Pages:
Author

Topic: 280 BTC total bets between Micon and mrb (are BFL ASICs real?) - page 24. (Read 46443 times)

legendary
Activity: 1232
Merit: 1014
FPV Drone Pilot
And we have a bet!

https://blockchain.info/address/1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y



No, actually, sounds like a major hole. This needs to be addressed somehow (not necessarily for the case at hand, but in general for the system).

Also the idea of relying on MtGox breaking their customer's confidentiality is bad. I know MtGox used to do this in the past, but since MPEx introduced standards for such that sort of shit doesn't seem to fly so well anymore in the public eye either. Frankly, I doubt they'd tell you, and if they did tell you they'd just be stupidly allowing you to rehash the ver-blockchain.info experiment.

You taking "as long as necessary" is yet another hole. The average person using escrow for any purpose is not interested in adding unspecified delays to their process.
Doesn't sound like a big deal to me.  I'm not worried about it.

indeed!  very cool to be apart of the escrow use win or lose IMO
legendary
Activity: 1400
Merit: 1005
And we have a bet!

https://blockchain.info/address/1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y



No, actually, sounds like a major hole. This needs to be addressed somehow (not necessarily for the case at hand, but in general for the system).

Also the idea of relying on MtGox breaking their customer's confidentiality is bad. I know MtGox used to do this in the past, but since MPEx introduced standards for such that sort of shit doesn't seem to fly so well anymore in the public eye either. Frankly, I doubt they'd tell you, and if they did tell you they'd just be stupidly allowing you to rehash the ver-blockchain.info experiment.

You taking "as long as necessary" is yet another hole. The average person using escrow for any purpose is not interested in adding unspecified delays to their process.
Doesn't sound like a big deal to me.  I'm not worried about it.
mrb
legendary
Activity: 1512
Merit: 1028
Micon: then create the payment invitation, and send it to me.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)

No, actually, sounds like a major hole. This needs to be addressed somehow (not necessarily for the case at hand, but in general for the system).

Also the idea of relying on MtGox breaking their customer's confidentiality is bad. I know MtGox used to do this in the past, but since MPEx introduced standards for such that sort of shit doesn't seem to fly so well anymore in the public eye either. Frankly, I doubt they'd tell you, and if they did tell you they'd just be stupidly allowing you to rehash the ver-blockchain.info experiment.

You taking "as long as necessary" is yet another hole. The average person using escrow for any purpose is not interested in adding unspecified delays to their process.

Huh

MtGox wouldn't be breaking anyone's confidentiality, the person who made the payment would be begging them to confirm the payment was theirs and would be cramming permission down their throats. Not sure how this would be a problem at all.

If there is a fear I will act too slowly... The program is free. Anyone can be an escrow agent.  You can be a superfast escrow agent and even charge a fee for your service.  For everyone else don't forget there's PayPal... They are fast, it's easy to be when you bias toward the buyer!  (Reality check: they are biased and still aren't fast.)
legendary
Activity: 1232
Merit: 1014
FPV Drone Pilot
Ok, I get Bitcoin address 1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y.

What do I do with the payment invitation I generate?

Send it to Micon with the address and make sure he confirms he gets the same bitcoin address.

If you both agree you're seeing the same address, proceed to fund it.

1)   getting the same address as SgtSpike and about to fire 20 coins at it

2)  the .001 btc test-coin-flip with mrb I keep getting "not a valid payment invitation code" and I did see the space that copy/paste from btctalk makes.

legendary
Activity: 1232
Merit: 1014
FPV Drone Pilot
I have gone ahead and emailed SgtSpike and Micon a set of codes.

One feature I feel worth pointing out:  besides the codes starting with "einva", "einvb", or "einvp", I have made it so the following 5 characters are random but identical for a matched set.

I sent SgtSpike a code starting with einvaPoHB4
I sent Micon a code starting with einvbPoHB4
When they generate a payment invitation, it will start with einvbPoHB4
Notice PoHB4 is in all of them...this is deliberate, just so you have a quick visual way to see whether codes are part of a matched set.
Each time the Escrow Agent generates a new pair of invitation codes, these 5 characters are shuffled to something random.
In Dooglus's example above, they were T9CMj.
Ok, I get Bitcoin address 1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y.

