were doing.
I think you want to claim that they didnt understand what they were doing or what would happen. I really dont think thats the case. They would really need to be a special kind of stupid not to understand the implications of their actions.
The implications of a pump into a 5 minute price average burn on a extremely low liquidity token.
By far, maybe lostintime was not fully aware.
As I already said, free market, they leveraged the assets they had and took profit, I don't see any stealing in this, especially as the tokens have been burned.
If there has been a stealing from an account in their pockets, please show it, glad to change my mind.
It is a high risk investment, and the first rule to this is that on high risk, the investment can go to zero.
So we come again on the question, who dumped, after hey increased the value? That person is the real villain in the story, which nobody mentions.
Also, using emotions leverage, audience, and public shaming might be a more ethical offence than taking profits. Putting pressure via a whole community, who does not research deep the problem, is not a nice thing to do. Just my two cents.
The "Oracle Manipulation Attack" - not pump and dump
:))
This is getting in some sense funny. Most people that comment here, did not invest a single dime into it, got some nice airdrop and are outraged about the lower airdrop value that needs to come...
If you are not aware myself and Jron secured the 2nd largest presale pack purchase of GLG.
Read my long and detailed comment.
That I'm sorry for, as I believe in genuine investors, I did not know you had bought packs. Just read your comment. As I said, I don't support or cherrish them, but also don't blame. And that I have maybe a different view, I'm getting flagged by the Sheriffs in here with stake which is supposed to be used to grow the community.
I believe in @lordbutterfly, that he also invested, and does also great things for hive.
I don't believe in freeloaders that comment here, which use the airdrop and sell mostly off. Yes, the project took a massive hit, and maybe the impact is made higher by the people who comment and make it is a world's end.
Also, forking out will issue more problems than there are. Hive did a forkout of users, which was needed and maybe should have also forked everything what was before block 1, but this put also put a negative label on the whole chain, for years to come. People with loads will not invest in it, just because of this. And by loads I mean at least 10 mil USD.
Report them to the authorities. Manipulating market prices for the purpose of affecting an oracle to extract value at an illegitimate price is a criminal offence, it falls under market manipulation and fraud. It doesn't matter if code is law, the crime was in pumping the price artificially. The CFTC and SEC filed charges against Eisenberg for pretty much the exact same thing.
Questionable if its worth it.
Actually, whistleblowers get 10-30% cut by SEC for cases... I heard rumors of possible legal consultations in response to this incident immediately after the reveal.
Who cares about SEC, if you don't leave in the USA :))
Then arbitrage would be a crime by this details stated and this is a free market, there ain't no rules when it comes to the markets or whatever, so long as manually changing the rules(codes) doesn't apply.
Things like this are so nuanced they can't even understand it if they tried. Plus Oliver I think is in Germany if I remember correctly. It is extremely to bring a legal case across country lines.
Wow, so exploits like these are actually going on here on Hive .
I am just gonna sit back and fold my arms, watch how it all unfolds, LOL.
Well... using AI to write your articles is kind of a shitty thing to do. If Hivewatchers dont want rewards to go to those type of articles its their right to downvote it.
If I wanted to know what ChatGPT thought id ask it myself.
This... on the other hand, is not something Hivewatchers have effect on. I mentioned the selfvotes as an example of a contrast in gravity.
I am impressed to see @josieb ...she is full on active in WOO discord
@bookerman
A part of me wants to call this arbitrage, or maybe I'm not reading it right?
Its very different. The exploit happened due to a platform mechanic that exists in the dapp.
The "Oracle Manipulation Attack" not arbitrage. Performed secretly via collusion with intention to exploit a weakness
Putting these guys next to Justin Sun is just cruel, the #JustinSunsSons is way overboard in my opinion.
Yes it was not very nice of them to use this flaw in the system to their advantage and even worse, put that money right back in to the project gaining more GLX cause of this.
But why was a system like that even launched with such an obvious flaw in it ? We knew that there was not enough GLX Supply or Volume to prevent this from happening, if it weren't for these guys, I'm sure at least someone would have taken advantage of this "Opportunity" either way.
Justin Sun took Everything away from the WHOLE community, while these guys just damaged us, but didn't create that much destruction that would need the project to be scrapped and reforked into a new project. Justin Sun in my Eyes is still 100x more evil.
In the end I think that the people who took advantage of this GLUSD exploit should definitely apologize and if possible return at least some of the profit they made on it. I see why people are so upset about it, but me myself am more upset about the fact that this system was launched so carelessly rather than about the people abusing it. And also this whole deal will leave a big -REP on their names for quite a while I'm sure of it.
*This is just my personal opinion about it, I'm a rather small holder in the GLS project and may not be fully 100% up to date with what went on behind the scenes.
Its a style choice. It gets the job done. Ive been literally doing this for years when ever someone does something fucked up. When I want a post to spread like fire, this is what I do. Minor Hyperbole, slightly suggestive writing, plenty of intensive metaphor to draw out emotion.
Why did she wear a skirt? Why was the door unlocked?
Want me to go on?
Sure.
Very odd honestly. One side made a mistake and suffered because of the action of the other side that benefited.
How can you be more upset at the side suffering from the action than the side that committed the action?
I don't understand the unlocked door thing. I guess it's just an American thing.
And about the last part, I didn't mean the people who were affected by it, I'm more upset that this system was released knowing very well that this kind of thing is possible if only a dozen people would decide to be the "Bad apples".
I mean Low trading volume and low supply. It was a no brainer thing to happen.
It's not an American thing...
Imagine a group thieves planning and entering an open house door to steal and then claiming "it wasn't theft because the door was open, your Honour".
First image in the post.
It was the burn mechanism that was the exploit. But I get what you mean.
Oversight, but basing off last price especially in such a short window isn't a good design.
A hashtag of #JustinSunsSons is not going to get the mileage you think on Twitter. It's such a long tail and obscure hashtag. If there was a more broad hashtag and several journalists were tagged who cover the financial, sports and crypto spaces, it would have been much more impactful.
That hashtag means very little and the amount of traction it gets on Twitter is likely minute. Hashtags are used to tag in those looking for a particular topic or commenting on the same topic.
There's a ton of crypto hype/shilling/spam on Twitter, it will be buried with it. Although, it is more compelling than 99% of what is out there.
I wouldn't read too far into that. He's just being facetious.
Please continue with what you are doing @lordbutterfly
I hope that this issue will be addressed by the GLS community to restore investor trust. It's unfortunate to hear that individuals involved in the heist are still active and holding significant positions within the community.
I do knot know any of the names in the list above but I hope that this will shine some light on these shadowy behaviors to the point they self correct.
It was talked about well in advance. As a result, the team new about this potential exploit and did NOTHING to prevent it. In fact, I saw conversation where geenpool explained it completely with the math, well in advance and expressed that liquidity is required to prevent this. The team had options to solve this and sat on their hands. Really disappointed from that perspective as well. All they had to do was release the LP rewards, would have pumped liquidity and helped to mitigate this, potentially.
This certainly doesn't justify the actions of the people involved. The team has to know, if an exploit exists, it will happen. They could have changed to 6 hours in advance and also released LP rewards for community to start piling in liquidity.
If it wasn't these guys, it would have been someone else. it would have happened regardless. I hold the project team accountable for this happening. They had the prior knowledge and did nothing to resolve it in a timely fashion.
Using your bank analogy, imagine you go to the bank on Monday, and tell them there is a vulnerability and they can get robbed. Then, you wait 2 weeks and they don't fix the vunerability...so you then decide to rob it because if you don't someone else will (yes, still seriously ethically bad behavior)...the bank knew it was coming and didn't fix it. Well, SPL/GLX team knew it was coming and didn't fix it...
[None of this justifies the actors actions. I am just more holding the team accountability to this then the actors]
None of this justifies the actors actions
Hopefully this won't kill the project :( ... A friend's launch was also ruined by a thief, which seemed to be a large part of what caused his fatal heart failure. Some people think it's all numbers, but lives can be at stake too.
This post has been manually curated by the VYB Curation Project
Lel
Send monies. Lost everything in heist.
Sending all my prays fren. Bjs on the way too ❤️💋
such a Trumpy response
You want some too?
https://leofinance.io/threads/@seckorama/re-leothreads-2devu2xir
The rewards earned on this comment will go directly to the people ( seckorama ) sharing the post on LeoThreads,LikeTu,dBuzz.
Exploiting a bug to gain a finacial advantage is considered fraud. No matter if it's on a blockchain or not. I think in most countrys you could go to jail for a long a few years for this. Even thought they can't change the blochchain. i hope they take legal actions.
"Oracle Manipulation Attack" performed via collusion with intention to exploit a weakness
This should not be taken lightly by the founders and the community. This kind of exploits can kill a project, esp when its still on its very early stage. I am already distancing myself from this one ever since the first exploit. The names on the list should be investigated and appropriate punishment should be given.
Classic
You can call me what ever you like for 200+k. I do not think it matters to them either. People like that will only respond to ddos and ransomware attacks.
This definitely hurts. I wish leaders can have a little sympathy. I mean wth
Do we get a down vote for proposals? If so can't we limit full access to HIVE development funds?
No
Good that I have never been to this community.
Congratulations @lordbutterfly! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 8750 replies.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out our last posts:
Support the HiveBuzz project. Vote for our proposal!
Not much can be done because they don't post to the hive. To those who do publish, you can hit them, as @themarkymark did for the simple comment I left up there, he went and hit my publication, hey, it's okay that he doesn't like the comment but taking that attitude is not a good practice and it is immature of you. but with the same says is the beauty of decentralization.
It is possible that I am wrong, but it does not make sense that someone individually can take action against someone in particular within a community without a compelling reason, and on the contrary, there is no way to take action as a community against one or more people who abused them. an application or community.
It had nothing to do with your comment, just countering a vote.
What a coincidence.
Rarely do my publications go beyond 1 Hive, and you, without stopping to read my publication and judge based on its content to make your vote, say that you only follow a trail to counteract a vote, you practically left it at zero. good way to encourage content creators.
Don't worry, no problem, it's not like I'm going to get involved in a meaningless discussion.
Remember that with great power comes great responsibility.
Some people are dumb
!PGM
!PIZZA
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
$PIZZA slices delivered:
@instamental(1/5) tipped @lordbutterfly
torran tipped cageon360
!PIZZA
!PGM
!LOL
!BEER
!LUV
!WINE
!HBITS
Hi @instamental, You Have No Enough WINEX Tokens To Make A Successful Call.
Please Stake at least 25.000 WINEX Tokens.
(We Will Not Send This Error Message In Next 24 Hrs).
Contact Us : WINEX Token Discord Channel
WINEX Current Market Price : 0.200
Swap Your Hive <=> Swap.Hive With Industry Lowest Fee (0.1%) : Click This Link
Read Latest Updates Or Contact Us
BUY AND STAKE THE PGM TO SEND A LOT OF TOKENS!
The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]
5000 PGM IN STAKE = 2x rewards!
Discord
Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP
Get potential votes from @ pgm-curator by paying in PGM, here is a guide
I'm a bot, if you want a hand ask @ zottone444
In game exploit = risk of the trade
This is the issue always recurring on hive, fanboys and undisciplined investors crying for sympathy.
You will need to accept the loss after taking $191 from the reward pool to misrepresent this as a theft. Just like the 2016 ETH DAO, you deserve what you got because proper pentesting was not completed before using it as an investment utility.
Well this is absolutely crazy. I was considering getting involved with this project as I'm a fan of MLS, specifically the Sounders but it seems like the devs don't care to ensure the game is going to have an even playing field. Acceptance of an exploit with the guise of its decentralized is something I can't accept. Its a game, its not just a blockchain. As such, it isn't really decentralized.
Well, in my town there is a saying that goes: "Every minute a new fool is born and enters the world and whoever catches him first is his"
So, in my opinion, I think that this issue of xploits and the first ones who dare to take advantage of them in their own benefit, it's just a matter pretty usual between "gamblers and videogamers" to level up in the game before anyone else using the existing Cheat Engine that was already provided to them in such a demagogic and negligent way.