“Money games outside the blockchain must die”



    Dmitry Pichulin, known by his nickname “deemru”, became the winner of the Fhloston Paradise game developed by Tradisys on the Waves blockchain.

    To win the game , the player had to make the most recent bet during a period of 60 blocks - before the bet was made by another player, thereby resetting the counter. The winner got all the money bet by other players.

    Victory to Dmitry was brought by the bot Patrollo created by him . Dmitry made only eight bets on one WAVES and as a result won 4700 WAVES (836300 rubles). In an interview, Dmitry talked about his bot and the prospects for blockchain games.


    Tell a little about yourself. What do you do? When did you get interested in blockchain technology?

    I am a developer in the field of information security. He came to the blockchain with a “hype” of 2017, figured out the technology and stayed for the sake of technology.

    What became the main motivation for participating in the game?

    First of all, a technical interest. I wanted to figure out how it works, find vulnerabilities, prevent the game from ending, and of course, “troll” the other players.

    Have you decided how to spend your winnings? What will you keep it in, if you decide not to spend it yet?

    I didn’t figure out what to do with the win. I did not expect it, so there are no plans. While it will lie as is. Maybe it will flow into some project on Waves.

    Why did you decide to take part in the game using a bot? How did the idea of ​​Patrollo come about? Could you tell us more about its development?

    With vulnerabilities did not work. I “picked up” the game in the test network, played with myself, tried all the options, but everything turned out to be “hard”, there are no vulnerabilities in the contract. It became clear that one could not win this way.

    How did you look for vulnerabilities? What were your hypotheses? Could you give some sample code?

    There were two hypotheses. First, an attack on data type checks in data transaction records. For example, I was hoping that poor coding would circumvent the check for reusing transaction IDs. The second is an attack on integer overflow. I figured there was a way to set too high or negative heights and try to be in the past.

    $ tx = $ wk-> txBroadcast ($ wk-> txSign ($ wk-> txData (['heightToGetMoney' => -9223372036854775807])));

    What did you do when you saw that expectations for vulnerabilities were not confirmed?

    In his telegram chat, Tradisys lamented that while everything is quiet on the network, the game will be eternal, but in the confusion (with node updates or unforeseen forks) the chances of good bots are increasing. In the same chat room, I accepted the challenge of writing a good bot, which I did in a couple of days. I wrote Patrollo code in PHP, based on my WavesKit framework , in which I try to fix all the best techniques for working with blockchain.

    I checked the work in the test network, posted the code on github, launched the bot on the main network and forgot about it.

    My configuration of Patrollo was supposed to solve two problems: place bets as little as possible and work as reliable as possible.

    The first is decided by extremely risky bets, preferably in the very last block. As a result, I still put the bot on the penultimate block, but with an additional delay of 29 seconds. This allowed us to make only eight bets for the entire time of the game.

    Why exactly 29 seconds? How did you arrive at this number?

    29 seconds appeared gradually. At first there was no delay, but I noticed that there were cases of simultaneous bets on the penultimate block - that is, there was no point in betting. Then there was a delay - it seems, at 17 seconds, but it did not help either: there were still simultaneous bets. Then I decided to take risks harder, but certainly not to have simultaneous bets. Why 17, 29, etc.? Just a love of primes. 24, 25, 26, 27, 28, 30 are all composite. And more than 30 seconds would be completely risky.

    How was the reliability issue resolved?

    Reliability was mainly determined by the mechanism for selecting the working node and, to a lesser extent, by conducting a transfer transaction for the bet in advance, so that the bet in the data transaction already accurately referred to the transaction existing in the blockchain.

    During each circle of the cycle, all nodes specified in the configuration were interrogated for their current height, the node with the greatest current height was selected, and further interaction took place with it. In my understanding, this was supposed to protect against forks, inaccessibility, caching and possible errors on nodes. There is confidence that it was this simple mechanism that led to victory.

    What, in your opinion, are the main features and advantages of blockchain games? How promising are public blockchains in general and Waves blockchains in particular for game development?

    The main advantages are the well-known, fixed and unchanging rules of the game, plus equal conditions for access to the game from anywhere in the world.

    Games for money outside the blockchain must die.

    Waves has rich technical functionality, but there are nuances, both inherent in any blockchain, and specific. Both those and others are not very well reflected in the existing developer tools.

    For example, if you tried to react to transactions in real time, and not at a distance of 5-10 confirmations, you would have learned about rare but occurring phenomena: jumping transactions from block to block, missing transactions in certain blocks and appearing in others. All this is critical for the speed and reliability of any applications and should be decided in a general way, but so far each developer reaches the level of reliability he needs on his own. Over time, of course, all this will be solved, but so far there is a certain, rather high, entry threshold and fear of the specifics of the work of truly decentralized blockchains in general.

    How is the FOMO game different from other blockchain games you know? What are its advantages and disadvantages?


    These are long-term games. Interest in such games grows with the magnitude of the gain, and the magnitude of the gain grows with time.

    Ideal if the game never ends. When the game ends - it's sad ...

    Recently, the game Fhloston Paradise 2 was launched . Do you plan to take part in it?

    Yes, if there is time and interest, I will take the same steps: analysis for vulnerabilities, playing with myself in a test network, bot, open source, etc.

    In conclusion, please tell us about your plans as a developer.

    I am interested in solving unsolved problems, and the blockchain topic has many unsolved problems. This is a real challenge! And he is accepted.

    Also popular now: