You are viewing a single comment's thread from:
RE: How 'Above 99' player outplayed Epic Dice
In reality if you wanted to test for a vulnerability, you would do it 3-5 times with success, then let @epicdice know so they could fix it. Anything more is exploiting and just using your "light witness" status to gain for yourself.
The righteous thing would be to keep 500 steem as payment, send the rest back and help them fix it so it is fair.
Posted using Partiko Android
Or maybe 2-4 or 4-7? In reality if he wanted to get all the money from epicdice account he would do it with anonymous multi accounts and probably at the time when team is sleeping. He did it from public account and haven't hidden anything. He gave all the STEEM back.
A lot of times when you report bugs you hear "F*ck off", "No, it's not working like that, everything is ok", "Thanks for the help, that's 10 STEEM or X shit tokens as a reward for you".
He didn't give it back right away though and in hindsight he could've just gone on and on if us players did not catch it. But he could have felt contacting them after my message and others who may have talked to him about it, from knowing it was right and working out the bounty for funds returned etc shows he turned around to be a good guy in the end. But lesson be learned that if you find an exploit and want to help make sure it is fixed, do it 3 - 5 times with success each time, talk to the developers/owners and work something reasonable out.