Multisig Incident : What Happened?

Last week’s Multisig incident involved a little know vulnerability in Parity’s implementation of their Multi-Sig wallet that was exploited by some black-hat hackers. You can read a basic review of events here. Or, for a more detailed analysis, have a read here.

A few leading projects lost millions of dollars to the black-hat hackers. A large number of projects also had their funds hacked, but by white-hat hackers.

vDice Multisig Wallet was NOT affected.

Fortunately we were NOT using the Parity implementation. The base of vDice’s Multisig is the older wallet contract that the Ethereum Foundation itself is using for their funds. The code is here.

An independent deep dive into the nature of the multisig hack by @el33th4xor and his team https://t.co/xNwtdP1j4R

— Gav Would (@gavofyork) July 22, 2017

vDice NOT Affected

We chose an alternative implementation because it was the most widely used at the time, and it had been previously audited as well. We had it audited ourselves by New Alchemy back in Q4 of 2016. Having kept the Ethereum Foundation funds safe for a long time, we saw an additional guarantee (i.e it’s already a battle tested contract).

Going Forward

With respect to the above, such an incident must be take very seriously. If the best team in Ethereum (Parity) can make such an oversight, then we all really need to reassess.

Parity are still a great team. Arguably they are the best in Ethereum and blockchain technology generally. So, we are reminded that Solidity and Ethereum are very young technologies. In our opinion they are simply not quite ready to store significant amounts of value.

They only reason to use a Multisig contract would be if the fear of a Solidity compiler bug/error is higher than a single key compromise.

As a very relevant example, almost none of the main exchanges are using Multisig for their cold storage. Probably the uncertainty of the security of Solidity is a factor in their choice.

vDice has now made the same choice. Following the lead of key exchanges in the space, we will NOT be using Multisig wallets for the moment.

We will continue to monitor the code in the space, in this area, and keep everyone updated.

Development Update July 2017

vDice Game 50,000+ Bets Processed

This development update July celebrates that we passed 50,000 bets on the Ethereum main-net. This is a huge milestone and makes vDice the most used Ethereum Dapp.

In terms of the main Dice game, we’ve seen healthy growth in betting in 2017. While it took a 1 year + to pass 50,000 bets, on current projections we’ll hit 100,000+ much sooner. On current estimates, within half that time!

Emerging Market Promotion

We’ve ramped up the promotion in emerging markets. This is focusing on both the game and also VSL token. This is reflecting in the token price and also the betting.

Also, the communication channels that emerging markets prefer; Telegram and WeChat are picking up.

vslotsについて
メインネットで何度か公式が試しているが、コードレビューでダメだし食らった、オラクルにバグがあった、イーサリアムネットワークのせいでテスト遅れた

ちなみに、vdiceも2日ほどネットワークのせいで動いてなかった

— 桜 (@__sakuradayo) June 29, 2017

vDice es el primer juego de apuestas descentralizado y basado en Ethereum ¡Juega Ya! https://t.co/KlMvxPakX3 pic.twitter.com/RYPdkG0nEd

— EspacioBitVE (@ESPACIOBITVE) July 5, 2017

vSlots Update

The 3rd party audit of Slot Code by New Alchemy revealed one medium level issue with the Smart Contract code. We have fixed that and also integrated a few optimizations that were suggested.

We expect to receive the all-clear from our code auditors, on the final iteration of the game code, shortly. We’ve been testing the code on the main-net ourselves, in anticipation of that.

In terms of the front-end code, node script is now done, using all features Oraclize provides, including API. Now we are just finishing the interface.

We underestimated how long Web3 integration would take. But not by too much and we are almost there. Web3 documentation is still a little thing on the ground. But front-end is 75% done.

The User Experience

A lot of new people have come to Ethereum lately that are less technical. This has been revealed in the quantity and quality of support tickets we are receiving lately.

So the idea here is for vSlots to be the first game in the space with no real technical knowledge to play. To that end, we’re abstracting away the technical parts with the most intuitive UI and we believe we’ve done a good job of that, given where the technology is at currently.

vSlots Development Update

vSlots Development update latest new is that, as was advised in our previous post, the game code for vSlots is ready. It is open and can be reviewed here.

To allow for release of the game we were waiting of 2 final pieces from third party providers:

1. Oracle Infrastructure.
2. 3rd Party Code Audit.

1. Oracle Infrastructure:

Oraclize has just released their random-datasource Ledger code here. It is needed to verify what code is being executed off-chain.

In the README you will find an explanation of how to verify that the CODEHASH of such code is matching the one you find hardcoded in the proof verification steps.

2. 3rd Party Code Audit:

World, meet vDapps

The vDice platform is proud to make this pre announcement, launching it’s newest game shortly. This represents the 1st game on the vDapps platform.

Originally, we set out with a simple idea; implement classic SatoshiDICE as an Ethereum Smart Contract.

Every blockchain needs simple, effective, on-blockchain gambling. It is a critical piece of infrastructure. So it was built.

Over 1-year ago now, vDice launched. It has been a huge success. To-date vDice has processed almost 50,000 bets on the Ethereum blockchain. It has done over 10,000 ETH in prizes. That is Over US$ 1 million on current exchange rates.

Continue reading “Pre-Game Announcement”

vSlice Update Q1

VSL is important in the Ethereum ecosystem. It connects vDice; one of the only live and working Dapps in Ethereum, to its users and contributors.

Also, it has some novel features running, in production. This is good for Ethereum. These features include its autonomous time locking.

We have ended the 1st quarter of 2017. In these first 3-months the VSL system has been working well.

The Smart Contract is performing as it should. It is time locking / unlocking as expected. Users are receiving their ETH from the autonomous agent Smart Contract, as programmed.

Continue reading “vSlice Update Q1”

OasisDEX Decentralised Exchange

The cryptocurrency market is plagued by the constant exchange hacks and thefts. Decentralised exchange is needed.

Blockchain technology has matured since 2008. Yet, in an otherwise decentralised ecosystem, exchanges are still a centralised sore point.

The solution is obvious; decentralised exchange. And decentralised exchanges are the holy grail of blockchain development. However, they pose some unique technical challenges.

Continue reading “Decentralised Exchange with OasisDEX”

Entrevista con vDice Ethereum, apuestas en la Blockchain y cuál es el futuro de los juegos de apuestas.

Entrevista con vDice Ethereum : Como TechAnnouncer comienza a explorar las oportunidades en torno a la tecnología Blockchain, o lo que ahora se esta convirtiendo en “tecnología de libro de contabilidad distribuido”, hemos entrevistado recientemente a vDice, que responderán preguntas más grandes sobre los juegos de apuestas.

Continue reading “Entrevista con vDice Ethereum”

Play vDice on Mobile

There are 2 emergent platforms for Ethereum Dapps for mobile phones (iOS and Android); Status.im and Inzhoop.com – allowing you to play vDice on mobile.

Continue reading “Play vDice On Mobile”

Development Update February

So much has happened. So much is happening. We’ve been busy. In this development update February we look at it all.

We’ve received a huge amount of feedback, comments, emails, messages and praise. Thank you!

Building a truly great Dapp like vDice is only possible with you; the community.

Continue reading “Development Update February”