What do I do with the payment invitation I generate?

1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y

got that with your payment invite.  copied that shit in a secure location.

I'll hit it with 20 coins right now and hope that everything works out.   Seems like the most logical plan.
hero member
Activity: 756
Merit: 522
One way to work around the flaw is via a slight change of process: before a person sends to the bitcoin address, he or she privately announces to the escrow the exact amount to be transferred (eg. 10.00001234 BTC when 10 BTC were supposed to be sent). Because the less significant digits have been predicted, the escrow can trust that this person originated this transfer.

That method is logically sound (and what MPEx, the ROTA etc use), but it does run into the problem of people being people.
mrb
legendary
Activity: 1512
Merit: 1028
One way to work around the flaw is via a slight change of process: before a person sends to the bitcoin address, he or she privately announces to the escrow the exact amount to be transferred (eg. 10.00001234 BTC when 10 BTC were supposed to be sent). Because the less significant digits have been predicted, the escrow can trust that this person originated this transfer.

Or, the proper way to solve the flaw IMHO is to have the escrow program generate not 1, but 2 bitcoin addresses: person A is supposed to send to address A, and person B is supposed to send to address B.
hero member
Activity: 756
Merit: 522
If you both agree you're seeing the same address, proceed to fund it.

What happens if player 1 makes a deposit to the address they both agree upon from his MtGox account, posts here saying "I sent my payment" and player 2 replies "no, I sent my payment".  Only one payment was sent, but we can't tell who sent it, and since it was sent from an MtGox address which neither of them controls, neither can sign a message with the sending address to prove it was them.

I guess they could use screenshots of their MtGox account, but that's easy enough to fake.  Maybe the answer is not to use a web wallet when making your payment.

Seems like an unlikely enough scenario that I could just ask someone at MtGox to tell us who made the payment in the rare event it were ever to come up.  As the escrow agent I could take as long as I needed to be satisfied that I know who paid.  It's a lame attack with a poor chance of success so I can't imagine anyone bothering to try it.

No, actually, sounds like a major hole. This needs to be addressed somehow (not necessarily for the case at hand, but in general for the system).

Also the idea of relying on MtGox breaking their customer's confidentiality is bad. I know MtGox used to do this in the past, but since MPEx introduced standards for such that sort of shit doesn't seem to fly so well anymore in the public eye either. Frankly, I doubt they'd tell you, and if they did tell you they'd just be stupidly allowing you to rehash the ver-blockchain.info experiment.

You taking "as long as necessary" is yet another hole. The average person using escrow for any purpose is not interested in adding unspecified delays to their process.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
If you both agree you're seeing the same address, proceed to fund it.

What happens if player 1 makes a deposit to the address they both agree upon from his MtGox account, posts here saying "I sent my payment" and player 2 replies "no, I sent my payment".  Only one payment was sent, but we can't tell who sent it, and since it was sent from an MtGox address which neither of them controls, neither can sign a message with the sending address to prove it was them.

I guess they could use screenshots of their MtGox account, but that's easy enough to fake.  Maybe the answer is not to use a web wallet when making your payment.

Seems like an unlikely enough scenario that I could just ask someone at MtGox to tell us who made the payment in the rare event it were ever to come up.  As the escrow agent I could take as long as I needed to be satisfied that I know who paid.  It's a lame attack with a poor chance of success so I can't imagine anyone bothering to try it.
legendary
Activity: 2940
Merit: 1333
If you both agree you're seeing the same address, proceed to fund it.

What happens if player 1 makes a deposit to the address they both agree upon from his MtGox account, posts here saying "I sent my payment" and player 2 replies "no, I sent my payment".  Only one payment was sent, but we can't tell who sent it, and since it was sent from an MtGox address which neither of them controls, neither can sign a message with the sending address to prove it was them.

I guess they could use screenshots of their MtGox account, but that's easy enough to fake.  Maybe the answer is not to use a web wallet when making your payment.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
Ok, I get Bitcoin address 1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y.

What do I do with the payment invitation I generate?

Send it to Micon with the address and make sure he confirms he gets the same bitcoin address.

If you both agree you're seeing the same address, proceed to fund it.
legendary
Activity: 1400
Merit: 1005
I have gone ahead and emailed SgtSpike and Micon a set of codes.

One feature I feel worth pointing out:  besides the codes starting with "einva", "einvb", or "einvp", I have made it so the following 5 characters are random but identical for a matched set.

I sent SgtSpike a code starting with einvaPoHB4
I sent Micon a code starting with einvbPoHB4
When they generate a payment invitation, it will start with einvbPoHB4
Notice PoHB4 is in all of them...this is deliberate, just so you have a quick visual way to see whether codes are part of a matched set.
Each time the Escrow Agent generates a new pair of invitation codes, these 5 characters are shuffled to something random.
In Dooglus's example above, they were T9CMj.
Ok, I get Bitcoin address 1B3EAGAgXoALFd6o9762hitoCyH61JxF4Y.

What do I do with the payment invitation I generate?
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I have gone ahead and emailed SgtSpike and Micon a set of codes.

One feature I feel worth pointing out:  besides the codes starting with "einva", "einvb", or "einvp", I have made it so the following 5 characters are random but identical for a matched set.

I sent SgtSpike a code starting with einvaPoHB4
I sent Micon a code starting with einvbPoHB4
When they generate a payment invitation, it will start with einvpPoHB4
Notice PoHB4 is in all of them...this is deliberate, just so you have a quick visual way to see whether codes are part of a matched set.
Each time the Escrow Agent generates a new pair of invitation codes, these 5 characters are shuffled to something random.
In Dooglus's example above, they were T9CMj.
legendary
Activity: 2940
Merit: 1333
I should come up with a scheme for a chunked multiline encoding for larger objects. Sort of like base64 but without + and / and = signs, and with self hashing capability.  Something that resembles PGP.

Having the .net app ignore spaces and other invalid characters in the input fields would be a quick and easy workaround wouldn't it?
mrb
legendary
Activity: 1512
Merit: 1028
Micon, everything is fine. I copied and pasted the invitation out of the PM I sent you, and with my code A I am able to regenerate the same Bitcoin address. As you said, it seems that the pb is your code B.

PS: The space that casascius is talking about is inserted by the forum software (it's a space in a with a negative margin!) to allow long words to wrap. This is really crappy... It should instead use which doesn't break copy/paste (optional line break, finally standardized in html5).
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I think the length of the line entices things to break them up and that is causing transcription problems.  Check to make sure there isn't a space or something at about 2/3 of the way through the code.

I should come up with a scheme for a chunked multiline encoding for larger objects. Sort of like base64 but without + and / and = signs, and with self hashing capability.  Something that resembles PGP.
legendary
Activity: 1232
Merit: 1014
FPV Drone Pilot
I must have miscopied smthg. Will check things in 3h when I get home.

1)  seems like it was C's invite code that was wrong, not the 1 you generated

2)  It's cool, I have errands to run and will be back on in a few hrs too.  no rush, but I'm excited to test it too Smiley
mrb
legendary
Activity: 1512
Merit: 1028
I must have miscopied smthg. Will check things in 3h when I get home.
legendary
Activity: 1232
Merit: 1014
FPV Drone Pilot
I sent a PM with an escrow invitation code to both Micon and mrb for a coin flip.

Micon, I PM'd you a payment invitation for this test -- the address is below and I already sent 0.001 BTC to it:
http://blockchain.info/address/1JUsk88BGbZbRs3R3JoKxeR4Mc9sxf74kQ


kk checking / will fire .001 at it if it comes up same

edit:  not a valid escrow invitation code.  C was off by 1 extra character in that long string the 1st time, maybe it happened again.  I tried it 3x. 

Pages:
Jump to: