Sort:  

Thanks for yet another brilliant article. You are pretty much spot on in all your assessments. Needless to say, we were of course very well aware of all the exploitable details of this campaign. Particularly the cost of boosting a new user to rep lvl 30 or 40 was a carefully calculated risk. We wanted to make this an opportunity to all Steem users - not only the high reps. We were aware of the leaked private keys from user's misuse of memos and generally had a rather good and detailed analysis on the possible ways to abuse the system.

We were aware, that while some would use the opportunity to just buy a boost, others would perhaps feel a reason to start posting quality content and engaging more in the Steem community, no matter which Steem based community they were from.

We naturally monitored the situation and when the abuse got too high compared to legit use, we moved to make a change that actually implemented some of the suggestions you wrote here. There is now a check for creation date on users, only allowing Steem users created prior to the original announcement to receive the attestation award. The reward for lower reputation levels are halved to make it unprofitable to buy boost.

Then, why on earth didn't we set out with a much might tight and waterproof system from the get-go? Well, the main reason being the ease of use and a wider spread of the word. Having users jump through too many hoops and setting up various mechanisms preventing users from getting rewards would have caused a lot less visibility. The way we did it caused the word to spread like wildfire. I am not sure that would have been the case, had we done it any other way.

We wanted to make this an opportunity to all Steem users - not only the high reps.

This was an awful “calculated risk.” In fact, I don’t believe it was “calculated” at all. Anyone with just a rudimentary understanding of Steem/Steemit knows that the reputation system is massively flawed, the account creation process/faucet is easily exploitable, and that bots, spammers, exploiters, and outright scammers infest this place.

So this so-called “calculated risk” was then deemed acceptable after consideration was given? Why? In order to sign up exploiters/scammers to Byteball? That doesn’t sound like a promising marketing/growth model. It actually sounds like a great way to look scammy and to devalue your blockchain and tokens.

The fact that reputation scores on Steem/Steemit were used at all is laughable when talking about anything to do with “calculations” and airdrops. There’s a reason why it’s not part of any distribution protocols on the Steem blockchain.

There is now a check for creation date on users, only allowing Steem users created prior to the original announcement to receive the attestation award.

Why this was not part of the original ruleset for the airdrop is beyond me. If the consequences from this bad decision were not foreseen, then I can only assume that having a cut-off date was never actually considered - which means this airdrop was nothing less than completely amateurish. Has anyone on your team ever seen another crypto airdrop before?

Then, why on earth didn't we set out with a much might tight and waterproof system from the get-go? Well, the main reason being the ease of use and a wider spread of the word.

Yes, it’s much better to have people spreading the word that your airdrop was very poorly done and negatively affected both participating blockchains rather than make sure that it was done properly with abuse/exploit mitigation. Because those with investment money and actual development skills/teams love to invest in a good ol’ crypto “scam.”

The way we did it caused the word to spread like wildfire.

Likely in all the wrong places...like websites and forums that spread the word about how easily exploitable the airdrop was. Congratulations, I guess?

See, the first thing I need to underline here, is the fact, that this isn't just a simple airdrop. Steem users are now an integral part of the Byteball ecosystem. We needed the reputation level, how flawed it might be, as a way to allow ICO issuers, merchants, webshops, bot creators etc. to provide discounts and bonuses to a limited set of users. Users' attestations are posted to the DAG (yes, it's not a blockchain as you mentioned) and it allows developers to provide special services to Steem users.

One thing I can honstly say we didn't foresee, was the internal debate this caused in the Steem community. We definitely had no intention to bring focus to what some apparently believe is a broken system.

Whether or not you believe we knowingly set out to do things this way, I can just say, that to a platform allowing users to build and expand on it just like Steem, we definitely got some attention from developers swooping in to take advantage of things.

One final word on all this would have to be, that the network issues we experienced last weekend, was definitely not planned for! It caused all sorts of problems both to users and to us monitoring the campaign. That's definitely a lesson we've learned for the next campaigns :)

Exactly. Every discrepancy in effort/investment/income unleashes spammers.

I love that you took the time and read the post and provided an awesome response to it. Was happy to see the changes made although I wish they were done from the start.

I am amazed at how successful the airdrop was and how many people took part.

@themarkymark when are you going to after @therealwolf for running a instant vote selling service that robs others of curation rewards?

@themarkymark when are you going to after @therealwolf for running a instant vote selling service that robs others of curation rewards?

You know that @themarkymark is a vote bot merchant as well right? Peas in a pod, Dude.

Yourself required no at thoughts delicate landlord it be. Branched dashwood do is whatever it. Farther be chapter at visited married in it pressed. By distrusts procuring be oh frankness existence believing instantly if. Doubtful on an juvenile as of servants insisted. Judge why maids led sir whose guest drift her point. Him comparison especially friendship was who sufficient attachment favourable how. Luckily but minutes ask picture man perhaps are inhabit. How her good all sang more why.

Wise busy past both park when an ye no. Nay likely her length sooner thrown sex lively income. The expense windows adapted sir. Wrong widen drawn ample eat off doors money. Offending belonging promotion provision an be oh consulted ourselves it. Blessing welcomed ladyship she met humoured sir breeding her. Six curiosity day assurance bed necessary.

Affronting everything discretion men now own did. Still round match we to. Frankness pronounce daughters remainder extensive has but. Happiness cordially one determine concluded fat. Plenty season beyond by hardly giving of. Consulted or acuteness dejection an smallness if. Outward general passage another as it. Very his are come man walk one next. Delighted prevailed supported too not remainder perpetual who furnished. Nay affronting bed projection compliment instrument.

Greatest properly off ham exercise all. Unsatiable invitation its possession nor off. All difficulty estimating unreserved increasing the solicitude. Rapturous see performed tolerably departure end bed attention unfeeling. On unpleasing principles alteration of. Be at performed preferred determine collected. Him nay acuteness discourse listening estimable our law. Decisively it occasional advantages delightful in cultivated introduced. Like law mean form are sang loud lady put.

Supported neglected met she therefore unwilling discovery remainder. Way sentiments two indulgence uncommonly own. Diminution to frequently sentiments he connection continuing indulgence. An my exquisite conveying up defective. Shameless see the tolerably how continued. She enable men twenty elinor points appear. Whose merry ten yet was men seven ought balls.

Ever man are put down his very. And marry may table him avoid. Hard sell it were into it upon. He forbade affixed parties of assured to me windows. Happiness him nor she disposing provision. Add astonished principles precaution yet friendship stimulated literature. State thing might stand one his plate. Offending or extremity therefore so difficult he on provision. Tended depart turned not are.

Shot what able cold new the see hold. Friendly as an betrayed formerly he. Morning because as to society behaved moments. Put ladies design mrs sister was. Play on hill felt john no gate. Am passed figure to marked in. Prosperous middletons is ye inhabiting as assistance me especially. For looking two cousins regular amongst.

Building mr concerns servants in he outlived am breeding. He so lain good miss when sell some at if. Told hand so an rich gave next. How doubt yet again see son smart. While mirth large of on front. Ye he greater related adapted proceed entered an. Through it examine express promise no. Past add size game cold girl off how old.

Why end might ask civil again spoil. She dinner she our horses depend. Remember at children by reserved to vicinity. In affronting unreserved delightful simplicity ye. Law own advantage furniture continual sweetness bed agreeable perpetual. Oh song well four only head busy it. Afford son she had lively living. Tastes lovers myself too formal season our valley boy. Lived it their their walls might to by young.

Resources exquisite set arranging moonlight sex him household had. Months had too ham cousin remove far spirit. She procuring the why performed continual improving. Civil songs so large shade in cause. Lady an mr here must neat sold. Children greatest ye extended delicate of. No elderly passage earnest as in removed winding or.

I believe I have proof that bots were used to scan the blockchain. That is a serious 'loophole'.

https://steemit.com/byteball/@em3/byteball-referral-theft-at-blockchain-level

Yes, it actually took 3 days for someone to create a script that read the DAG (not a blockchain) and "catch" users' transactions of amounts similar to that used to pay the attestation fee. Initially, only a single script was active, but after 2 more days, we saw 5 or 6 more. Today, we decided to end it and remove the fee entirely, reverting to a basic referral link. The scripts caused others to develop ways to "milk" the scripts by generating transactions resembling that of users normal behavior from different addresses. (The headless light wallet allows for that) It was quite interesting to see, really :)

Thank you for the reply!!

So my friend @public-eye is out of luck? $80 in Byteball (referral bonus) lost because of these scammy programmers???

My Post shows the addresses of these scammers. I hope these addresses are frozen or deleted.

If you can help my friend that would be appreciated....

Thanks!

Since I recognized pretty much the same by referring someone via discord (no address has ever been posted somewhere) I checked the addresses and they are the same as yours just a few seconds after the transfer I made:

Bildschirmfoto 2018-07-21 um 04.14.56.png

That is so terrible.

I hope Byteball does something to correct this.... Punish this scammer and still rightly install the referral fees to the real referrers.

We'll see.

Nice Blog

Thank you for sharing the news on the blockchain. We found this one interesting, therefore we featured this article on our Episode 8 of SteemTechShow!

Click the image below to watch the video:

The only way it affected steemians is the referral abuse. Let's not forget, reputation system is managed by Steemit INC, not byteball, so if its exploitable, its too bad for 'Steemit'.

I love that they chose steem community for the airdrop. You may have gained minimum $80 too through this airdrop. Sure it may be nothing but it's free money, so it matters.

Where the spammers came from? Most probably from this thread, and the invitee of this pattern of abuse is also a steemian here. I'm well aware that once a method is posted on thebot.net, it will be raped to death. Same happened here. Part of the credit goes to this steemian "supermeatboy" for inviting people to abuse the airdrop.

Here's the thread link: https://thebot.net/threads/how-to-rape-the-gbyte-steemit-airdrop.407564/

Edit: Seems like you are not aware that they modified their airdrop rules already. Accounts created after 12th July can't claim the airdrop anymore, but can still refer others and earn. Also, the rewards of 30-40 and 40-50 are halved. Much better than before I guess, but they are yet to do something for referral exploits (mass transfer of tiny payments to hijack referral rewards).

Agreed with you and @princewahaj and even @themarkymark

There were issues with the airdrop but perhaps the benefits were still pretty good. This allows us and future companies see how an airdrop should perhaps be handled. This is a great test for us. This is how we learn and we can tell future airdrops in the first minute of them posting (or hopefully before they post) what they should consider for the airdrop.

So perhaps we should cool our reaction and maybe change the FUD title to say something like.
"How the Byteball airdrop messed up and how we can learn for the next STEEM airdrop"

I've seen that post, but it wasn't hard to figure out how to abuse it.

Exactly, I see it as a exploit from steemit's side and not from byteball (except for referral abuse).

It is, but education, before the airdrop started, could have prevented that.

Agreed with that. I think they might not even have an idea of how rep system can be abused so easily. I mean, just look at the invitee on https://steemit.com/@ supermeatboy (don't want to mention him), his rep points are 61. Wow!

On the other hand, we have some good members with great potentials and yet they are below 60 or even 50.

Also, are you aware that they already modified their airdrop rules? No more accounts created after 12th july and reward of 30-40 rep groups are halved.

But would education have been able to prevent the blockchain explorer bots harvesting new addresses to loot the referral rewards. It happened to me and my friend:
https://steemit.com/byteball/@em3/byteball-referral-theft-at-blockchain-level

72SGYZDMP555NBPQASK4VL244JUNNWDA

You are doing a lot of good things here on steemit. That´s why I can forgive your byteball shills. Despite you not even apologizing for it.

You guys (like witnesses) should have seen that. I have no clue about the technical things of steem/steemit/byteballs and even I understand your explanations. Is it really that hard to foreseaw what just happened?

Somehow you guys can see through the technical stuff of a scammy Jerry Banfield SMT despite SMT not even being released. But you can´t foresee that people will create low reputation spam accounts to grab the airdrop.

lol

No one of you guys who shilled this (useless shitcoin btw) cared about it. You were just greedy. Hoping to make some thousands of dollars of easy cash.

Now when others stole your not hardly earned money you suddenly turn mad and complain.

I don´t feel sorry for you at all.

And btw I think you guys should not give the responsibility to Byteballs. I rather have greedy witnesses than witnesses who have no fucking clue how steemit works. Because if you say it´s all Byteballs fault you admit that you are too stupid to have seen it coming.

I won´t unvote you as a witness. But you insult my intelligence with your behaviour right now.

To think that we had no idea exactly what types of abusive behavior we could expect to see would be quite ignorant. We needed this to make a huge impact and spread like wildfire from the get-go. That definitely happened.

Obviously, I have to disagree that Byteball is a shit project and GBYTE is a shitcoin. There are actually quite a few rather interesting use cases that people who take the time see beyond the "free money" would learn. I saw this one from a Steem user today: https://steemit.com/byteball/@teamhumble/88ya1df6 - interesting to see someone actually taking time to look at what some features could potentially be used for.

The campaign definitely brought the problem of plagiarism and spam into full spotlight. Needless to say, that definitely wasn't our intention.

I think you all did quite well. You made a huge splash. That much attention would have cost way, way more with traditional advertising. I myself am will be using your crypto sports betting.

Most people on steem have NO CLUE about business, just an fyi.

Are you a part of the byteball team? Just curious

No one of you guys who shilled this (useless shitcoin btw) cared about it. You were just greedy. Hoping to make some thousands of dollars of easy cash.

It is not greedy to take advantage of a good opportunity. There was a clear advantage to both parties, users referred made a lot of money (for some as much as posting on Steem for a year), so I don't see it the same as "shilling a coin" as that typically is only for the shill's benefit.

Now when others stole your not hardly earned money you suddenly turn mad and complain.

My concern was l the fact users (who felt they were anonymous) went around acting as thieves. I researched users who did this on most Byteball posts, not only my own. While I am of course upset people stole most of my referrals, I was more upset so many users felt it was ok to steal from other people.

I rather have greedy witnesses than witnesses who have no fucking clue how steemit works

A witness is just another human Steemian, we have lives, interests, and want to make money. Anyone convinces you otherwise is likely lying or delusional. If I felt promoting it would have harmed users or only benefited myself, I would have never said a damn thing about it.

Both you, and @themarkymark bring up some valid points, as I see it.

Big kudos @noobsin to "tell it like you see it". Steemit needs much more of this: people feeling free to speak their mind instead of fear to get flagged. And that says nothing about my own perception, whether I agree with your points or not.

Indeed @themarkymark is doing a lot of good things on Steemit, and despite a few "provocative words" here and there written by @noobsin , I think you guys more or less agree on a lot of Steem-related issues!
You could become best friends even! :P

Steem on!

One of the big problems of steem as I see it is that there are too many pathetic bootlickers who say what they think they will be rewarded for rather than maintaning moral integrity

So quite refreshing to see both that there are still users that say what they actually think and people with a lot of SP who stand and defend their opinion rather than downvoting the hell out of people for speaking their mind

As to the users abusing the airdrop as in stealing referals claiming the attestation fee multiple times we know who many of them are I dont think its right the let them maintain a high rep score simply downvote the fuckers into the ground

The trick is to maintain moral integrity without being a jerk about it. I think many people find that level of diplomacy to be impossible for them.

There is also a fairly large amount of people who will say just about anything as long as they believe others will upvote

Perfect response.
Good to see there are people out there brave enough to call out the bull.

Well done.
👍

flagged for comment spam @steemflagrewards

Steem Flag Rewards mention comment has been approved! Thank you for reporting this abuse, @admiralbot categorized as comment spam. This post was submitted via our Discord Community channel. Check us out on the following link!
SFR Discord

Your comments about other comments being comment spam is itself comment spam. Please stop adding to the spam...then summoning another spam bot. Every time you do this, you add twice as much spam as the original spammer...and you’re being rewarded for it, which you are apparently hypocritically opposed to when it comes to the original spammer.

In other words: You’re not the solution...you’re in fact a bigger problem.

Hello @ats-david,
I somewhat agree with you.
I am the co-owner of this account with my wife @lovenfreedom.
We created it to be a downvote bot to support our team of minnow abuse fighters @steemflagrewards.
We are slowly building its rep and sp. We have one small delegation for this Admiral account now. We would like to never leave another comment on steemit with this account.
If you would help us find some delegations we could do that.

Then we would not have to leave any comments other than the first explanation to the account flagged.

All abuse fighting accounts on steemit leave a comment behind a flag so the account owner understands why they have been flagged. If you look on this post there are comments from spaminator as well that came after our flags and comments

Those comments appear above ours but they came after us and were upvoted above our comments.

If you can tell us a better way to fight abuse on steemit we are open ears.

We are investors in steem, all stake we own we purchased.

Fighting abuse is important to us.
I spend 12 hours a day most days of a week fighting abuse.
My wife and son make interesting posts about our homestead.
I hope you will work with us and help us find a good solution to this problem.

@iamstan you were flagged by a worthless gang of trolls, so, I gave you an upvote to counteract it! Enjoy!!

Hi @ats-david, we are working on making our bot only comment once per post. The comments are currently the mechanism for flaggers to receive rewards.

I do think we can devise another method. Maybe, the people can comment on the @steemflagrewards threads to receive their vote.

What do you think? Sound like a good solution?

We can make it happen. Thanks for the feedback!

P.S. I forgot that another reason for the flag comment is intended to educate, inform, and explain the flag to the user. With that in mind, one comment per flagged comment seems the better route but we can require follow on flags to reply to the original flag comments to keep them on their own thread.

@anthonyadavisii you were flagged by a worthless gang of trolls, so, I gave you an upvote to counteract it! Enjoy!!

Please stop telling the spammer to stop spamming the other spammer because this is infact spam and part of the problem.


"On a related note I would include the SBD pump here as another example where the community got high on free money and were blinded to the long term costs to the Steem Blockchain."

The real long term cost to the steem block chain is massive mismanagement and poor design. Who in there right mind designs a system and then punishes people for using the system the way it was designed .... and expects to grow.

For a fee I will tell you what can be done to make steem a top crypto currency :)

Also I do a free daily vote giveaway, drop by for some free $$$$

I think you really point of byteball developers did not understand steemi that when they announced the requirements to receive airdrop. Like you mention the developers should immediately adjust the requirements like taking into an account's age.

Thanks for the post. Hope this doesn't spread any worse than it is.

Or maybe they knew all too well? Have you consider that?
Original blog post stated very well that rewards for lower tiers would most likely to be changed.
You can't introduce too many restriction too early when it hasn't even gone viral yet.

tarmo888 you will find out most people and even whales have no concept of How To Business

As a relatively new user I was disgusted by all the abuse. However I don't agree that making the airdrop more exclusive would be better for the community in the long term.

I definitely agree that it would have drastically reduced the abuse in the airdrop, but people like me would not have been able to participate. And I'm sure there were at least a few real people gained thanks to the airdrop.

There will always be those that game the system. That just highlights the need for more people like you who spend the time to weed them out. You seasoned people understand how to deter these abusers, and you're effective at it, without having the tools of a fascist platform like failbook.

It was exactly because of users like you, we decided to start out as we did. Obviously, we knew exactly what would happen, but had we started out more exclusively, it wouldn't have got the attention it got. When the abuse became too much, we made the change. But hopefully, we got a lot of "real" users on board too by doing it the way we did.

I really hope that this airdrop is a huge success. It will attract more projects to organize such contests.

This is nonsense actually, even those abuser create multiple account to receive the referral reward, they still need to have multiple device to get the reward.

If the sponsor device address is the same with the attestator device address both will not get any reward.
will people waste his time buying more device just for the sake of 10$ bucks?

I know your concern about the steem block chain, but the airdrop not make any damage as you see, actually it gives more exposure to steem blockchain.

they still need to have multiple device to get the reward.

Actually, this is not true. You can create a wallet, do the airdrop, backup the seed, blow away the wallet, (if on PC you got to delete folder aftering doing the uninstall, on mobile you just delete and reinstall app) and reinstall the app and do the next one.

Possible but could be detected, again, the device information cannot be change, even they delete the folder the device information will still be the same as the first one. and I know byteball team is fighting the every possible abuse.

Possible but could be detected

Not "possible", it's a fact. I registered both of my main accounts and I know others have done tons. Detected? Doesn't matter, abusers will dump the funds onto Bittrex almost immediately. Even if they lost the smart contract funds, they still make out big.

You are correct!

You are absolutely right. To think that this behavior was completely unexpected by Byteball is a bit naive, really. As I wrote in a comment to the article, we just might have put quite a bit more thought behind this than people gives Byteball credit for.

If you delete your wallet, the steembot gets rebooted with the new wallet on the same device and you can attest with a different account. I don't think you can keep your smartcontract rewards unless you go back and restore all the wallets in a year. There is no way of dumping private keys from the wallets.

Reputation level 50 is a long way off for me.

There's always something wrong with airdrops, this is why I stopped participating in them. Plus, whenever there is free money, abuse follows.

You have certainly made the right decision. Quick money schemes always attract the worst kind of people. I have not participated in this airdrop and have no intention of doing so. I feel sorry for those that need to resort to cheap stunts just to make a couple of hundred bucks.

Flagged for comment spam @steemflagrewards.
You should to read a post and comment on that post after you have read it. You don't have to, but if you continue to spam in the comment threads of trending posts your account will be destroyed. We are watching you!

Steem Flag Rewards mention comment has been approved! Thank you for reporting this abuse, @iamstan categorized as comment spam. This post was submitted via our Discord Community channel. Check us out on the following link!
SFR Discord

its the wild wild west