Could not find nonce in bucket - key was not found in the airdrop tree #35
Comments
|
Did you also register at Handshake.org for the faucet? |
No I didn't, I wasn't aware of that. Is that necessary for the GitHub account airdrop? |
|
No but it's a common reason why users are not in the GitHub airdrop (the tree was deduped so users only get one). Do you have another key you could try? PGP or SSH? Also make sure you are running the latest version of hs-airdrop. |
|
How does one register at Handshake.org? Also, I'm sure I had >15 followers on 04-02-2019, but I'm using a new SSH key since December 2019, and using the tool with the private pair of this key. Would I need to retrieve the older one?? Thanks! |
|
Yeah try the older key. I'm not sure when the data was scraped but it might've been just before that. |
|
@pinheadmz I think it was scraped April 2019. Since I didn't back up my older ssh private key, I've no chance right? :( |
|
Replying to: cd90f42#r37314705 I want to be clear on this: the snapshot is from February 2019. There's a few reasons for this. I think the main thing I would point out is that we had also done the crawl 5 months before the final date. On the second crawl we noticed that not many people actually update their SSH keys. I think the diff was along the lines of couple dozen users out of 250k, and all of them were adding new keys, not revoking/removing old ones. Furthermore, most of the new people who made the 15 follower cut off on the second crawl didn't have any SSH keys associated with their account (go figure). So in a 5 month span, there was almost no changes to the set of users with >=15 followers. During one of the preliminary crawls (crawling the list of users and not the keys, which can be done in a few hours instead of days/weeks), I noticed a lot of new github users had been created right after Handshake was announced, all with similar usernames. After looking at their profiles, it was very clear that they were sockpuppet accounts, all following each other. Luckily, it looked like these accounts were attempting to game the faucet and not the airdrop. Even luckier that they didn't have any SSH keys associated. This is probably because we didn't announce the airdrop to SSH keys until after the first crawl was complete. Nonetheless, this was something new to consider since now people could attempt to game the airdrop by making phony accounts. That point in 2019 was also around the time Fedor also did the crawl and batch GCD to verify there were no shared primes in the set of RSA keys. As an aside, another fun fact about all these keys: no two users had the same SSH key, which I found very strange. Either github doesn't allow this, or it's very rare for people to have multiple github accounts (not counting the sockpuppets I mentioned above). The other set from github was PGP keys which people change even less frequently than SSH keys. It would have been nice to have fresher data, but I wasn't convinced that much would have changed. Honestly, running that crawl and the subsequent build for the tree, and all the micromanagement of all the scripts necessary to prepare all of this data was a nightmare for me. The crawl takes about a week to run due to API rate limiting, the script needs a journal, an actual database, and it requires monitoring for a week straight. It's not as passive as it may seem. I ended up creating a pretty complicated utility to do it and manage it all. As an extra headache, updating the tree requires various changes to the code, test vectors, and it was a hard fork each time for whatever testnet was up. Goosig was still under development and any time it changed significantly, the entire tree needed to be rebuilt. In the end, I was just sort of fed up with managing so much data and really didn't want to do the crawl all over again just for a very minimal amount of keys that may have changed, so we stuck with the Feb. 2019 snapshot. @amsimoes, I'm sorry to hear you missed the cutoff. I didn't expect to see an issue like this. I suspect you're one of the few users on github who actually re-keys for SSH in a reasonable amount of time, which is normally a good thing. I would go so far as to say you probably have bragging rights over anyone on github for actually exercising good security practices. I can't do any debugging to verify whether you're in the tree or not since the crawl data was deleted to protect user privacy, but if the tool says you're not in the tree, you're probably not (short of a bug, or unless you can find your old key and try it). |
|
The same to me. I changed my key and lost the old one. |
@pinheadmz the same problem to me , I had changed my SSH Key in 4th Aug 2019. And the shell said:
What can I do then ? |
|
@daijiale if your old key is gone then you can not claim. |
Me too 😞 |
I don't have any other PGP/SSH keys associated with my account, and my code was up to date with master at the time I created the issue. It's entirely possible I did not have 15+ followers on Feb 2019, I pay almost no attention to this count. I'm assuming I simply wasn't included at the time the crawl happened but I'd be happy to try something else if there are any other ideas. |
|
Ahh it's a bit sad this happening :( The older public key is still saved on my Github profile, isn't there a way to check against the crawl data? Is there any other way to get this airdrop then? |
|
One of my old key is gone, along with my old machine. And another key that I didn't rotate is stored in my Yubikey. Any details of how to make a claim with Yubikey? |
|
So if we can't find the oldest ssh key then we can't meet the requirement right? Even our followers' count more than 15? sigh... |
See #31 |
|
I know had 15 followers before the snapshot and tried with a key registered on Github from 2017. Still didn't work. A tool for to look up what the snapshot has for my Github ID would be useful- saves me dicking around and digging up old computers for their SSH key |
|
Oh no, I haven't authorized SSH before, so is my new generated one useless? |
|
@zh-h If you didn't have a public ssh key, I don't know yet if there's a way to verify by your github id instead of the public ssh key matched to your profile. I think they only parsed by ssh and pgp keys... |
|
I also did not have a ssh key... |
|
@amsimoes @windrunner414 No keys, no coins. Sorry but this is how the airdrop was designed. |
I tried this tool to claim the airdrop with my github gpg key, which has been associated with my account for years.
At 23 followers I'm over the 15 follower minimum, so I'd expect it to be included, although it's possible I was below 15 followers at the time the merkle tree was built. Is there anyway to tell for sure whether this is a bug or I'm doing something wrong vs that I'm just not in the airdrop?
The text was updated successfully, but these errors were encountered: