Topic: [ANN] FIMK: 2.5G POS, extra block rewards, messaging, asset colors, p2p shopping - page 12. (Read 184334 times)

We are preparing the upcoming release, part of this release is NXT-PLUS based on 1.5.12 and with the virtual exchange enabled.
Assets can be found by typing part of the name or description in the filter box.



Try it out here:
https://www.mofowallet.com/launch.html#/activity/nxt/assets/latest

The new UI is (at the moment) only available on hosted mofowallet, expect some downtime from time to time while we upload new versions.



Try it out here:
https://www.mofowallet.com/launch.html#/assets/nxt/12071612744977229797/trade

Theme switcher still available under settings menu, current default theme is named "Google", if you used hosted mofowallet before you will still have "Yeti" theme selected. This theme is named "Slate", total of 19 themes available.



The upcoming Private Assets feature (FIMK only) and the new Email Account Identifiers (FIMK only) are available in the java server code but have not been turned on yet. For this a hard fork is required which will likely be happening in the coming weeks.

It's not encrypted at google's end and there's nothing stopping a google employee from seeing this search in the logs or database and then saying "thank you very much for all your FIM!"


Not really. Most password safes clear the clipboard 30sec after you copy a password specifically to mitigate this risk.

Don't get me wrong. I understand there's not much you can do.  Security versus ease of use is an age old battle, but err on the side of security.

Keep up the good work.  I'm interested to see the real-time exchange once it's ready.

The URL's involved are not of the sort you could actually type, they are too long for typing as you can see in the example URL.

Example url (does not work since hosted mofowallet does not run the development version): https://www.mofowallet.com/launch.html#/login/7b0a2020226374223a2022677051734f6b6d506364634b69704c682f34366268644e39624839307970646c6d30766349324c456e334854454b7435766a3074306f2f67726b7367555061666647546e4e52544e31506a726a6f54722b2b416e69483363367a797253396950794a3449526b396b2b71714a4e316c6e54494549416b32453946664f34656f353942762f7a7476783639342b556471436e77302b61413d3d222c0a2020226976223a20226334626462343265366565366261613366393336333061616531353262343735222c0a20202273223a202235346265303034653634363038393132220a7d

You are right that typing it wrong could potentially send the whole thing to a search engine (encrypted) but what is the chance of that happening when clicking the link or pasting it in the url bar?
Copy pasting your secret phrase could in a way also be potentially dangerous, if the key is still on your clipboard and you press paste (CTRL-V) in either the url bar or the search bar it is also send to the search engine but now it's unencrypted, this is how things are done now in both FIMK and NXT.

The wallet part in the URL is not send to the mofowallet.com domain. All the mofowallet.com server will see in it's request logs is everything up to the # sign in the URL. This is how all browsers (or better yet the HTTP protocol) works, everything after the # sign stays only client side.

When you land on hosted mofowallet users are asked to unlock the wallet and are then presented with ways to store the (encrypted) key in the browser local storage or to download a file backup. This method is especially easy when using a mobile/small device where all you need to do is click a link you emailed yourself to transfer your keys to your mobile.

Users are asked to unlock their wallet.


Users are asked to name the account and to make a backup.

The part that worries me is a mistyped URL.  Most browsers send mistyped URLs (in this case containing your password) directly to a search engine.

There is a #FIMK channel on the supernet slack for anyone interested.

Go here to get an invite http://slackinvite.supernet.org/

Nothing is ever send to the server your key remains client side. Many other crypto projects are doing the same thing.
Plus there is basically no difference between either having an encrypted file with your passphrase in it or having a URL with the encrypted passphrase, the latter is just easier to work with.
Of course if you need top security for critical accounts the whole brain wallet mechanism remains fully intact, the new developments are more geared to lowering the barrier for when we start developing UI and apps for the average Joe kinda user.


There is zero risk involved here, all it is basically trying to do is bring the dynamism as is known in the P2P network (which goes beyond the reality we see each time a block is forged) directly to the client.
So in a way the client 1-on-1 reflects whatever is happening on the network.
For this to be possible websocket support had to be added first, which we did a while back the virtual layer now completes it (although it has to be tuned more).


Asset to asset (as opposed to asset to fimk) trading is what we have been preparing for.

yes, thanks.
I got FIMK during IPO, I couldnt get it to work for a while, but the latest version worked fine and it was pretty interesting, so I decided to increase my personal stake.

James

I sell 3500000 FIMK to jl777 - enjoy

Yes.  Would be great if you can fix it.


Sounds a little scary, but I wil reserve judgement until after I see it.


Thump!  I just passed out and hit the floor.  These are amazing developments.  I am curious how you maintain security with these virtual exchanges and how it fits in with the main blockchain.  Are they decentralized?

It sounds like FIM could be a dark horse, actually backed by innovative ideas and serious developers.

These are major developments that I would not have suspected were going on@

Tho... I've always liked FIM and supported it. I knew something was coming (hero members post to this thread), but would not have suspected developments on this scale.  Solving the block reward issue with NXT showed some promise... but this takes things to a whole new level, with lots of disruptive possibilities.

Are you working on any kind of cross-chain trading mechanism?


Better be.  Anything else is centralized.  Anonymity is an essential part of cryptocurrency.

Hi James, nice to see you here! 


I agree.

Top account holders.  Sell to this man!  Because you want jl777 on board with FIM.  He knows what he is doing, has good ideas and gets things done.

This is a buy signal for me personally: jl777 knows his stuff.

Spotted this at fimk-forum https://forum.fimk.fi/index.php?topic=589.0

WTB FIMK in bulk.

PM me offers

Progress has been picking up since the start, we're getting more comfortable with the platform every day.
But I agree that it might not have been showing that much, as was said before FIMK is not about pumping we have a long term vision and for that to become a reality a lot of 'boring' low level work has to be done first.
Some of that work would not have been possible before since a new platform has to be mastered first.

-------

One more thing about the new account identifiers. It might have appeared as if everything has to go through our centralized (delegated would be a better word) verification process.
That is not the case, everyone can assign their own [email protected] address. It is also possible to assign a @fimk.fi address to an account you don't own but for that you have to provide a digital signature signed by the owner of the account you are assigning the id to.
All this functionality will be easily available from all the various clients.

The [email protected] addresses will also be fully functional email addresses to which you can send an email. Hosting for those addresses will be provided by the Krypto Fin ry association free of charge and will allow for a whole new set of possibilities (send FIMK to email, get blockchain notifications, fully encrypted emails and 2FA are only but a few).

Dirk

Thank you for the update. Nice to see progress!

I agree to that.  Except for the slow part (do you mean the page takes a long time to load initially?). The focus of mofowallet has been mostly at the platform level (translation mechanism, provider mechanism, websockets, live feedback everywhere, modular UI approach - basically doing it the proper angular way).
I'm no UI designer we will hire one when the time is ready but for any UI designer to do anything he needs something he/she can work on, the Angular approach and the strict MVC design allow a designer to basically work on the HTML only. All the javascript (and it's a lot) can stay as is because of the strict separation of the model, view and controller parts.

Edit: Where are you situated if I might ask? In my country even on mobiles 4G/3G the hosted version loads in a few seconds and when all the JS was loaded subsequent loads are almost instant. Are in China by any chance? If so I might have an idea what is causing this.

About the Private Assets (short descr)

A private asset is an asset designed for use in financial institutions. The control of who can buy. sell, transfer or receive the asset is with the asset issuer. The asset issuer can at any time add or remove accounts to the list of 'allowed' accounts. The fee paid for placing orders and for each trade can be set by the asset issuer as a percentage of the order or trade sum and this fee will be paid to the asset issuer.

Hi,

Short status update, been a while I know..


Our NXT+ product (the made ready for mofowallet version of NXT) has been on 1.5 since before the hard fork. Otherwise no-one could have used NXT since then. So unless you want to run the NXT server yourself locally from within the client, all should work.


I've had some reports of the copying issue. Thats OSX right?
For the upcoming release I've changed the way keys are stored.
Instead of in the encrypted wallet file they will live (encrypted) in your browser localStorage (your client side db, all browsers have that and it is very secure).
But the main method of login will consist of secret URL's that embed the encrypted passphrase in the url, so you'll need to place that url on your toolbar or something or save it somewhere. You basically only need to visit that url once since visiting it will store the wallet in the browser db, you then need to provide the wallet password each time you do a transaction.

Until we get the proper tools in place for 2FA this will remain a weak spot but it's the same with all other brainwallet coins.

--------

We have completed the Private Assets feature which has been running on testnet for a while now. It has been used for demoing purposes by Eliphaz his banking contacts.
For the purpose of these demos we also reskinned the AE UI.



To get rid of the slowness of the AE (the need to wait for blocks) we developed the Virtual Exchange layer.
This turned out to be a pretty difficult task but as always all turned out well in the end (thanks to our new testing tools).

What the virtual exchange does is exactly as it says provide an exchange but a virtual one.
While in the normal AE orders are matched (and balances are updated etc ..) when a new block comes in, in the virtual exchange orders are matched the millisecond an unconfirmed transaction hits the network. So basically instant. The fun thing now is when you place an order you'll see in realtime (all over the world basically) what the consequences of that action are (your balance will change immediately as will you see all trades that happen from that order as well see all partially matched orders have their remaining amounts updated).
This layer of course had to made fully aware of when new blocks come or blocks are popped. Since you cannot know for sure the order in which transactions are finally placed in the block by the forger the layer (which works like a event system over websockets) had to also be made aware of this and be able to correct it on the clients.

Currently we are finalizing the new identifier mechanism, the goal is to do away with all FIM-XXX addresses, while they are miles better than the old numeric addresses they still don't allow for easy adoption. The system being tested now will offer two types of ID's. There are your free [email protected] names available to anyone (for free through our faucet) and then there are the verified addresses [email protected] for instance. If you want one of those you'll have to go through our verification process where you verify (all done using cryptographic methods) that you own that address. Then in a later stadium those verified addresses will become part of the platform in even more integrated ways.

The FIM-XXX address will probably remain working forever but all new things we do will focus on the new identifiers. In the current implementation you can have multiple identifiers point to a single account.

To make all these big and complex changes to the core possible and stay compatible with the upstream NXT critical security releases we now also developed our very own blockchain testing tool suite. While I don't mind writing Java, I like writing Javascript a lot more, mostly since you can so much more with much less code. After writing some tests in Java I figured since FIMK is on Java 8 now, why not make use of the new built-in Nashorn js engine to write tests in javascript instead ?
The result has given me joy and speed ever since, writing tests has become a breeze now, the suite (at least the parts released) can be seen here https://github.com/fimkrypto/fimk/tree/master/src/test/resources.


Dirk

I mean the one I can run locally.  (BTW: The one-click exe version does not allow copy and paste, which makes working with large secure password a pain.  Saving password in the wallet also is not a very secure option for me.)

Great it will be rebranded, but to what?

You mean wallet.fimk.fi or wallet.fimk.fi:7886 ? They use older versions for testing purposes. The downloadable wallet should always be pretty swift. Mofowallet will be rebranded in ~1 month.

I've been told quite soon.