On Tuesday, a Reddit user talked about how the popular platform predictions on the blockchain Augur “was duped” by the attacker, creating the markets with a “slight errors in the names”. The scammer is betting on the unlikely results, thus luring other participants in the betting, and then discloses information about the error, because of which the market is considered invalid. According to the rules Augur, parties to void the bet not get back as much money as they invested. Instead, the full amount is split in half between those who had positive and negative outcomes of an event.
“Someone is 1 ETH. The system gives a few tokens that give entitlement to the ETH. A single token can be used to produce ETH 1 if the outcome is positive, another if the outcome is negative, – said the developer of Augur Mika to Zsolt. – When the outcome becomes known, one of you gets the token value of 1 ETH, another token that doesn’t cost anything. If the market is found to be invalid, each party will receive a 0.5 ETH”.”Alice put 70 ETH, and received the 100 tokens to bet on a positive outcome. Bob has invested 30 ETH and got 100 tokens in a negative outcome. If Alice is right, she will get 100 ETH and earn nearly 50%. If Bob is right, he will get 100 ETH and thus earn more than 200 per cent,” described Zsolt principles of functioning of markets Augur.
As the developer Joey circle, the problem lies rather in not used in the betting words, and dates.
“In the history of the Augur 95% of misleading markets were associated with the incorrect closing date”, – quotes the portal of the Circle Breaker.
One of the last markets of this sort was established under the title “the Price of Ethereum at the end of March 2019?” The description says that “by the end of March, 2019” shall be read as “the end of the day March 31, 2019 in UTC time”. However, in reality the market closes on March 31 at 13:59 UTC. This is enough to bet was declared void, and the scammer got paid.
According to Circle, the problem is not widespread in the Augur system. Developers know of one such attacker under the name “Poyo-Poyo” on Reddit and in the shell. He has created the incorrect market to predict future price Ethereum. He also suggested users to participate in betting with the condition “will Exceed the price Ethereum above $500 at the end of September 2018”, putting the date of the closing of the market on 3 September.
Initially, Poyo-Poyo, engage the participants in the betting favorable conditions, relying on obviously unlikely outcome, and then reveals the essence of error.
“Yesterday’s post on Reddit was created because originally Poyo-Poyo published another post, which asked questions about this market,” said the Circle.”Obviously, there is an error. Why this market is still functioning?” addressed to the users of Reddit Poyo-Poyo.
Currently Augur can stop Poyo-Poyo and similar scams. To fix a bug, developers must create a new version of the contract, which will be released only in summer. Also, users may be given the opportunity to bet on the invalidity of the markets, which then will be filtered. This feature will also be included in the summer update. While developers only have to warn users about the existence of the problem and to encourage them to pay more attention to the details, which a bet may not happen.
Discuss current news and events on the Forum
Source
