Pages:
Author

Topic: [ANN] 📁 novusphere.io 📁 atmos (ATMS) 📁 Censorship Resistant Media Sharing 📁 - page 19. (Read 120212 times)

full member
Activity: 152
Merit: 100
Put it in the wallet then Smiley

Ask a 3rd party developer if what I said is incorrect if for whatever reason you don't believe me, I'm happy to discuss it with someone who is code literate if they believe otherwise. In fact, ask the VTR developer himself Smiley. This isn't a game of you say jump and I say how high. There are more important things to be worked on then improving the wallet of the temporary block chain.

No, no I do believe you as you stated - "I'm not claiming this is some innovative technique either as it simply employs the same mechanism Electrum uses"

The technique VTR has employed on the other hand is innovative.

full member
Activity: 165
Merit: 101
Put it in the wallet then Smiley

Ask a 3rd party developer if what I said is incorrect if for whatever reason you don't believe me, I'm happy to discuss it with someone who is code literate if they believe otherwise. In fact, ask the VTR developer himself Smiley. This isn't a game of you say jump and I say how high. There are more important things to be worked on then improving the wallet of the temporary block chain.
full member
Activity: 152
Merit: 100
Multisig 2fa Transactions

Today, we are introducing a mechanism for users to secure their funds on the temporary block chain via a true 2fa multisig transactions. We'll be posting another update later on detailing the status of other things we have been working on.

When we release our web wallet, a native implementation will be available and won't require as much hassle on the users end and will simply prompt you for the 2fa code within the wallet when you attempt to spend from a 2fa multisig address.

You can access the feature as well as guide on how to use it at https://novusphere.io/Home/Multisig

Brief Overview

For two factor (via google authenticator) to work in a secured mannerism a server or central must hold a copy of your two factor secret; It must not be derrived client side based on something like a wallet passphrase. This is how two factor traditionally works on many sites we're all familiar with such as exchanges; The server saves some secret and reveals it to us once in the form of a QR code we can scan.

This implementation makes use of 2-of-3 multisigs where the client holds 2 keys but is urged to keep their 2nd key offline and seperate from their main wallet. Instead for the 2nd signature, you trust the server holding the 3rd key to cosign the multisig transaction only if the 2FA check is passed. Electrum uses a similar model where you trust a server to co-sign for you: http://docs.electrum.org/en/latest/2fa.html

Quote
Electrum offers two-factor authenticated wallets, with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

Is this decentralized? What happens if Novus is hacked?

Even if Novus or the central server is hacked or bricked and loses all of its private keys no harm is done to user funds. This is because the server only contains 1 of 3 private keys required to spend funds. In the case the server is unable to cosign a transaction then you can resort to using the 2nd key which should be stored offline and separate from your main wallet.

In other words, even if Novus is hacked or compromised this should not affect the safety of your funds!

What happens if I (the user) am hacked?

Supposing that the hacker has gotten access to the wallet and your passphrase on your main computer, they cannot spend any funds from the multisig 2fa address without having either your 2nd key or alternatively your 2fa secret that should only be on your phone as this is the requirement for the server to cosign.

In other words, your funds should still be safe.

Is this open source?

Yes!

https://github.com/asphyxiating/Multisig2faTxExample/blob/master/Multisig2faTxExample/Multisig2faTx.cs

The above is a reference implementation showing how any coin from a bitcoin code base can implement it. We would strongly advise all projects to implement such a mechanism to offer better security for users funds as this should be one of the top priorities for any project.

Notes

While our implementation is done externally from the wallet, it's entirely possible to natively implement this solution to the wallet but since it's our intent to develop a web wallet in the near future we have decided not to do this. Multisig 2fa transactions will be natively available in our web wallet at a later time.


It's taken vtr 3 years and they still have a closed source 2fa, looks like you are miles ahead of them. Good work dev.

Read the notes, it hasn't been implemented into the wallet. Why would VTR devs release code to be stolen? Web based 2FA sounds like a real "first"

What difference does it make whether it's implemented in the wallet or not?

Would it some how be different technologically because it's wrapped in a QT interface? If it was in the wallet the flow would be trivially different:

In Wallet
  • Wallet generates transaction with single signature (from local key)
  • Wallet prompts for 2fa code
  • Wallet sends 2fa code and raw transaction to trusted server to verify
  • If trusted server fails to verify the 2fa code, it doesn't cosign the transaction so funds can't be spent
  • If trusted server verifies the 2fa code, it cosigns the transaction and broadcasts the transaction

External from Wallet
  • Trusted server asks user for 2fa code
  • If trusted server fails to verify 2fa code, no transaction is created
  • If trusted server verifies the 2fa code, it creates the transaction, cosigns it, sends it back to the user to verify
  • User cosigns from their wallet and broadcasts the transaction

From this you can see implementing it in the wallet makes little to no difference with how it actually works. I'm not claiming this is some innovative technique either as it simply employs the same mechanism Electrum uses but offers an easy to use reference for alt coins.

Put it in the wallet then Smiley
full member
Activity: 165
Merit: 101
Multisig 2fa Transactions

Today, we are introducing a mechanism for users to secure their funds on the temporary block chain via a true 2fa multisig transactions. We'll be posting another update later on detailing the status of other things we have been working on.

When we release our web wallet, a native implementation will be available and won't require as much hassle on the users end and will simply prompt you for the 2fa code within the wallet when you attempt to spend from a 2fa multisig address.

You can access the feature as well as guide on how to use it at https://novusphere.io/Home/Multisig

Brief Overview

For two factor (via google authenticator) to work in a secured mannerism a server or central must hold a copy of your two factor secret; It must not be derrived client side based on something like a wallet passphrase. This is how two factor traditionally works on many sites we're all familiar with such as exchanges; The server saves some secret and reveals it to us once in the form of a QR code we can scan.

This implementation makes use of 2-of-3 multisigs where the client holds 2 keys but is urged to keep their 2nd key offline and seperate from their main wallet. Instead for the 2nd signature, you trust the server holding the 3rd key to cosign the multisig transaction only if the 2FA check is passed. Electrum uses a similar model where you trust a server to co-sign for you: http://docs.electrum.org/en/latest/2fa.html

Quote
Electrum offers two-factor authenticated wallets, with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

Is this decentralized? What happens if Novus is hacked?

Even if Novus or the central server is hacked or bricked and loses all of its private keys no harm is done to user funds. This is because the server only contains 1 of 3 private keys required to spend funds. In the case the server is unable to cosign a transaction then you can resort to using the 2nd key which should be stored offline and separate from your main wallet.

In other words, even if Novus is hacked or compromised this should not affect the safety of your funds!

What happens if I (the user) am hacked?

Supposing that the hacker has gotten access to the wallet and your passphrase on your main computer, they cannot spend any funds from the multisig 2fa address without having either your 2nd key or alternatively your 2fa secret that should only be on your phone as this is the requirement for the server to cosign.

In other words, your funds should still be safe.

Is this open source?

Yes!

https://github.com/asphyxiating/Multisig2faTxExample/blob/master/Multisig2faTxExample/Multisig2faTx.cs

The above is a reference implementation showing how any coin from a bitcoin code base can implement it. We would strongly advise all projects to implement such a mechanism to offer better security for users funds as this should be one of the top priorities for any project.

Notes

While our implementation is done externally from the wallet, it's entirely possible to natively implement this solution to the wallet but since it's our intent to develop a web wallet in the near future we have decided not to do this. Multisig 2fa transactions will be natively available in our web wallet at a later time.


It's taken vtr 3 years and they still have a closed source 2fa, looks like you are miles ahead of them. Good work dev.

Read the notes, it hasn't been implemented into the wallet. Why would VTR devs release code to be stolen? Web based 2FA sounds like a real "first"

What difference does it make whether it's implemented in the wallet or not?

Would it some how be different technologically because it's wrapped in a QT interface? If it was in the wallet the flow would be trivially different:

In Wallet
  • Wallet generates transaction with single signature (from local key)
  • Wallet prompts for 2fa code
  • Wallet sends 2fa code and raw transaction to trusted server to verify
  • If trusted server fails to verify the 2fa code, it doesn't cosign the transaction so funds can't be spent
  • If trusted server verifies the 2fa code, it cosigns the transaction and broadcasts the transaction

External from Wallet
  • Trusted server asks user for 2fa code
  • If trusted server fails to verify 2fa code, no transaction is created
  • If trusted server verifies the 2fa code, it creates the transaction, cosigns it, sends it back to the user to verify
  • User cosigns from their wallet and broadcasts the transaction

From this you can see implementing it in the wallet makes little to no difference with how it actually works. I'm not claiming this is some innovative technique either as it simply employs the same mechanism Electrum uses but offers an easy to use reference for alt coins.
full member
Activity: 152
Merit: 100
Multisig 2fa Transactions

Today, we are introducing a mechanism for users to secure their funds on the temporary block chain via a true 2fa multisig transactions. We'll be posting another update later on detailing the status of other things we have been working on.

When we release our web wallet, a native implementation will be available and won't require as much hassle on the users end and will simply prompt you for the 2fa code within the wallet when you attempt to spend from a 2fa multisig address.

You can access the feature as well as guide on how to use it at https://novusphere.io/Home/Multisig

Brief Overview

For two factor (via google authenticator) to work in a secured mannerism a server or central must hold a copy of your two factor secret; It must not be derrived client side based on something like a wallet passphrase. This is how two factor traditionally works on many sites we're all familiar with such as exchanges; The server saves some secret and reveals it to us once in the form of a QR code we can scan.

This implementation makes use of 2-of-3 multisigs where the client holds 2 keys but is urged to keep their 2nd key offline and seperate from their main wallet. Instead for the 2nd signature, you trust the server holding the 3rd key to cosign the multisig transaction only if the 2FA check is passed. Electrum uses a similar model where you trust a server to co-sign for you: http://docs.electrum.org/en/latest/2fa.html

Quote
Electrum offers two-factor authenticated wallets, with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

Is this decentralized? What happens if Novus is hacked?

Even if Novus or the central server is hacked or bricked and loses all of its private keys no harm is done to user funds. This is because the server only contains 1 of 3 private keys required to spend funds. In the case the server is unable to cosign a transaction then you can resort to using the 2nd key which should be stored offline and separate from your main wallet.

In other words, even if Novus is hacked or compromised this should not affect the safety of your funds!

What happens if I (the user) am hacked?

Supposing that the hacker has gotten access to the wallet and your passphrase on your main computer, they cannot spend any funds from the multisig 2fa address without having either your 2nd key or alternatively your 2fa secret that should only be on your phone as this is the requirement for the server to cosign.

In other words, your funds should still be safe.

Is this open source?

Yes!

https://github.com/asphyxiating/Multisig2faTxExample/blob/master/Multisig2faTxExample/Multisig2faTx.cs

The above is a reference implementation showing how any coin from a bitcoin code base can implement it. We would strongly advise all projects to implement such a mechanism to offer better security for users funds as this should be one of the top priorities for any project.

Notes

While our implementation is done externally from the wallet, it's entirely possible to natively implement this solution to the wallet but since it's our intent to develop a web wallet in the near future we have decided not to do this. Multisig 2fa transactions will be natively available in our web wallet at a later time.


It's taken vtr 3 years and they still have a closed source 2fa, looks like you are miles ahead of them. Good work dev.

Read the notes, it hasn't been implemented into the wallet. Why would VTR devs release code to be stolen? Web based 2FA sounds like a real "first"
hero member
Activity: 532
Merit: 500
Multisig 2fa Transactions

Today, we are introducing a mechanism for users to secure their funds on the temporary block chain via a true 2fa multisig transactions. We'll be posting another update later on detailing the status of other things we have been working on.

When we release our web wallet, a native implementation will be available and won't require as much hassle on the users end and will simply prompt you for the 2fa code within the wallet when you attempt to spend from a 2fa multisig address.

You can access the feature as well as guide on how to use it at https://novusphere.io/Home/Multisig

Brief Overview

For two factor (via google authenticator) to work in a secured mannerism a server or central must hold a copy of your two factor secret; It must not be derrived client side based on something like a wallet passphrase. This is how two factor traditionally works on many sites we're all familiar with such as exchanges; The server saves some secret and reveals it to us once in the form of a QR code we can scan.

This implementation makes use of 2-of-3 multisigs where the client holds 2 keys but is urged to keep their 2nd key offline and seperate from their main wallet. Instead for the 2nd signature, you trust the server holding the 3rd key to cosign the multisig transaction only if the 2FA check is passed. Electrum uses a similar model where you trust a server to co-sign for you: http://docs.electrum.org/en/latest/2fa.html

Quote
Electrum offers two-factor authenticated wallets, with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

Is this decentralized? What happens if Novus is hacked?

Even if Novus or the central server is hacked or bricked and loses all of its private keys no harm is done to user funds. This is because the server only contains 1 of 3 private keys required to spend funds. In the case the server is unable to cosign a transaction then you can resort to using the 2nd key which should be stored offline and separate from your main wallet.

In other words, even if Novus is hacked or compromised this should not affect the safety of your funds!

What happens if I (the user) am hacked?

Supposing that the hacker has gotten access to the wallet and your passphrase on your main computer, they cannot spend any funds from the multisig 2fa address without having either your 2nd key or alternatively your 2fa secret that should only be on your phone as this is the requirement for the server to cosign.

In other words, your funds should still be safe.

Is this open source?

Yes!

https://github.com/asphyxiating/Multisig2faTxExample/blob/master/Multisig2faTxExample/Multisig2faTx.cs

The above is a reference implementation showing how any coin from a bitcoin code base can implement it. We would strongly advise all projects to implement such a mechanism to offer better security for users funds as this should be one of the top priorities for any project.

Notes

While our implementation is done externally from the wallet, it's entirely possible to natively implement this solution to the wallet but since it's our intent to develop a web wallet in the near future we have decided not to do this. Multisig 2fa transactions will be natively available in our web wallet at a later time.


It's taken vtr 3 years and they still have a closed source 2fa, looks like you are miles ahead of them. Good work dev.
full member
Activity: 165
Merit: 101
Multisig 2fa Transactions

Today, we are introducing a mechanism for users to secure their funds on the temporary block chain via a true 2fa multisig transactions. We'll be posting another update later on detailing the status of other things we have been working on.

When we release our web wallet, a native implementation will be available and won't require as much hassle on the users end and will simply prompt you for the 2fa code within the wallet when you attempt to spend from a 2fa multisig address.

You can access the feature as well as guide on how to use it at https://novusphere.io/Home/Multisig

https://twitter.com/thenovusphere/status/857386598262034433

Brief Overview

For two factor (via google authenticator) to work in a secured mannerism a server or central must hold a copy of your two factor secret; It must not be derrived client side based on something like a wallet passphrase. This is how two factor traditionally works on many sites we're all familiar with such as exchanges; The server saves some secret and reveals it to us once in the form of a QR code we can scan.

This implementation makes use of 2-of-3 multisigs where the client holds 2 keys but is urged to keep their 2nd key offline and seperate from their main wallet. Instead for the 2nd signature, you trust the server holding the 3rd key to cosign the multisig transaction only if the 2FA check is passed. Electrum uses a similar model where you trust a server to co-sign for you: http://docs.electrum.org/en/latest/2fa.html

Quote
Electrum offers two-factor authenticated wallets, with a remote server acting to co-sign transactions, adding another level of security in the event of your computer being compromised.

Is this decentralized? What happens if Novus is hacked?

Even if Novus or the central server is hacked or bricked and loses all of its private keys no harm is done to user funds. This is because the server only contains 1 of 3 private keys required to spend funds. In the case the server is unable to cosign a transaction then you can resort to using the 2nd key which should be stored offline and separate from your main wallet.

In other words, even if Novus is hacked or compromised this should not affect the safety of your funds!

What happens if I (the user) am hacked?

Supposing that the hacker has gotten access to the wallet and your passphrase on your main computer, they cannot spend any funds from the multisig 2fa address without having either your 2nd key or alternatively your 2fa secret that should only be on your phone as this is the requirement for the server to cosign.

In other words, your funds should still be safe.

Is this open source?

Yes!

https://github.com/asphyxiating/Multisig2faTxExample/blob/master/Multisig2faTxExample/Multisig2faTx.cs

The above is a reference implementation showing how any coin from a bitcoin code base can implement it. We would strongly advise all projects to implement such a mechanism to offer better security for users funds as this should be one of the top priorities for any project.

Notes

While our implementation is done externally from the wallet, it's entirely possible to natively implement this solution to the wallet but since it's our intent to develop a web wallet in the near future we have decided not to do this. Multisig 2fa transactions will be natively available in our web wallet at a later time.
member
Activity: 125
Merit: 10
Big announcement coming tonight, right?

Pretty big one, I'd say. Smiley

Also, Asphyxia said a bounty system was going to be integrated soon. Hopefully some more word on that will come in the next update(s).
member
Activity: 151
Merit: 10
Is there any news from bittrex, I dont like either of the exchanges we are on much and we really need a big trusted exchange like bittrex. I asked them in their slack and I dont remember who but they said that it was being considered. Is there anything you or us can do to make this move faster?

igigme 77 looking out.

They cant add.If they do they get Problems with the law. Atmos is a not legal movie sharing page

Yes they can ...they add vtorrent which is illegal . plus we are legal and are fully compliant with dmca take down requests ...nice try tho

vtorrent is not illegal though, just like torrent isn't, it's a technology, which can be used for doing legal and illegal things, just like a car can be used to do legal and illegal things Wink

Ok..sure. Its biz model is unless they plan to take down torrents of movies that have copyrights like how we plan to fully comply. Pretty sure they won't so suck it vtorrent fanboy. Hope u enjoy their website...oh wait that's right ...its been two years and still not one😲😂

Vtorrent is not a company so the concept of business model is ill-defined in its case, the more people use the technology the more the value of the coin rises by the law of supply and demand, the inability to control what users share doesn't make it illegal, only decentralized (though I'm sure some policy makers would love to make 'decentralized' illegal)

Stating facts doesn't make one a fanboy, and in case you haven't realized I posted on the first page of this thread Wink
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Big announcement coming tonight, right?

Security update on Thursday as stated in this thread earlier. (Page 68 if you are using default forum settings.)
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
It needs to be open, That cant be. How is that safe? My wallet is on a shared computer. What am I supposed to do now.

I don't know what to tell you, don't use a shared computer, use a dedicated computer for staking, or use a virtual machine which you control (preferably on a computer that is not shared.)

I'm on a sort of shared computer (just me and one other person uses it) but for the most part it is relatively safe.

If you want to be extra safe, you will use an offline computer, but then that doesn't stake.
full member
Activity: 154
Merit: 100
hero member
Activity: 532
Merit: 500
Big announcement coming tonight, right?
hero member
Activity: 570
Merit: 500
Is there any news from bittrex, I dont like either of the exchanges we are on much and we really need a big trusted exchange like bittrex. I asked them in their slack and I dont remember who but they said that it was being considered. Is there anything you or us can do to make this move faster?

igigme 77 looking out.

They cant add.If they do they get Problems with the law. Atmos is a not legal movie sharing page

It is legal, there are DMCA take downs there, all the content there is user submitted and automatically generated, with Novus having no control over it unless they decide to add new rules to block content - which they will if rights holders file the take down. And atmos gateway is only one gateway, an example, anyone in the future wallet will have their own gateway with any rules they want.

Similarly, Bittorent is a legal company in US, similarly they have no control over what bittorent is used for.

Cryptopia is a trusted exchange and has never had problems. Dev already had several discussions with bittrex, but they won't release details until it's final, probably when we're further along in releases.
hero member
Activity: 602
Merit: 500
Is there any news from bittrex, I dont like either of the exchanges we are on much and we really need a big trusted exchange like bittrex. I asked them in their slack and I dont remember who but they said that it was being considered. Is there anything you or us can do to make this move faster?

igigme 77 looking out.

They cant add.If they do they get Problems with the law. Atmos is a not legal movie sharing page

Yes they can ...they add vtorrent which is illegal . plus we are legal and are fully compliant with dmca take down requests ...nice try tho

vtorrent is not illegal though, just like torrent isn't, it's a technology, which can be used for doing legal and illegal things, just like a car can be used to do legal and illegal things Wink

Ok..sure. Its biz model is unless they plan to take down torrents of movies that have copyrights like how we plan to fully comply. Pretty sure they won't so suck it vtorrent fanboy. Hope u enjoy their website...oh wait that's right ...its been two years and still not one😲😂

vtr sucks and in a few days when asphyxia makes his new update im going to torll them hard with all the new ammo I'm going to have.

What new update?
sr. member
Activity: 266
Merit: 250
A day happened
still no buywall at 800


Damnit...
After seeing my post
somebody actually broke the 800 wall
for 7.2 btc
That's great.... lets wait till the price is 10x
finger 🖕 crossed ➕

Just sume up the first 6 account holdings and you will see it was a Fake buy.
Tomorrow you will see the amount again in the other of these 6 Accounts.

They Buy side of 2 btc show you the prove  Grin Grin Grin Grin Grin Grin
sr. member
Activity: 266
Merit: 250
It´s funny to see how the market on cryptopia is manipulated and whales trying to get out of this with fake Volume and Fake buy walls.
Everyday 3 times the same... 3 buy peaks and than the whole day nothing. No Trading.

Yeah it sure is Fake
full member
Activity: 168
Merit: 100
It´s funny to see how the market on cryptopia is manipulated and whales trying to get out of this with fake Volume and Fake buy walls.
Everyday 3 times the same... 3 buy peaks and than the whole day nothing. No Trading.
full member
Activity: 124
Merit: 100
Is there any news from bittrex, I dont like either of the exchanges we are on much and we really need a big trusted exchange like bittrex. I asked them in their slack and I dont remember who but they said that it was being considered. Is there anything you or us can do to make this move faster?

igigme 77 looking out.

They cant add.If they do they get Problems with the law. Atmos is a not legal movie sharing page

Yes they can ...they add vtorrent which is illegal . plus we are legal and are fully compliant with dmca take down requests ...nice try tho

vtorrent is not illegal though, just like torrent isn't, it's a technology, which can be used for doing legal and illegal things, just like a car can be used to do legal and illegal things Wink

Ok..sure. Its biz model is unless they plan to take down torrents of movies that have copyrights like how we plan to fully comply. Pretty sure they won't so suck it vtorrent fanboy. Hope u enjoy their website...oh wait that's right ...its been two years and still not one😲😂

vtr sucks and in a few days when asphyxia makes his new update im going to torll them hard with all the new ammo I'm going to have.

I'm gonna be right behind ya. Get them on board with us Smiley
Pages:
Jump to: