Latest Study Shows a New ‘Illegal Profits’ Bug Affecting Augur Can’t be Fixed Without Major Update
As per reports circulating on the internet over the past couple of days, it appears as though decentralized betting protocol “Augur” is currently being affected by a bug that allows miscreants to procure illegitimate profits by using the platform’s gaming module.
In the wake of this latest discovery, Augur co-founder recently Joey Krug took to Twitter to address some of the issues put forth by the platform’s online community regarding the possibility of scammers taking over the network.
1) Almost all of these purposefully confusing markets are being created by one person, not a bunch of people. The activity on those markets is also by one person / address. https://t.co/9jLIeGqun9
— Joey Krug (@joeykrug) March 20, 2019
For those of our readers who might not be aware, miscreants and hackers currently have the ability to establish a large number of invalid markets on Augur— thereby giving them the power to fool the system and re-distribute the profits to themselves.
Bad News: Latest Bug Might Not Be FIXABLE!!!
In regards to this latest scam, we should point out that even though the folks over at Augur are trying their best to contain this issue, miscreants still have the option to intentionally create invalid markets— thereby allowing them to bet on wrong outcomes and still walk away with some profits.
It is being said that the Augur dev team has already attempted to rectify this loophole through the use of “validity bonds.” In their most basic sense, these validity bonds can be thought of as “collateral” that Augur can confiscate from a user if he/she is found trying to cheat the system.
In a recent interview with Joey Krug, the Augur executive was quoted as saying:
“With validity bonds, the idea is you lose money if you create an invalid market. But right now the formula to calculate them isn’t working properly.”
Additionally, there still exists an algorithm within Augur’s operational framework that is proving to be troublesome for the platform’s developers — since it is designed to decide how much money is lost when invalid markets are intentionally created.
“Right now, they don’t lose much, and the system is supposed to raise that amount over time until the number of invalid markets decreases, but that’s buggy, so that will be fixed,”
However, it appears as though this bug cannot be fixed easily, since it requires the native Augur smart contract code to be upgraded — a process that is quite cumbersome to say the least.
Lastly, it should also be made clear that Augur‘s next major update is scheduled to take place at the end of this year.
More on the Matter
While an airtight solution might still take some time to implement, Krug believes that there is a temporary fix that will keep bad actors at bay for the foreseeable future.
In addition to this, he criticized Reddit users for overtly inflating the current issue— claiming that Augur isn’t infested with scammers as is being projected on various social media platforms right now.
“These aren’t things to be rushed. I think it’s probably easier to address UI side, by warning people about this stuff more. The Reddit thread acted like this is a super common occurrence, but this is the only second popular market I’ve seen with this exact issue.”
For the time being, it is highly advisable for platform users to simply pay close attention to the “descriptions and dates listed on Augur markets” — doing so can avoid a lot of monetary troubles for all of the involved parties.
As mentioned previously, Krug and his team are currently in the process of testing and auditing a UI that is capable of automatically detecting suspicious bidding activities. However, such an update will not go live until Augur 2.0 is deployed.
Last but not least, Krug claims that the only instance where the aforementioned “invalid market scam” was truly invoked was when the US midterm elections were going on last year.
“Both markets were created by the same Ethereum address, too. So it’s someone purposefully trying to trick people.”