Is the exploit-mined "Just Powh.io" token the first ERC20 token to be owned by 1,000,000+ wallets? Will the Eth network fix this before it makes wallets un-usable due to spam? - Cryptocurrency Reporters - A Light To Cryptocurrency World

Sunday, 15 April 2018

Is the exploit-mined "Just Powh.io" token the first ERC20 token to be owned by 1,000,000+ wallets? Will the Eth network fix this before it makes wallets un-usable due to spam?


As noted a day ago, anyone who makes an ethereum transaction within the last 3-days has received 232 tokens with the ticker "Just Powh.Io". This token is now visible on over 1 million addresses on etherscan which is, as far as i can tell, the most distributed token in ERC20 history. https://etherscan.io/token/0x4fee2d21aaca705b70f86db48fe4b166482f7700 The contract code explains it simply. The devs are clever bastards showing off an exploit they discovered in the ERC20 standard and the way etherscan handles the detection of tokens in wallets. They are intentionally showing off how it can be used to flood wallets with a useless untradable advertisement token for any product they want. Quite simply, when you poke etherscan to ask "does this wallet have this token" etherscan queries the smart contract, and the smart contract responds with an answer. In this case, the developers have the smart contract always respond "of course they do". Which is then saved and logged by etherscan onto the ETH blockchain making the tokens essentially materialize in your wallet without any transfer or gas fees whatsoever. The developers then created a mining program that reads the most recent ethereum blocks and all wallets contained within, then pings each of those wallets with the "do these wallets have the token" command, and distributed this program open source to its community to "Mine" these tokens for everyone else. Meaning most every recent transaction gets guaranteed a free +232 JUST tokens deposited into their wallet.To put the icing on the cake, if you try to transfer these tokens. The contract gives you back the same amount of tokens +1 . They're very aware that literally everyone and their mother will try to copy this token scheme and advertise for themselves. It's probably less than a week until we find hundreds of these cloned to say whatever they want with messages of whatever they would like to say, permanently attached to your wallet and non-transferrable. Attached to every recent transaction. These devs are notorious for creating open source content that's disruptively mass cloned (if you've seen a masternode referral link, they invented that too). To anyone who doesn't think this is a big deal, they invented spam email and we don't have spam filters yet. via /r/CryptoCurrency https://ift.tt/2qz1Hrr As noted a day ago, anyone who makes an ethereum transaction within the last 3-days has received 232 tokens with the ticker "Just Powh.Io". This token is now visible on over 1 million addresses on etherscan which is, as far as i can tell, the most distributed token in ERC20 history. https://etherscan.io/token/0x4fee2d21aaca705b70f86db48fe4b166482f7700 The contract code explains it simply. The devs are clever bastards showing off an exploit they discovered in the ERC20 standard and the way etherscan handles the detection of tokens in wallets. They are intentionally showing off how it can be used to flood wallets with a useless untradable advertisement token for any product they want. Quite simply, when you poke etherscan to ask "does this wallet have this token" etherscan queries the smart contract, and the smart contract responds with an answer. In this case, the developers have the smart contract always respond "of course they do". Which is then saved and logged by etherscan onto the ETH blockchain making the tokens essentially materialize in your wallet without any transfer or gas fees whatsoever. The developers then created a mining program that reads the most recent ethereum blocks and all wallets contained within, then pings each of those wallets with the "do these wallets have the token" command, and distributed this program open source to its community to "Mine" these tokens for everyone else. Meaning most every recent transaction gets guaranteed a free +232 JUST tokens deposited into their wallet.To put the icing on the cake, if you try to transfer these tokens. The contract gives you back the same amount of tokens +1 . They're very aware that literally everyone and their mother will try to copy this token scheme and advertise for themselves. It's probably less than a week until we find hundreds of these cloned to say whatever they want with messages of whatever they would like to say, permanently attached to your wallet and non-transferrable. Attached to every recent transaction. These devs are notorious for creating open source content that's disruptively mass cloned (if you've seen a masternode referral link, they invented that too). To anyone who doesn't think this is a big deal, they invented spam email and we don't have spam filters yet.

As noted a day ago, anyone who makes an ethereum transaction within the last 3-days has received 232 tokens with the ticker "Just Powh.Io". This token is now visible on over 1 million addresses on etherscan which is, as far as i can tell, the most distributed token in ERC20 history.

 

https://etherscan.io/token/0x4fee2d21aaca705b70f86db48fe4b166482f7700

 

The contract code explains it simply. The devs are clever bastards showing off an exploit they discovered in the ERC20 standard and the way etherscan handles the detection of tokens in wallets. They are intentionally showing off how it can be used to flood wallets with a useless untradable advertisement token for any product they want.

 

Quite simply, when you poke etherscan to ask "does this wallet have this token" etherscan queries the smart contract, and the smart contract responds with an answer. In this case, the developers have the smart contract always respond "of course they do". Which is then saved and logged by etherscan onto the ETH blockchain making the tokens essentially materialize in your wallet without any transfer or gas fees whatsoever.

 

The developers then created a mining program that reads the most recent ethereum blocks and all wallets contained within, then pings each of those wallets with the "do these wallets have the token" command, and distributed this program open source to its community to "Mine" these tokens for everyone else. Meaning most every recent transaction gets guaranteed a free +232 JUST tokens deposited into their wallet.

To put the icing on the cake, if you try to transfer these tokens. The contract gives you back the same amount of tokens +1 .

 

They're very aware that literally everyone and their mother will try to copy this token scheme and advertise for themselves. It's probably less than a week until we find hundreds of these cloned to say whatever they want with messages of whatever they would like to say, permanently attached to your wallet and non-transferrable. Attached to every recent transaction. These devs are notorious for creating open source content that's disruptively mass cloned (if you've seen a masternode referral link, they invented that too).

 

To anyone who doesn't think this is a big deal, they invented spam email and we don't have spam filters yet.

No comments:

Post a Comment