You are viewing a single comment's thread from:
RE: upcoming changes in Gridcoin (e.g. effects on less rich users; fixes on (known) exploits)
hijacking beacons (stealing an user's CPID registration)
For the love of everything, can we have less of these tiny FUD sentences with no explanation? For example, this specific item was discussed between Rob and Martin in the dev channel on Slack, and Martin conceded it is not possible anymore due to automatic beacon renewal 2 weeks before expiry. Further, the network will prefer the older keys over a newer set.
This drastic change was needed to eliminate an exploit.
Which was?
Good point. But as far as I remember Rob has written that the client always prefers the newest matching keypair ;)
If that were the case, I could take any CPID I wanted from anyone else. Get their email from the blockchain, get their CPID from any of a number of sources, use them to request a new keypair by sending a beacon and I own the CPID.
I just copied from chat: