Introducing The Noble Bot

in busy •  6 years ago 

noble-bot.png

I am glad to introduce the @noblebot that scans STEEM Blockchain for passwords and active keys but it won't harm your account or steal your hard-earned STEEMs or SBDs. This bot is of a NOBLE character.

noble.png

Why This Bot?

A few days ago @abh12345 wrote an article asking developers to write a program that will do what @sami100 did with @surfermarly and many others account but with a good intension.

While we are waiting for the above to be added to all applications where transfers are possible, I was wondering if someone could write a piece of code to do what @sami100's script is doing, but with the intentions of beating this evil script owner to the mark?

This piece of software would return the stolen money or keys to the original owner (after some form of verification), basically preventing similar scrupulous programs from getting the account or its funds.

I made this bot in response to his post.

What Can You Expect?

When this bot gets victim's misplaced key, it will determine the key type and react accordingly.

If it gets a password, it will change the password. Changing password changes all the keys for that account. So, no one will be able to steal funds from that account.

If it gets an active key, it will transfer all liquid funds (both STEEM and SBD) to victim's savings wallet. Savings wallet has a 3-day withdrawal waiting period, so funds should be safe.

If this bot changes your password, you'll be notified via wallet message with instructions to get your account back.

Will It Be Effective?

Honestly I am not sure but I can guarantee you that if @noblebot gets your key first, you won't lose your account or funds.

What is Coming?

This bot is in beta state. Most of the notifications and verifications will be done manually for now. But in future there would be some automation.

If you need to contact me, I am available on Discord as @reazuliqbal#1149.

Top image source: Pixabay

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Thank you for stepping up to the plate and helping the people of steemit. I think we can call this a home run hit. I appreciate all the effort you took to meet this challenge. It truly is good to know that people have our backs. I don't know if you know about @utopian-io But I for one hope they come by and give you a truly well deserved vote of respect for what you did.

Thank you for your kind words. Yes, I know about @utopian-io but did not post there because I can not share the source for the bot.

Duh!! Stupid me, yeah, sharing it would kind of compromise it. I did not think. Well hopefully they will still see value in it and give a nice upvote anyways.

Duh!! Stupid me, yeah, sharing it would kind of compromise it. I did not think. Well hopefully they will still see value in it and give a nice upvote anyways.

This is a really cool initiative. Although I stopped by to ask you if we could chat sometime about Wordpress. If so, I will contact you on Discord. Found out about you through @tcpolymath

Thank you for stopping by. I am available of Discord by the same username name.

Thank you.

An issue has also cropped up today with memo keys stolen this way and being used to log into third-party sites with SteemConnect and steal money/assets held there. Not sure if there's anything you can do about that since there's not much to be done with a memo key but I wanted to make you aware of it in case you have a better idea than I do.

The solution could be changing main password. Once password is changed, all keys are also changed.

For the users, sure, but if all that's compromised is the memo key the bot can't do that.

Maybe even just sending a wallet message to users whose memo key is compromised would help.

Yes, that can be done. I am taking notes.

Finally something good involving the keys and funds of others! We need morre devs like you.

This is awesome work, very thoughtful! Thanks for your efforts,

Karl.

  ·  6 years ago (edited)

Dude! Sounds killer!

Have you tested it? Obvious question assuming 'yes' :)

What was the success rate?

Do you need some more testers?

Moving the funds into savings sounds even more nobel than taking them out.

Any plans on how people prove the account is theirs?

Awesome!

Haven't tested on real life situations but tested in development environment with my other accounts. It was able to move funds and change password. I am not sure how to test it on real life situations without giving away private keys for my test accounts as you know many bots are looking for those keys. Tested this with previous blocks where there was old private keys of victims, it was able to detect those keys.

I am thinking of a verification on Discord. Many users have their account linked with PAL project, Ginabot so they can show that their account was linked. Also if they can get some followers to make wallet transfers to @noblebot with a request I can send the victims their password. Any other suggestions?

I am thinking of publishing success rate and some reports, if there is any in future updates.

Cool :)

I think we need a few 'live' tests. I'm willing to give it a go with a test account using an active key and a small amount of SBD and STEEM in the wallet. Would it work with .001 of each and take them both to savings?

I am thinking of a verification on Discord. Many users have their account linked with PAL project, Ginabot so they can show that their account was linked. Also if they can get some followers to make wallet transfers to @noblebot with a request I can send the victims their password. Any other suggestions?

Both sounds good to me. Perhaps other people can give some ideas too.

I am thinking of publishing success rate and some reports, if there is any in future updates.

I think this would be good, if it works as planned, I think you deserve some rewards and this could be the way to earn some.

I also believe it requires live testing. It should work with 0.001 SBD and STEEM. Lets see if it can pick up the key and transfer funds to savings.

Cool :)

I think we need a few 'live' tests. I'm willing to give it a go with a test account using an active key and a small amount of SBD and STEEM in the wallet. Would it work with .001 of each and take them both to savings?

I am thinking of a verification on Discord. Many users have their account linked with PAL project, Ginabot so they can show that their account was linked. Also if they can get some followers to make wallet transfers to @noblebot with a request I can send the victims their password. Any other suggestions?

Both sounds good to me. Perhaps other people can give some ideas too.

I am thinking of publishing success rate and some reports, if there is any in future updates.

I think this would be good, if it works as planned, I think you deserve some rewards and this could be the way to earn some.

  ·  6 years ago (edited)

asher ping me on discord to remind me to help do a live test. I have an account not being use that I can test with......( its the weekend, wont be back online till tommrow and I know I will forget)

will do:)

what an amazing concept - great looking out for others - I hope it works as you planned

It is under heavy testing now. I am also hoping it will be able to help the community. Thank you for commenting.

Great work, @reazuliqbal!
Thanks for stepping up when needed :0)

I resteemed this article. I also thought that it seemed to be useful for using the car safely. Thank you for the information.

Amazing work! Great to see the community tackle problems like that. You gotta love decentralized blockchains for that possibility. Keep it up.

wow,,, that's some good community thinking /// THANKS!

Thank you. :)

This is really incredible step towards curbing scam on the blockchain. At least we have a noble bot to do that now. Thank you for your help @realzuliqbal and @abh12345 for making such announcement to the public.

You are welcome and thank you too for commenting.

that sounds like a great invention, ty!

I hope it will help people like other innovations do.

That's some good community thinking.
bravo brother

Thank you so much :)

thank you for giving your contact.love to read it..

Where can I vote a second time, this rocks!

Thank you for taking on this challenge @reazuliqbal — it's a much needed initiative, and as Steemit continues to grow, I expect we'll only see more and more "black hat" actors come in to try to nab users' wallets.

I hope this tests out successfully. As I replied to Asher in a different post, there may end up having to be a "version" of @noblebot that pings each of the different front ends... they all seem to handle keys and permissions a little differently. I say that just as the observations of a user, not as a developer... I have NO idea about the technical end.

=^..^=

Thank you so much for commenting. @noblebot is still under heavy testing in real life situation. Yes, blackhats may increase as we grow more and more, but I hope there would be some whitehats too.

Front-ends are just the front of the Blockchain, they all treat keys the same but its true some may not warn you before posting private keys others may do. So, we just need to petrol the Blockchain.

YOU JUST GOT UPVOTED

Congratulations,
you just received a 37.63% upvote from @steemhq - Community Bot!

Wanna join and receive free upvotes yourself?
Vote for steemhq.witness on Steemit or directly on SteemConnect and join the Community Witness.

This service was brought to you by SteemHQ.com

Just perfect.. wow :

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by reazuliqbal from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.

Yes, I saw that. Looks like we both are doing the same thing but he/she is way faster than me. I do not care who wins our race if STEEM users get their funds or account back I'll be happy. If he or she misses something I'll have his/her back.

Sure, existence of more than one Sheriff is good in case if someone fails (rpc error, connection break etc.)
Fingers crossed for both of You!

Howdy, @ahh speaking :) yeah I agree, the more people help, the better.

I have been noticing you are running some kind of front running curation bot yourself and most of the time you seem to be a few milliseconds faster than me. Tell me your secret, is it your internet connection?? These few milliseconds could be crucial when it comes to being faster than the baddies. Did you program your bot in Javascript and what does your setup look like :P?

I think in the end it all boils down to who has the fastest internet connection to make the first request :x It might be wise to host the program close to the Steemit Servers

Sure I can share my setup. I use steem-python library script hosted on cheap VPS stored somewhere in Poland servers.
I think much more important is API node choose. You can find out the nearest node based on Your localization here:
http://geo.steem.pl
Comparing speed, there is one guy who is faster than me in curation (frontrunning bidbots). It's @ ghasemkiani. Almost always faster by miliseconds to me. We jump into the same block but he do it just earlier. I believe he sits very close to Steem nodes. Maybe he is even a node.

If you are in the same block you will effectively be the exact same time for curation rewards. The blockchain treats them as being voted at the same time.

This is very new and valuable info for me. Thanks a lot!

Hey @prey aka @ahh you are doing fantastic job. I appreciate it. You are way faster than me. Awesome job, man!!

I am running on US based server using Node JS. Hows your setup?