Author

Topic: [ANN] Blacknet | IBO for BlackCoin | New code | PoS | No ICO - page 1204. (Read 2510302 times)

hero member
Activity: 868
Merit: 1000
im still on the fence


can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets

Code:
ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
    return false;


im not well enough versed with the code to know what these variable names imply
i have discovered a flaw with current PoS implementation

you can easily do a 51% attack with PoS blocks without needing large holdings

since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period

so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes

enough to put the security and function of a coin in question



couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks

are people really not concerned about this?


YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALL

Hi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night.

Check our code i'd say Smiley

No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why.

This flaw was addressed by the author of PoS, Sunny King, earlier this year:

Official release build is now available http://www.ppcoin.org/ (via sourceforge)

What's in 0.3.0 release:

Stake generation protocol upgrade (protocol switch March 20th)
Qt UI support
Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client)
Miscellaneous bug fixes and improvements

The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities.

My sincere appreciation to co-contributors of 0.3.0 release:

Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix
Jutarul for demonstrating stake generation vulnerability
EskimoBob for reporting issue fixed in 0.3.0

+1 thank you for quick and helpful response
hero member
Activity: 686
Merit: 500
looks like where on cryptsy now, i still believe in black coin so still holding. take a look at CGA coin,
hero member
Activity: 966
Merit: 501
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?

keep in mind that you CAN'T mine BC directly anymore, so if you're using a SHA256 miner on the multipools, you're actually mining SHA256 coins against other SHA256 miners, then trade those coin for BTC to buy BC.

using coinwarz  Tongue , for 200ghz, you're looking at around $14 dollars a day, or 0.02804BTC at current exchange's rate  Lips sealed

Yeah of course I know that I can't mine directly BC, was just wondering if SHA256 is now a better option than GPU mining, seems like they are about the same..
member
Activity: 61
Merit: 10
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?

keep in mind that you CAN'T mine BC directly anymore, so if you're using a SHA256 miner on the multipools, you're actually mining SHA256 coins against other SHA256 miners, then trade those coin for BTC to buy BC.

using coinwarz  Tongue , for 200ghz, you're looking at around $14 dollars a day, or 0.02804BTC at current exchange's rate  Lips sealed
sr. member
Activity: 266
Merit: 250
im still on the fence


can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets

Code:
ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
    return false;


im not well enough versed with the code to know what these variable names imply
i have discovered a flaw with current PoS implementation

you can easily do a 51% attack with PoS blocks without needing large holdings

since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period

so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes

enough to put the security and function of a coin in question



couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks

are people really not concerned about this?


YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALL

Hi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night.

Check our code i'd say Smiley

No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why.

This flaw was addressed by the author of PoS, Sunny King, earlier this year:

Official release build is now available http://www.ppcoin.org/ (via sourceforge)

What's in 0.3.0 release:

Stake generation protocol upgrade (protocol switch March 20th)
Qt UI support
Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client)
Miscellaneous bug fixes and improvements

The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities.

My sincere appreciation to co-contributors of 0.3.0 release:

Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix
Jutarul for demonstrating stake generation vulnerability
EskimoBob for reporting issue fixed in 0.3.0
hero member
Activity: 868
Merit: 1000
im still on the fence


can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets

Code:
ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
    return false;


im not well enough versed with the code to know what these variable names imply
i have discovered a flaw with current PoS implementation

you can easily do a 51% attack with PoS blocks without needing large holdings

since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period

so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes

enough to put the security and function of a coin in question



couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks

are people really not concerned about this?


YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALL

Hi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night.

Check our code i'd say Smiley

No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why.
member
Activity: 61
Merit: 10

Strange. I confirmed earlier that #2 demanded my password. What client are you on? Could you restart and reconfirm please. I'm on the latest windows qt.

#2 also asked for my password. im on v1.0.5  Smiley
hero member
Activity: 966
Merit: 501
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?
sr. member
Activity: 266
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Thank god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!

if You do no 2...the stacking works...just received few fractions of coins

Well yes, it's supposed to work that way and does. You will also be staking by doing #1. The open question was more about #3 and #4. So far it looks like client is misreporting, and in fact at that point you are locked and not staking, in spite of the green light. Not a major issue. Security is. Looks like you're ok with #2. No doubt future releases will add features and heightened security.
Be sure when you unlock in console to immediately delete history.
**footnote for experts: there is always a possibility that, in spite of deleting console history your password is retained somewhere in memory and retrievable by someone clever enough to get in. It's beyond my skills to verify that, but would be glad to hear a report from someone capable of analyzing the matter in detail.

actually no2 might be dangerous also.....just checked and my transaction passed without password......

I then did walletlock command.....
wallet is locked now and the stacking icon is green...will have to check if it is really stacking....I came to the same questions as yours...will try to report if I will get something...

Strange. I confirmed earlier that #2 demanded my password. What client are you on? Could you restart and reconfirm please. I'm on the latest windows qt.
hero member
Activity: 966
Merit: 501
im gonna hold until we plateau around the same market cap as nextcoin

I didn't know NXT really well my first time with crypto were after last christmass. I looked at the NXT to compare price... did not found too much talk about price, just 1 guy selling 1 000 000 nxt for 1 btc... (was in the end of november.

Now it's at 5600 sats... so well hope BC will do the same in a such small time frame!  Grin
sr. member
Activity: 405
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Thank god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!

if You do no 2...the stacking works...just received few fractions of coins

Well yes, it's supposed to work that way and does. You will also be staking by doing #1. The open question was more about #3 and #4. So far it looks like client is misreporting, and in fact at that point you are locked and not staking, in spite of the green light. Not a major issue. Security is. Looks like you're ok with #2. No doubt future releases will add features and heightened security.
Be sure when you unlock in console to immediately delete history.
**footnote for experts: there is always a possibility that, in spite of deleting console history your password is retained somewhere in memory and retrievable by someone clever enough to get in. It's beyond my skills to verify that, but would be glad to hear a report from someone capable of analyzing the matter in detail.

actually no2 might be dangerous also.....just checked and my transaction passed without password......

I then did walletlock command.....
wallet is locked now and the stacking icon is green...will have to check if it is really stacking....I came to the same questions as yours...will try to report if I will get something...
hero member
Activity: 966
Merit: 501
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Tahnk god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!
Thanks a lot! I wasn't aware of #4 option, I try it, will report if it still stake.
sr. member
Activity: 266
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Thank god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!

if You do no 2...the stacking works...just received few fractions of coins

Well yes, it's supposed to work that way and does. You will also be staking by doing #1. The open question was more about #3 and #4. So far it looks like client is misreporting, and in fact at that point you are locked and not staking, in spite of the green light. Not a major issue. Security is. Looks like you're ok with #2. No doubt future releases will add features and heightened security.
Be sure when you unlock in console to immediately delete history.
**footnote for experts: there is always a possibility that, in spite of deleting console history your password is retained somewhere in memory and retrievable by someone clever enough to get in. It's beyond my skills to verify that, but would be glad to hear a report from someone capable of analyzing the matter in detail.
hero member
Activity: 714
Merit: 500
Hey guys I've uploaded my first live DJ mix to soundcloud inspired by the blackcoin community.
 If I get some decent feedback I'll have a crack at some more.

Have a listen. I hope for a future where use cryptos to support artists! Keep in mind it is live so it's not the tightest mix in the world.
Donation address is in description.

https://soundcloud.com/pantella-2/land-your-own-moon

sr. member
Activity: 405
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Tahnk god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!

if You do no 2...the stacking works...just received few fractions of coins
sr. member
Activity: 434
Merit: 250
Cryptsy has a large percentage of the market for some coins. Give it time for them to take on with Blackcoin.
sr. member
Activity: 266
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, your wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Tahnk god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!
sr. member
Activity: 266
Merit: 250
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block

That is already in there. I have mine unlocked and can't send transactions without entering my pass.

Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end.

Just to follow up with a couple more details and confirmations on this.

1. If you unlock the 'new' way, via the dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Tahnk god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.

Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!
legendary
Activity: 1582
Merit: 1001
im gonna hold until we plateau around the same market cap as nextcoin
sr. member
Activity: 294
Merit: 250
★Trash&Burn [TBC/TXB]★
.....
Dogecoin has a nice paper / brain / bulk wallet site here  http://dogeaddress.com/

I bet someone here decent at development could get one going for Blackcoin too using this  https://github.com/litecoin-project/liteaddress.org

FYI
New sites and services to support BC would help add value, especially though support for those trying to support / buy / use this coin is crucial.

IMHO


.........
also there's already something like that for BC. it's a few pages back so you just search for it Tongue i think i saw it last week.  you can create your own paper wallet, etc.


I think we should put it on the first page http://paperwallet.ga/BlackCoin/

So just to confirm this is 100% safe to use? I want to be sure before moving coins.
Jump to: