Reuben you do a great job with Firo!!! A meaningful, cool, and useful job. Thank you. I just needed to get my head around what happened. You could add the fourth option “block funds, reimburse 70% Binance, and the rest give to Reuben” and I would consider it seriously - that’s the level of trust you’ve got with me over the years without even knowing you in person.
1 Like
Thank you though I would never want to profit from something like this 
4 Likes
Yeah, I know. That was a half joke, half analogy. 
Would like to hear how we’ll prevent this in the future. I think you touched on it, but more detail would be great!
1 Like
Chainlock will be the soultion.
3 Likes
Chainlocks are from Dash system and builds of the long lived masternode quorums (LLMQs) which we already functioning. This was always planned in our roadmap.
dips/dip-0008.md at master · dashpay/dips · GitHub is a deeper description of it.
In short, groups of 400 masternodes are formed deterministically and when they see a valid block they will poll among themselves that they saw this block first and sign it. Once signed, it serves as a checkpoint so that no block below this number will be valid.
To disable chainlocks to mount a 51% attack you would need control of 50% of the masternode network upon which it will revert to the longest chain rule.
2 Likes
We’ll be closing this poll in a couple of hours. This is the most voted poll ever. Thank you for all your feedback!
I think this was also a good test in using the forum to help decide on matters. The arguments were excellent.
5 Likes
They can and do! It is called development
1 Like
Poll is closing in 40 minutes. Last chance to get your votes in.
3 Likes
Poll is now closed. We will make a Github PR enabling this soon, review then deploy.
8 Likes
This is the relevant Github PR Allow one transaction to pass checks without script verification by psolstice · Pull Request #984 · firoorg/firo · GitHub
1 Like
This has been implemented in Firo v0.14.5.0 which is undergoing testing and if all is okay will be released and deployed next week.
2 Likes
Hello everyone!
Firo v14.5.2 has been released. Following the consensus reached in this thread, this release will reimburse the exchanges with the attackers funds.
4 Likes
As agreed the funds amounting to 697850.29102309 FIRO have been returned to Binance with this txid. This also takes into account the previous funds of 168101.68037691 FIRO that Binance assisted us to recover from the Bitcoin CVE incident.
The 168101.68037691 FIRO has been burnt.
7 Likes
Hi Reuben,
What is the arrangement with Indodax?
1 Like
We are still in discussions with Indodax but they’re trying to recover from users who were credited back in Binance to deposit back the Firo. However they have already opened up trading/withdrawal.
1 Like
Thanks Reuben. Are they not compensated using the locked FIRO mined by your team - similar to the funds sent to Binance?
We only managed to lock the attackers’ funds. Not lock every single person who had deposited and withdrawn in that day.
The loss in this case was caused by innocent users who had withdrawn from Binance into Indodax.
Note Binance also had to foot some losses given they were only reimbursed for the attackers’ funds and not for other accounts which may have gotten back the Firo they deposited. It is probably an exchange decision whether to pursue this with rh individual users affected and not something we should interfere in given that we are not privy to internal exchange trades or KYC.
1 Like