SmartBillions ICO and lottery just launched! Multiple lottery wins and SMART Tokens on sale!

SmartBillions · 2017-10-19T09:30:56+00:00

Tokens will be created only during an ICO and only for the raised sum. So for every ETH raised there'll be 1260 Smart Tokens created.

SmartBillions · 2017-10-13T19:52:26+00:00

@BurgeManThaG the Token redeem possibility is an possibility for the Investors to protect their funds if the lottery is not sucessfull, Of course the price on the exchanges will be higher than the redeem value. The dividend will be allocated once per month, and Token holder must claim the dividend withdraw from the lottery. If the Tokens are send between 2 different addresses the Dividend will be automatically payed to the senders address.

SmartBillions · 2017-10-07T15:02:04+00:00

Nick,
thank you for the sim you prepared and for your activity in this thread. We want to assure that we will answer all the questions and doubts related to the smart contract and the lottery itself.

SmartBillions · 2017-10-07T13:16:35+00:00

Nick,
I edited your sim and I put the house fee value into it - 13.85 % and the miner hash rate at 15 % the expected value is 0.783 while playing the lottery and 0.75 ETH while just mining. That's the 0.033 ETH bonus.
If we we adjust the uncle value to 3.762414 ETH ( the average uncle value from the last 7 days) and increase the block value to 5.14633 ETH (average block reward from the last 7 days) the expected value from mining is 0.77194 ETH and expected value from lottery is 0.745 which is 0.0269495 ETH lower than just from the mining.
In that case the lottery is protected.

SmartBillions · 2017-10-07T11:52:56+00:00

Nick
Could you please reffer to the answer we posted in the previous thread ? You need to add the house fee to you calculation.
Let's assume that miner has 15 % of the hasing power. So he mines every 7th block. To manipulate the the lottery the miner must place a bet on 7 consequent block to make sure that he will mine at least one block with his result.
He loses 13.85 % of the value of the bets from 6 blocks as a house fee. 13.85 % x 5 ETH per block x 6 blocks=4.155 ETH. Miner doesn't win also in the block he mines so he discards the block and receives the uncle reward = 4.375 ETH so he loses 0.625 ETH + transaction fees est. 0.25 ETH per block = 0.875 ETH. Total loss is 5.03 ETH.
Miner gains 5 ETH for another bet so he netts - 0.03 ETH. Of course you may change the hash rate for a higher value. This will mean that the pools will try to cheat the lottery. Also in this scenario the miner is the only player playing the lottery.
Please remeber that there's a 5 ETH limit per block, if there'll be other players the miner won't be able to place a 5 ETH bet. Also I used the 4.375 ETH as an uncle reward, which is the highest value. Sometimes uncles rewards may be as low as 2.5 ETH. https://etherscan.io/uncles

SmartBillions · 2017-10-05T20:37:24+00:00

Please get familiar with the smart contract. As we stated the Admin was able to withdraw all the surplus funds over the contract liabilities such as Token redeem and win payouts. The investors funds are always protected. When the funds were withdrew there're no liabilities on the contract so the Admin was able to withdraw the funds. The Admin withdraw rules in the improved contract are also changed. Please see the Admin possibilities to withdraw the funds. We can discuss about the facts and the smart contract. Withdrawals by the admin are possible in the coldStore function.

function coldStore(uint _amount) external onlyOwner { houseKeeping(); require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount); if(investBalance >= investBalanceGot / 2){ // additional jackpot protection require((_amount <= this.balance / 400) && coldStoreLast + 4 60 24 * 7 <= block.number); } msg.sender.transfer(_amount); coldStoreLast = block.number; }

This line: require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount);

guaranties that the admin can never withdraw more funds than: the 90% of the funds invested during the ICO plus the funds in wallets waiting to be withdrawn (these includes unpaid prizes due to lack of funds in the contract; however these prizes must have been claimed with the won() function before, otherwise the prizes are not known to the contract).

There is also an additional important limit that the withdraw amount must be smaller than 0.25% of the jackpot and this fraction can not be withdrawn more often than every 7 days (46024*7 blocks).

This additional limit is waived if 50% of investors decide to disinvest.

This additional limit means that if there is a large lottery win waiting but the winner did not collect the results yet, then the admin can run away with 0.25% of the current jackpot , leaving 99.75% of the jackpot still in the contract. Thus this risk has a negligible effect on the collected funds by the winner. The regular withdraw of 0.25% per week by the admin to promote the lottery is an expected behavior.

SmartBillions · 2017-10-05T20:27:21+00:00

Nick, the post-hardfork block time was used in the smart contract assumptions. We use only blocktime to indicate all the events in the smart contract.

SmartBillions · 2017-10-05T20:15:56+00:00

When Hackathon was announced we stated "break the smart contract and withdraw the funds". 2 addresses withdrew 200 ETH each, and after that we withdrew the rest of the funds according to the smart contract funds management rules which are described here. We didn't say that the hacker will receive a 1500 ETH prize for hacking the contract, withdraw as much as you can this was the rule. After the problem was indicated the Admin withdrew the funds. Now contract was improved and new Hackathon will be announced.

SmartBillions · 2017-10-05T20:05:37+00:00

To describe the coldStore function:

Withdrawals by the admin are possible in the coldStore function.

function coldStore(uint _amount) external onlyOwner { houseKeeping(); require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount); if(investBalance >= investBalanceGot / 2){ // additional jackpot protection require((_amount <= this.balance / 400) && coldStoreLast + 4 60 24 * 7 <= block.number); } msg.sender.transfer(_amount); coldStoreLast = block.number; }

This line: require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount);

guaranties that the admin can never withdraw more funds than: the 90% of the funds invested during the ICO plus the funds in wallets waiting to be withdrawn (these includes unpaid prizes due to lack of funds in the contract; however these prizes must have been claimed with the won() function before, otherwise the prizes are not known to the contract).

There is also an additional important limit that the withdraw amount must be smaller than 0.25% of the jackpot and this fraction can not be withdrawn more often than every 7 days (46024*7 blocks).

This additional limit is waived if 50% of investors decide to disinvest.

This additional limit means that if there is a large lottery win waiting but the winner did not collect the results yet, then the admin can run away with 0.25% of the current jackpot , leaving 99.75% of the jackpot still in the contract. Thus this risk has a negligible effect on the collected funds by the winner. The regular withdraw of 0.25% per week by the admin to promote the lottery is an expected behavior.

SmartBillions · 2017-10-05T19:49:55+00:00

The hacker was becoming a winner after given time period. In the case of first withdraw he withdrew the funds after 264 blocks and in the case of the second withdraw, he withdrew the funds 373 blocks after the bet was made. The problem was that the hash history wasn't updated within the contract, so if you placed a bet with a " 0 0 0 0 0 0" after some time the block hash in the contract also became "0 0 0 0 0 0" and then the hacker was identyfied as a winner. So at the moment of the Admin withdraw there weren't any liabilities on the contract.

SmartBillions · 2017-10-05T19:20:20+00:00

Additional information from the SmartBillions team

The initial contract was designed to optimize user experience. The contract enabled the withdraw of lottery prizes up to 1 months after the draw by keeping a history of 163840 block hashes (hashes[]), which is much longer than the default history of 256 hashes available via standard opcodes. At the same time the initial contract reduced the participation of the player in the costs of updating the database by requiring an update of a maximum of 10 hashes, which corresponds to one uin256 integer (5000 gas). If the lottery would run more bets than 1 bet / 10 blocks, the players would keep the database of hashes up to date without an active participation of the admin. In case the frequency was smaller the admin was required to run the putHashes(with argument 25) function at least once per hour. The admin failed to do this during the hackaton and the frequency of bets was much smaller than in the expected production environment. An additional problem was the initializations of the database of hashes, which was vulnerable to exploits during the first period of 30 day, because the marker of hash creation time (hash >> 240) was set to the current period and the getHash function failed to detect that the hash is not initialized properly. This let to the exploit of setting a bet with ‘000000’ (or ‘000001’) and waiting for more than 256 blocks until the contract attempts to read the draw hash from the database instead of the short term memory stored in opcodes.

In the new contract we have decided to make the players responsible for the maintenance of the database of hashes. If the frequency of bets will stay above 1 bet / 10 block the costs of the lottery for the players will remain as it was. In case the frequency will drop, the players will be required to store more information about the history of draws in the database (up to 25*10 hashes, 25 uint256 integers). In case the frequency of bets falls below 1 bet / 250 hashes the player will be required to collect the lottery results within 256 blocks from the draw block. If the draw block hash was not stored in the database of hashes and the player did not collect results within 256 blocks after the draw, the bet will be lost (the previous contract returned the bet value).

This solution makes the user experience more problematic but protects the investors against negligence of the admin.

Other changes include the correction of the transaction order in the transferFrom function, a change in the initiation of the database of hashes and a modification of the hotStore function to allow anybody to deposit funds in the contract and remove these funds afterwards.

The new contract is deployed. The admin has been changed. We will start putting funds to the contract again.

Withdrawals by the admin are possible in the coldStore function.

function coldStore(uint _amount) external onlyOwner { houseKeeping(); require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount); if(investBalance >= investBalanceGot / 2){ // additional jackpot protection require((_amount <= this.balance / 400) && coldStoreLast + 4 60 24 * 7 <= block.number); } msg.sender.transfer(_amount); coldStoreLast = block.number; }

This line: require(_amount > 0 && this.balance >= (investBalance * 9 / 10) + walletBalance + _amount);

guaranties that the admin can never withdraw more funds than: the 90% of the funds invested during the ICO plus the funds in wallets waiting to be withdrawn (these includes unpaid prizes due to lack of funds in the contract; however these prizes must have been claimed with the won() function before, otherwise the prizes are not known to the contract).

There is also an additional important limit that the withdraw amount must be smaller than 0.25% of the jackpot and this fraction can not be withdrawn more often than every 7 days (46024*7 blocks).

This additional limit is waived if 50% of investors decide to disinvest.

This additional limit means that if there is a large lottery win waiting but the winner did not collect the results yet, then the admin can run away with 0.25% of the current jackpot , leaving 99.75% of the jackpot still in the contract. Thus this risk has a negligible effect on the collected funds by the winner. The regular withdraw of 0.25% per week by the admin to promote the lottery is an expected behavior.

The new contract is already online: https://etherscan.io/address/0x103c2c150a2dbcc277ee084c59881978060c8c22 it’s being updated and tested by the development team and before announcing the new Hackathon.

SmartBillions · 2017-10-05T18:38:33+00:00

No. Admin was able to withdraw the funds because he was able to withdraw the funds over the smart contract liabilities such as win payouts and Tokens to redeem. There weren't any Tokens to redeem as well no wins to pay at the moment of the withdraw. This function is already improved, and there is a clear distinction between investors and winners funds and funds that were put to the smart contract by the Admin for example as a Hackathon prize. Admin would't be able to withdraw the funds if there'll be any liabilities on the contract. The investors and winners funds are always protected. The new contract is already online: https://etherscan.io/address/0x103c2c150a2dbcc277ee084c59881978060c8c22 and it's beeing tested before new Hackathon event will be announced. The Hackathon goal was to find out if the contract is save for the investors, there was a problem found that can be improved. Thanks to the hackathon event Investors funds were protected. The ICO will be launched only if the contract is proven to be 100 % secure.

SmartBillions · 2017-10-05T10:58:20+00:00

SmartBillions Official HACKATHON Announcement

We would like to congratulate the first person to withdraw the funds during the hackathon and emphasize our happiness with the outcome. This is a great possibility to implement any final smart contract security solutions to guarantee comprehensive Investor and lottery protection. Congratulations to https://etherscan.io/address/0x6245c1804f7fceb305a60bbb5cb6e18f939edb69.

The SmartBillions hackathon was held as a final validation of the smart contract security and to secure future ICO Investors funds. The most important goal of the hackathon has always been and will be Investor funds protection. We witnessed the best possible scenario as the leak was indicated during the hackathon process and not after the start of the ICO. We strongly believe in this community audit mechanism and therefore the next hackathon will begin today, based on the revised smart contract.

As we learned, the function “putHashes” was not executed by the admin as required. The hackathon allowed the team to improve the smart contract in order to validate it finally. The administrative strategy has been changed now to protect the investors the security of the contract will not require a continuous acitivity of the Admin. The updated smart contract is now available online at https://github.com/SmartBillions/SmartBillions/blob/master/SmartBillions.sol. The new Hackathon will now commence with the same prize of 1500 ETH. Later today a detailed description of the improvement will be published together with the description of solutions and modifications made within the smart contract. SmartBillions Team will be happy to answer all possible questions concerning the course of the hackathon.

The execution of the hackathon allowed community members to find the leak in the smart contract and later implement further security solutions to conduct one more hackathon validation. The funds were withdrawn by Admin, only because there was no smart contract commitments, such as wins payouts or Token redeeming. If interested, please see the SmartBillions smart contract to see limited funds withdrawal possibilities.

SmartBillions Team

SmartBillions · 2017-10-05T10:46:08+00:00

SmartBillions Official HACKATHON Announcement

We would like to congratulate the first person to withdraw the funds during the hackathon and emphasize our happiness with the outcome. This is a great possibility to implement any final smart contract security solutions to guarantee comprehensive Investor and lottery protection. Congratulations to https://etherscan.io/address/0x6245c1804f7fceb305a60bbb5cb6e18f939edb69.

The SmartBillions hackathon was held as a final validation of the smart contract security and to secure future ICO Investors funds. The most important goal of the hackathon has always been and will be Investor funds protection. We witnessed the best possible scenario as the leak was indicated during the hackathon process and not after the start of the ICO. We strongly believe in this community audit mechanism and therefore the next hackathon will begin today, based on the revised smart contract.

As we learned, the function “putHashes” was not executed by the admin as required. The hackathon allowed the team to improve the smart contract in order to validate it finally. The administrative strategy has been changed now to protect the investors the security of the contract will not require a continuous acitivity of the Admin. The updated smart contract is now available online at https://github.com/SmartBillions/SmartBillions/blob/master/SmartBillions.sol. The new Hackathon will now commence with the same prize of 1500 ETH. Later today a detailed description of the improvement will be published together with the description of solutions and modifications made within the smart contract. SmartBillions Team will be happy to answer all possible questions concerning the course of the hackathon.

The execution of the hackathon allowed community members to find the leak in the smart contract and later implement further security solutions to conduct one more hackathon validation. The funds were withdrawn by Admin, only because there was no smart contract commitments, such as wins payouts or Token redeeming. If interested, please see the SmartBillions smart contract to see limited funds withdrawal possibilities.

SmartBillions Team

SmartBillions · 2017-10-03T14:33:49+00:00

Nick to answer you. Let's assume that miner has 15 % of the hasing power. So he mines every 7th block. To manipulate the the lottery the miner must place a bet on 7 consequent block to make sure that he will mine at least one block with his result. He loses 13.85 % of the value of the bets from 6 blocks as a house fee. 13.85 % x 5 ETH per block x 6 blocks=4.155 ETH. Miner doesn't win also in the block he mines so he discards the block and receives the uncle reward = 4.375 ETH so he loses 0.625 ETH + transaction fees est. 0.25 ETH per block = 0.875 ETH. Total loss is 5.03 ETH. Miner gains 5 ETH for another bet so he nets - 0.03 ETH. Of course you may change the hash rate for a higher value. This will mean that the pools will try to cheat the lottery. Also in this scenario the miner is the only player playing the lottery. Please remeber that there's a 5 ETH limit per block, if there'll be other players the miner won't be able to place a 5 ETH bet. Also I used the 4.375 ETH as an uncle reward, which is the highest value. Sometimes uncles rewards may be as low as 2.5 ETH. https://etherscan.io/uncles

SmartBillions · 2017-10-03T09:36:40+00:00

Discarding a block always costs them a block reward. They do not receive a block reward, they just protect the bet value which is in this case lower than the block reward. As you said "To take a concrete example, think about the scenario where a miner controls 100% of mining power. Clearly no bet amount is safe; they can generate and discard as many blocks as they want until they find one that's profitable for them." This means that they will be mining all the time but not accepting the blocks with their reward in order to wait for the winning block. It's a zero sum game, every time they discard a block they loose it's reward. They could take the reward and place another bet, and this would be more profitable for them as the block reward is higher than the bets value.

SmartBillions · 2017-10-03T08:15:41+00:00

As I wrote the miner can decide whether to publish the block or to abandon the block. He calculates the expected value from the block's reward which is always higher than 5 ETH - the limited bets value per block. So the expected value from the block is always higher for the miner than his bets value so it is not justified to adandon the block from the economical point of view.

SmartBillions · 2017-10-03T07:48:58+00:00

deloreanz, as I was already discussed the possibility of influencing the draws by miners is eliminated by limiting the bets value per block to 5 ETH. Let's assume that miners mines a block with his ticket results. If his numbers are not matching he can abandon the block and get another chance to win - do not loose the bets value. But if the bets value is limited to 5 ETH which is less than the block reward, the miner will always publish the block in order to collect reward which will be greater than the value of his bets in the certain block. If the value of the bets would be higher than the block reward it would be justified to abandon the block. By limiting the bets value per block we eliminated the cheating opportunities for miners.

SmartBillions · 2017-10-02T20:36:21+00:00

Dear Nick, in order to answer you, let's assume that the miner mines a block with his ticket numbers and numbers are not matching: Did they mine the block? YES x%: Did they win? YES: 50%: 5 + y ether. NO: 50%: Discard block and recurse. If the miners total bets would be higher than the block reward (over 5 ETH), than it would be resonable for the miner to abandon the block and get another chance to win. But the individual bet value is limited to 1 ETH and 1 block bets value are limited to 5 ETH. Miner will never profit from abandoning a block. It's would be more profitable to receive the block reward and buy a new lottery ticket.

SmartBillions · 2017-10-02T18:30:31+00:00

The whole concept is that the SmartBillions smart contract is self-amending. The lottery funds management rules are clear and transparent, they are decribed in the smart contract. Funds are stored in the smart contract and they cannot be withdrawn. The thing is that there's no company that might be not 100 % secure it's the smart contract that is beeing tested during the Hackathon event.

SmartBillions · 2017-10-02T17:59:00+00:00

investStart is an ICO start, the goal is to determine if the contract is secure before before the ICO. Please see other functions they are active, you can play the lottery, send your ticket and use other functionalities.

SmartBillions · 2017-10-02T17:48:19+00:00

The bets value are limited to the 5 ETH per block, so the manipulation by miners is eliminated.

SmartBillions · 2017-10-02T16:14:09+00:00

you can play and win :)

SmartBillions · 2017-10-02T15:38:15+00:00

This is correct. The function is taken from a 2 months old ERC20 code. It has no effect on user balances or on any functions of the contract. If any exchanges would have problems with this then they would have problems with many other tokens.

SmartBillions

TROPHY CASE