Topic: [ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency - page 6181. (Read 9724097 times)

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: Kai Proctor on April 27, 2014, 04:11:57 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

If it was like this nothing could prevent someone to build thousand masternodes with the same 1000 DRK.

Network would reject a masternode registering twice with the same address, and if you think about moving the 1k DRK to another wallet, network would detect it and stop accepting you as a masternode.

Register a masternode with a wallet with 1000 DRK ----> send the 1000 DRK to an other wallet ----> Register a new masternode with the new wallet ----> send the 1000 DRK to an other wallet ----> etc.

kaene

hero member

Activity: 784

Merit: 1005

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: blajde on April 27, 2014, 03:53:28 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

If it was like this nothing could prevent someone to build thousand masternodes with the same 1000 DRK.

Network would reject a masternode registering twice with the same address, and if you think about moving the 1k DRK to another wallet, network would detect it and stop accepting you as a masternode.

fearcoka

legendary

Activity: 1008

Merit: 1000

Quote from: fearcoka on April 27, 2014, 02:51:28 PM

can we raise the price a bit?

I don't like how you leech the money out for DRK for your tropical vision. Go to economics section for your brewing, minidumps, price alteration wishes please

Want to shut your mouth? I can say that I am one of the earlier adopters and hold over 100k darks. Im trying to get more darks so people like you don't fuck the growth of this coin.

gtfo douchebag

Kai Proctor

hero member

Activity: 546

Merit: 500

01100100 01100001 01110011 01101000

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: AlexGR on April 27, 2014, 03:59:24 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

If it was like this nothing could prevent someone to build thousand masternodes with the same 1000 DRK.

blajde

sr. member

Activity: 364

Merit: 250

Pre-sale - March 18

Me thinks we need to issue a few bounties for hackers to test the possible attack vectors against masternode operation, cheating, payments etc, prior to going live (perhaps RC3+?). There's too much new stuff in there and code does have the annoying tendency to break, so... better harden it now than have nasty surprises later on.

agreed

AlexGR

legendary

Activity: 1708

Merit: 1049

Me thinks we need to issue a few bounties for hackers to test the possible attack vectors against masternode operation, cheating, payments etc, prior to going live (perhaps RC3+?). There's too much new stuff in there and code does have the annoying tendency to break, so... better harden it now than have nasty surprises later on.

humanitee

hero member

Activity: 1302

Merit: 502

Quote from: AlexGR on April 27, 2014, 01:46:35 AM

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

Because why ever have them on the machine at all? You could use TOR to send the message to your remote master node and no one would know your native IP. As long as you aren't running services off your local machine and have pretty much all your ports closed down you are better protected than on a server.

camosoul

hero member

Activity: 560

Merit: 500

www.OroCoin.co

Quote from: camosoul on April 27, 2014, 01:38:56 AM

Quote from: Terzo on April 27, 2014, 01:19:49 AM

Quote from: InternetApe on April 27, 2014, 01:14:05 AM

Darkcoin is #3 as far as volume for last 24 hours, only behind BTC and LTC. Watchout! DRK could take over LTC spot very quickly!

It is Darkcoin rightful place. LTC became ASIC b!tch and its going down .

LTC is still a functional coin... What makes it unusable? Pretty sure there are a bunch of ASICs hashing BTC...

Miners live in their own cryptobubble... just because they can't mine a coin as well "it's dead"... lol. We all know that BTC *really* died when ASICs came onboard, lol.

Then again, LTC "sold" itself as the solution to the |ASIC problem" and failed. So, in a sense, it fails to deliver on it's core promise.

DRK, on the other hand, makes no promise for long-term ASIC resistance (as litecoin devs admitted, anything GPU mineable is ASIC-able) neither is ASIC immunity its main selling point.

Waaahhhh I lost my money hose!!!

ASICs ensure CPU server farms can't break a coin. It's a good, and inevitable, thing for any cryptocoin. DGW should keep any X11 ASIC's price down enough that people can afford them. Maybe low enough that nobody makes an ASIC for it. Speculative, of course. If the value goes high enough, even DGW won't stop an ASIC from being made.

kaene

hero member

Activity: 784

Merit: 1005

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: fearcoka on April 27, 2014, 02:51:28 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

I'm not saying it is, that should be Evan, because he hasn't left details about it, but my guess is that the idea should be something like that.

You need the second machine because it must run the masternode, if you run the initial verification but then close the wallet you are also closing the masternode (masternode code is within the wallet).

blajde

sr. member

Activity: 364

Merit: 250

Pre-sale - March 18

can we raise the price a bit?

I don't like how you leech the money out for DRK for your tropical vision. Go to economics section for your brewing, minidumps, price alteration wishes please

LimLims

sr. member

Activity: 1204

Merit: 272

1xbit.com

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: thelonecrouton on April 27, 2014, 10:51:31 AM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

If that's how it works, then I wonder why a second machine is necessary? If you only need the wallet present at the initial verification step, why not have a single masternode that verifies the wallet, closes it, and allows you to remove it from the machine?

kaene

hero member

Activity: 784

Merit: 1005

TMB multipool now mining DRK, further X11 coins to follow.

https://pool.trademybit.com/

Quote from: Bortmehanic on April 27, 2014, 06:29:30 AM

On Switchercoin open Darkcoin Pool with autochange your earned coins on Litecoin! Reward type - PPLNS, 1% - pool fee. For connect to pool - stratum+tcp://switchercoin.com:2222.
More details about mining and settings for popular video cards Getting Started page.
Now we already find first block.

We would like it the other way around, mine other coins and have DRK as payment Wink

kaene

hero member

Activity: 784

Merit: 1005

Quote from: humanitee on April 27, 2014, 03:17:49 PM

Quote from: humanitee on April 27, 2014, 03:36:49 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

My guess is that masternodeA (the one holding the coins) registers in the network like "hey, I want to be a masternode, and I hold 1k DRK, you can check it, and my "masternodeaddr" is this 'masternodeB' (which has 0DRKs)", then the network verifies that masternodeA has 1k DRKs and registers masternodeB in the list of masternodes. When you get the list of masternodes you only get masternodeB.

I guess someone could sniff that initial part of the protocol and find out that masternodeA has 1k DRKs masternodeB has 0 DRKs, but I would say that you don't really even need to have masternodeA available in the network as long as the wallet holds the 1k DRKs, so (and this is just thinking and writing the same time) you could probable even disconnect masternodeA from the network after the initial registration and just leave masternodeB in the network.

LimLims

sr. member

Activity: 1204

Merit: 272

1xbit.com

Quote from: humanitee on April 27, 2014, 03:17:49 PM

I don't get how the 2 machine masternode setup is more secure. If someone can break into either, your setup is toast. And the wallet's security is independent of the machines hosting it -- it relies on the strength of your password & the encryption algorithm. I can't see how the 2 machine configuration helps at all.

Because your master node IP is static, broadcast to the network, and an attacker knows 1000 DRK is on it. Your local machine IP is not listed on the master node list with the 2 machine setup and there are no coins on the server that's running the master node. Double win.

If we could get a port of Armory for Darkcoin you could theoretically do all this with the coins in cold storage. Triple win.

Masternode has to communicate with the node holding the coins, to verify the 1000 DRK are there. So if the masternode can do that, so can an attacker who has compromised the masternode. From there, they just need to break into the secondary node holding the wallet, which will presumably have no better security than the one they already broke into.

I very much doubt the remote master node knows the private keys, because as you have pointed out, it would be of no advantage.

The way I'm thinking about this is that an attacker follows this path:

Get static IP of masternode --> compromise masternode --> figure out IP of secondary node by [magic] --> compromise secondary node

The [magic] part I'm assuming must be possible because the masternode must at some point communicate with the secondary node. But maybe there's some reason why this is infeasible?

BitcoinFX

legendary

Activity: 2646

Merit: 1722

https://youtu.be/DsAVx0u9Cw4 ... Dr. WHO < KLF

Quote from: ?? on ??

This is off topic but bitcoinfx is your avatar from desert punk?

Yes. Sunabōzu - https://wikipedia.org/wiki/Desert_Punk Grin

humanitee

hero member

Activity: 1302

Merit: 502

Quote from: humanitee on April 27, 2014, 03:17:49 PM