Week 1 :” The quest for solidity”
As our Telegram group is about to reach 3000 members, we wanted to give you more details about what is going on behind the scenes.
The Trontopia project was born a couple of months back, started by a team of blockchain gamers full of energy and wanting to bring something new to the space.
A platform that you don’t need to trust, (trustless) where the game logic and every single functions are coded into smart contracts.
We are willing to make those contracts open source and visible to any players.
No tricks, no hidden code.
We intend to show that true provable fairness and transparency is possible to achieve in the TRON DAPPS ecosystem, and that users could highly benefit from it.
The challenging nature of crypto, especially the blockchain gaming space is that it is fairly a new technology, and that it requires a special attention to code.
Since the postponed launch announcement on monday, our team really took a step back, and we have started to look for some of the best Solidity developers in the game to assist us and ask them if they could audit our code.
We are currently in talks with a very well respected Smart contract audit team that we will announce shortly.
Those developers are all top tier / senior auditors and will make sure to provide a flawless code.
At Trontopia we love challenges, and always taking things that are happening to us as a lesson to grow and adapt.
Important changes were needed, and we are now taking the proper measures and associating with the right teams.
Currently there are two critical areas we need to alter in our contracts to provide them with the long term security that we all expect.
Below are a couple of the TXID’s of the method of attack used on us prior to our launch.
https://tronscan.org/#/transaction/cf65f04304ff8f7f9847b3c9b34657a8b7e1f496ae7aed4e9c697dae6233bddb
Hash cf65f04304ff8f7f9847b3c9b34657a8b7e1f496ae7aed4e9c697dae6233bddband
https://tronscan.org/#/transaction/e207432162aecf614cc47c8e9b5e5d54e5fa8e0a1055331a75b3eda900c7d421
Hash
e207432162aecf614cc47c8e9b5e5d54e5fa8e0a1055331a75b3eda900c7d421The method used above, utilised another “attacking” smart contract on the network.
This contract was able to read the byte code for the transaction and determine if the result was a win, or a loss very quickly.
If it was a loss, attacking contract could withdraw the bet, and cause his losing roll to “fail.”
With this, the attacker was able to guarantee only winning bets would confirm.
The other area of change we are going to be making is in regards to the generation of our seeds.
We will be adding an extra layer of security in this area to insure our seeds are truly unpredictable by anyone.
This will protect from the possibility of any outside attack on the contract or it’s random number generation.
We have several options for improving the security here, and we are working with our auditors and developers to determine the best and most secure path, that also maintains our fairness and core decentralization values.
Once finished, this process will bring outstanding security to our players.
Thank you Topians, we’ll be back shortly.
