Ok I’m willing to look at stuff I don’t understand to see your point. Where should I look to see what your talking about. I go on GitHub and I search terra ,find terra classic core look at what is being updated. I see ed I see frag I see vin. So where can I see what you are talking about.
1 Like
You can block the amount you want. After the delivery and acceptance of the work, the money is transferred. The process can be broken down into steps
Omce again, off the mark.
The point being - I am not contesting your choice of the team. I can’t distinquish between their unique skills.
Github repos and the commentaries there are kept as youd expect - nerds bashing each other - polite, yet forcefully eloquent politeness. And then bashing.
But anyone can understand that this proposal isn’t about standard maintenance work that is streamlined work.
Thus, I imagine, that the current L1 plan that you copied and edited, does not take into account such possible hijinx and the remaining two out of five are unknown actors to previous three.
Let alone if previous three relied on the now missing 4 (2 juniors also) and a manager to know they could complete the tasks presented in Q2.
I imagine, the new members would need some time to check on the previous work. Get into the habit of the workflow (timezones, language, preferences etc.) and thus can the same workload be achieved in Q2. if you haven’t even contacted all of them, due to the fault of none of your own, bur TGF for not providing clear enough instructions for such extinquished inquiries?
(Have a good weekend, ya ol’ goat.)
1 Like
You do know that’s bullshit, right? Don’t tell me you believe a 3-man team needs a “manager” who’s getting paid more than one of the devs. And the junior talent is a smoke screen for Tubby to crank up his own salary… it either goes to him, or one of the other admins. Goddamn Don, you gotta stop taking people at face value. People lie when there’s money involved!
Any professional worth his salt can fit into a new team in like a week, it’s a non-issue. 
Well yeah, that’s a problem. TGF apparently doesn’t want to keep open a line of inquiry. 
You too man, take it easy! 
5 Likes
So nothing on this after three hours but you can non stop post about other stuff guess you have nun of the proof you claim. You can just post out of context twitter messages. Got it thanks. ;0
2 Likes
Thanks for taking the time to express this Rabbi and Mr. Baboon. (Not sure why you keep getting labeled as a troll when it’s apparent you’re bringing valid arguments to the table.)
I have completely lost faith in Tobias (Zaradar) as far as being in any lead development role in the LUNC community. I hesitate to call him a developer at this point because he seems to have positioned himself as more of a mentor/leader and really hasn’t contributed much L1 code/work (which is what we, as a community, agreed to pay for). He may be a good developer (in a general sense) but he’s not a Cosmos expert and is not grasping (or caring) about the fundamentals of security and thorough testing in the blockchain environment. (Allnodes) It’s turned into sort of a ‘pet project’ for him and he appears to be trying push LUNC in a certain direction that I don’t think people really agree with.
The condescending attitude and arrogance he keeps displaying over Twitter is a problem. Belittling others on social media can damage relationships and erode trust, both within the team and with external stakeholders. It can also create a toxic culture that is detrimental to productivity and morale.
If you’re going to position yourself as a leader then at least have the traits to support it. A good leader takes full responsibility for everything that happens in their team or organization. A good leader knows how to prioritize tasks and focus on the most important things. A good leader is humble and recognizes that they don’t know everything, and that their team members may have valuable insights. A good leader takes the initiative to identify problems and opportunities, and takes action to address them.
I feel that we are at a critical point in time with regards to the state of this blockchain and the upcoming bull run. IMO the many issues that plague LUNC should have been dealt with and we should have been at parity with the rest of the Cosmos at this point. But here we are staring at a critical WASM upgrade that could (very likely) nuke the chain. The ‘feature creep’ comment is a real concern for me too. We need to switch gears and put laser focus on the important issues. This requires talented developers writing code and getting as many people with expert-level knowledge about Cosmos to guide them on what is needed. I think the team on this proposal fits the bill. I’m not so concerned about personality quirks as long as work is getting done. We as a community need to be pushing hard for this stuff. We do not need managers and committees and discord janitors leaching money from a chain that is on life support.
There is a great opportunity here for the community. LUNC is leaderless and truly decentralized and it’s going to be up to the community on whether on not we can succeed and pull off the impossible. We’ve come a long way since the collapse but we are rudderless and have lost direction. (The AI side chain is a great example). Work needs to be done and the time pressure is real. Let’s get the devs coding and hold them accountable with the results.
9 Likes
Let Z tell us what utilities-devs he has brought to the network (for our, Terra Classic)? After all, he gets the best salary (and want more)).
5 Likes
Let’s not forget who this Rabbi character is.
For one thing unlike some retards here continue to point out he is not a man of faith so please stop pointing out things like “don’t you like jewish people?” Opposing the fake Rabbi is not undermining anyone following the jewish faith it is undermining those who make a mockery of it.
The Rabbi is a sock puppet of a clearly identified former Terra Rebels member.
He was invented to enable Terra Rebels to grab millions from a notrious multi signatory wallet. He failed in various attempts to steal from this community.
Ever since his failure - all he does is follow through on these truly sad attempts at lashing out agains the L1 team. Not that they are perfect, by all means. But at least they are working and on our side while fake Rabbi neither exists nor has ever had the good of this community at heart. All the loosers behind this sad charade want is to rip us off yet again. The proof is clear and available to anyone interested enough to find out.
We are actively collecting everything we can about the people behind fake Rabbi and when the time comes they will be held accountable through the court system.
2 Likes
Dude I have a life outside this forum! Christ…
Here, lemme spoon feed you: Network Security Proposal - Cancel and Revert Validator Upgrades to v1.0.5
Links are in the thread OP, have fun!
That’s not the problem. The problem is that you must attack the problems that affect the blockchain, find solutions and not directly attack people
2 Likes
He is a rabble-rouser! Thank goodness we have sensible people like you!
@Dannavan_Morrison
You’re a fucking faggot and your replay to your lover proves it. You’re not smart enough to discern all the trash in these idiots rethoric, and i’m talking to you DonCyp, you think you’re really cleaver but you’re just a functional idiot trying to sound smart. Anyway @Dannavan, the semen you swallowed has clouded your judgment. God may help you.
1 Like
Your IQ is very low! It’s a waste of time to hold a conversation with you. A coward and a bastard who hides behind an avatar,
2 Likes
No with veto
Scammers
2 Likes
I do not think so. This page lists 23 known vulnerabilities:
H means HIGH Vulnerability
I could be wrong cause this lists as a debian package. It will depend on whether the server we are running is debian or not, and the version installed is a local npm copy or not.
Could you check this as well?
2 Likes
I doubt that the L1 team, taken in whole, has been leaching anyone. The L1JTF proposal discussion created a detailed outline in Q1 of what they intended to accomplish (although I do agree they should report back on which items were accomplished, which items were shifted, and which items were adjusted due to circumstances changing). They provided public access to their project board. They provided updates and engaged the community. They have provided public access to infrastructure. That does not mean there is not room for constructive criticism (or even for standing for things a person believes are legitimate concerns, or are dangers), but if the L1 team is going to get labeled as a scam (or leach), then I am concerned that any project from this point will ever be able to be funded and workable without being attacked from all sides (at that point, I ask myself, who wants to work in that environment - this thing is [d]ead after we hit that point).
Each of the developers (L1 or not) are all still members of governance, and still in those individual personal capacities are allowed to comment and make contributions, regardless of them being developers on the L1JTF in their public capacity (and Zaradar rarely even speaks in classic-agora, although I know he does speak on twitter, and in other venues, and I do know that his and other developer comments do influence those who follow them). That said, I can understand that comments, views, and actions may in themselves become the very merits for supporting, or not supporting, a particular proposal (hopefully in addition to the full range of merits one way or the other). But, developers still are a part of governance where they are delegators themselves (as are validators for that matter - in partnership with their delegators as well as on their own self stake). There will always be people who influence in groups. The question is not if there will be influence, or if certain people will have more influence than others, but the question is whether they will use their influence for good or not. Those who stake have a right to take part in governance, whether developers in their personal capacity as delegators, validators, or delegators. And you, or any others in governance, definitely also have a right as well to bring forward an alternative proposal, and to fully advocate for it.
I will say that Bilbo, in his own words, has stated his dislike for the L1 team pretty much from 1 month after its inception. I do know that opinions change, and maybe he does or does not feel as strongly today as he did then, but it is hard not to wonder if there is an axe to grind when you read statements like:
Now, I realize he may have his reasons and experiences that have lead him to that conclusion, but it at least should bring a person to question why, and if his reasons are legitimate and reasonable. I personally don’t mind if someone holds to those statements if they can give legitimate reasons for why they feel that way, which very well may exist, but at least on the part of the L1 team, there have been team members that have worked toward the goals the community outlined, and while critics feel it may not be perfect (and whose efforts are), they have, in all honesty, had a positive effect on development. In truth I do recognize that you see this in most of the team members as well. That does not mean that I do not have my own concerns with the Q2 proposal, and particularly that EK will not be on that team this time around ( and while I respect Zaradar as both a developer and a person, I do share some of the legitimate concerns others have pointed out along the way, in the spirit of constructive criticism and concerns - rather than those that are just comments meant to attack). But, I think I can honestly acknowledge the things that have been contributions of that team as a whole, at least for Q1, have been in the positive category in regards to development (even if there are places that I have had concerns at times, many which have worked themselves out along the way, others may still remain).
On the Golang v1.18 issue, I can see both Jacob’s point (and Cosmos’ recommendation) that there should be one version that runs on the chain (which would mean enforcing it in the code), however I can also understand the L1 teams decision given that v1.18.x is the only version that has been fully tested (and I have personally witnessed Golang v1.19 functioning differently than v1.18 in regards to the chain - although that may have to do with snapshots being taken on one or the other version). While Golang v1.18 is deprecated (so Jacob is correct on that point), [removed my comments on Golang v1.18.5 and above being adequate from a security standpoint, going on what was reported in CVE, per @arunadaybasu post (and I explain the reason for the differences in my next post below, in response to his post). I revised my statement after researching what he pointed out to: Golang v1.18.9 and v1.18.10, with v1.18.10 being the last bug fix revision before deprecation, being the most secure among the Golang v1.18 minor version (although it would still have any vulnerabilities that apply after deprecation that apply to versions above v1.18 which affect all previous versions).] But, I agree with Jacob, which I am not sure the L1 team has not also agreed with him (although probably not communicated very well given the context), that it would be best to get to the point of Golang v1.20 as soon as possible, although with the caveat only once it is tested (the L1 team may, or may not, be giving it the same priority level that Jacob would however).
In regards to the last upgrade (v1.1.0), I was there for it. I will say it was not necessarily a quick process, and it had some mitigation, but it was hardly a failure. There were problems (mainly consensus took a while to reach, and the consensus module froze), but each was mitigated. And, I will agree that Bilbo was a part of the validators and others who worked together with the developers during upgrade, but no more, or less, a central part than others (thank you too Lunc Station 88, Aardvark, Stakely, and Bilbo/Nova [and any others I missed] who shared links or screen shots from the Northa and pvtop tools during the upgrade - which were extremely helpful - and thanks too to members of the L1 team). While Jared did have to work on the TFL infrastructure afterwards (upgraded their infrastructure, gave some instructions on testing, and their developers did have to make a change for mantlemint to the L1 teams pull request), and provided a work around for the gas issue using gas-adjustment, he was not part of the Terra v1 mainnet upgrade to bring validators online (his valuable help came afterwards).
I struggle to reconcile your version of the v1.1.0 upgrade with what I witnessed, which I stated here in answer to a question Jacob asked (and although there have been things that I have disagreed with Jacob about, there are also areas that I respect him for as a developer and person, and appreciate as well, and I thank/thanked him for his contributions to this chain as well).
None of that is meant to be a defense, or to detract. I just felt that I needed to comment to clarify those aspects (since I feel like they were getting painted in terms that I just could not reconcile for myself personally). I can understand and respect where you may disagree.
I hope you have a great day today 
1 Like
I’m not attacking anyone, I merely outlined in the OP what Tobias himself said and how he’s acting. Guy dug his own grave, I’ve done nothing bu re-paste the information here. And it’s all verifiable - none of it is made up. I can’t help you if you refuse to open your eyes.
I’d like nothing better than to sit back and relax while other people do the work and revive LUNC. But we’ve got a parasite infestation leeching money and value from the blockchain, so I’m forced to act in the best interests of the community. And before you accuse me of anything, please remember that I’m not getting paid a penny for my time here, I’ve never asked for any financial compensation, and I’ve always been honest with the community about whatever problem we’re facing. You can disagree with my methods, but not with the facts themselves.
Tubby gets paid $13,000/month to write wikis and people praise him.
I try to save the community some money, and people attack me.
What a world we live in… 
That was never my claim. I think a good portion of the L1 team is OK, and I’ve listed them in the OP.
Not to the level they should have. They’ve also been shilling pointless administrative expenditures like hiring lawyers and trying to turn LUNC into a US-based tradfi startup, just so they can cover their own doxxed asses, all at the community’s expense.
I have nothing against most of the L1 team, only Tobias and TGF.
This goes far beyond a couple of mean-spirited tweets. Certain elements of the L1 and TGF are siphoning precious assets from the treasury while providing almost nothing in return… and they’re gaslighting the community into obedience. It’s a major problem, for all the reasons I’ve outlined in the OP.
I don’t see how this is relevant to the topic at hand, but alright.
It’s not a question of morality, but value. Are we getting enough value from these people for what we’re paying them? In the case of Superman, Frag, and Vinh, yes. In the case of Tobias, Marco, Steve, and TGF overall, no.
OK, I guess?
Again you’re trying to inject morality and emotion into what should be a rational and clinical decision. There’s no axe to grind here - no one would care whether Bilbo (or I) dislike Tobias if he were doing his job, but he’s not. The TGF itself is leeching money from the community for likewise pointless and overinflated “work” expenditures. Personal dislikes don’t factor into these things - look at the facts. You’re ignoring almost everything I’ve outlined in the OP just so you can spin some sort of side-narrative and pivot to interpersonal relationships. That was never the case - it’s all a question of whether the LUNC community is getting enough bang for their buck… and with the current L1TGF roster, we’re not. Not by a long shot!
Blockchains shouldn’t remain dependent on outdated and exploit-prone software just because their lead developer is lazy and wants to spend most of his work week arguing with people on Twitter instead of putting in the elbow grease and updating the chain to the newest and latest standard. This is inexcusable.
You’re giving Tobias far too much credit. His stubbornness is matched only by his ineptitude.
I would disagree. The chain was halted for hours, grinding to a halt for an update that should’ve taken minutes. We also had to pull in Jared and TFL to clean up the mess. Are we going to run to them every time our L1 team botches things? What happened to pursuing our own sovereignty as a decentralized and trustless ecosystem?
No thanks to Tobias, he was nowhere to be seen during the critical hours when this went down.
You’re forgetting he was raising alarm bells about what would happen for days before the update went live, and was promptly ignored. That makes a world of difference, he’s not just another faceless validator, the guy understood and pinpointed the problem before anyone else, and instead of listening to him our Glorious Leader Tubby the Infallible decided to ignore the warnings and go full steam ahead. Same thing with Jacob. We are led by an idiot who’ll wreck the chain - this Emperor has no clothes.
Doesn’t change the fact we had to depend on his services - something we should be trying to avoid, not because Jared is a bad guy or TFL is evil, but because we should aim to reduce our dependency on external actors and companies that fall outside the scope of our own blockchain/ecosystem.
That’s alright, we don’t have to see eye-to-eye on everything.
I know I can be abrasive at times, but it’s only because I care. If I didn’t, I’d sit on the sidelines and keep quiet while shorting LUNC. This current situation we’re in will only deteriorate now that Ed has left - he was one of the few people who could curb Tobias’s worst excesses. With Ed gone, Tubby now has free reign, and it’s only a matter of time until his lack of skill and forethought generate a catastrophic event for the chain. It’s for all the reasons in the OP of this thread that I believe he must be let go and forcibly distanced from the project (in addition to the community reducing or outright eliminating the bloated spending budget of TGF itself and its clerics who contribute no tangible code to the chain’s revival).
You too! Thanks for the indepth reply. 
4 Likes
Stop attacking people. You did the same thing with Alex. Z has has a right to defend himself. It has nothing to do with his skill set. If you prick someone he will bleed.
2 Likes
Ok, I think I see what is going on here. CVE Details appears to 0.0 the CVSS score when there is a patch that has been backported for that version. So, if the version is directly downloaded from Go’s site, it will have the backport patch applied.
- You verify that by either:
- Method 1:
- Seeing Go’s release page, and
- Then clicking the “milestone” link for that minor release
- Then find the “security” tag with the CVE ID (or title)
- Then scroll to bottom and click on the link in the “Closed by merging ??? to release-branch.go1.18.”
- Download the minor version from Go’s site
- Check the changes are in the downloaded version
- Method 2:
- Goto cvedetails.com
- Click on CVE ID link for the particular CVE (could also use CVE linked page in Synk, or the NVD CVE as well)
- Goto section “References For CVE…”
- Click the link that has “https://go.dev/issue/…” in it
- Click the link for v1.18 backport in the issue
- Look for which milestone it was applied to (it will have the minor release)
- Then scroll to bottom and click on the link in the “Closed by merging ??? to release-branch.go1.18.”
- Download the minor version from Go’s site
- Check the changes are in the downloaded version
- Method 1:
Without the backported patch applied, the NIST National Vulnerability Database (NVD) CVSS score, which is what is being reported by Synk would apply.
The instructions that are in the TR guide for validator setup have the validators (and full nodes) downloading directly from Go’s site (which would have the backported security patches applied).
That said, thank you for pointing this out, there were a few CVE’s that I missed, and I did not take into account the vulnerabilities that would apply once the minor version was depreciated (the version for Ubuntu 22.04 gives the CVSS scores, but includes the lower “medium” for all vulnerability ratings for v1.18 from Synk). Where the patched backports are applied, there are some critical bug fix revisions above v1.18.5, so even with the backports applied to a particular minor revision, all vulnerabilities on the Snyk page between the minor version’s bug fix revision being used, and v 1.18.9 would still have those particular vulnerabilities. Since it is depreciated, any vulnerabilities in 1.19 and above that may also apply below, and have not been backported, would also apply. To be fair, there are high vulnerabilities in v1.20 as well - without the backported patches applied, or for vulnerabilities that may apply that were discovered and patches applied to later bug fix revision although affecting earlier bug fix revisions of that minor version (just to put it into context).
But, given what you pointed out, I would like to amend my previous statement to the most secure bug fix revisions of Golang v1.18 are v1.18.9 or v1.18.10 which have moderate or above vulnerabilities patched for that minor version (not including any vulnerabilities that would apply after deprecation).
Thank you again for pointing that out - that was really helpful
1 Like
I’ll be happy to… when said people stop parasitizing on LUNC and endangering my investment.
He had it coming for trying to first mint LUNC, then for trying to centralize control around an unelected shadow committee that would not only oversee the $4 million multi-sig but also vet which governance proposals would go up for a vote and which wouldn’t (thereby acting as a funnel and nexus of control for the overall blockchain). How quickly most of your forget events that happened only a few months ago. 
Funny you should say that, because the clown you’re defending here spends most of his time attacking anyone who disagrees with him even to a tiny degree. He’s an inept C-grade coder who oversold himself to the community and has been causing nothing but harm from his TR days onward. You wouldn’t believe the DMs people send me! The other 3 devs do most of the work, just as Notional and Ed did most of the work back during TR’s days - Tubby himself is worthless and overpaid weight.
Good! Maybe he’ll exsanguinate to the point we’ll finally be able to dislodge the parasite.
Shalom! 
4 Likes