Pages:
Author

Topic: Feathercoin Advanced Checkpointing released today (Read 11139 times)

legendary
Activity: 1316
Merit: 1000
Varanida : Fair & Transparent Digital Ecosystem
Congrats.
hero member
Activity: 630
Merit: 500
From a merchant/trade perspective their needs to be confidence that a ORPHANed transaction can NEVER happen

Also FTC had a fork issue a while back ....so maybe that was a close call

This helps with that idea ....it is a mainstream approach but it does add centralization to a coin ...this is a dangerous slippery slope they are entering 

Let's see if this helps their rep with the exchanges and confirmations are decreased.
hero member
Activity: 574
Merit: 500
There was no shortage of people (including me) asking for ways to prevent the repeated attacks.
If that is true, then why it is not even mentioned in feedback.feathercoin.com? Who were these people "asking for it"? Why did they not ask for it publicly, that is in feedback.feathercoin.com ?

From a merchant/trade perspective their needs to be confidence that a ORPHANed transaction can NEVER happen

Also FTC had a fork issue a while back ....so maybe that was a close call

This helps with that idea ....it is a mainstream approach but it does add centralization to a coin ...this is a dangerous slippery slope they are entering 

legendary
Activity: 2492
Merit: 1473
LEALANA Bitcoin Grim Reaper
I still don't think this should have been implemented.

+1
hero member
Activity: 630
Merit: 500
He may be the only credible person that I've seen that thinks this move isn't bad.

I like hearing intelligent non-biased other points of view, however I still don't think this should have been implemented.
sr. member
Activity: 303
Merit: 250
Can you let me know what affiliation you have in FTC (if any)?
No, I have no relations with FTC project.
Actually, I think he just care of the world of cryptocurrencies, and shares some part of his wisdom with those who needs help.
May be he has nervous relationships with trolls, and bad reputation in some people's mind, but you can see by yourself that he is helping many coin creators/developers, even if their coins are just copypasted modified NVC and actually compete with his own creation.
(P.S. I don't mean FTC itself, but many new pow/pos coins) 
legendary
Activity: 3108
Merit: 1359
Can you let me know what affiliation you have in FTC (if any)?
No, I have no relations with FTC project.
hero member
Activity: 630
Merit: 500
If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?
There is a checkpoints chain. All checkpoints MUST follow this chain without exceptions, and even key owner can't violate this rule.

P.S. How much times can you ask the same questions? Read the topic and commit description.

https://bitcointalksearch.org/topic/m.3042252
https://bitcointalksearch.org/topic/m.3022480

I've seen read some of your other posts, and they seem pretty well stated. Can you let me know what affiliation you have in FTC (if any)? I do appreciate your posts on the topic, and would love to believe they are not biased in any way, which I think might be the case.
legendary
Activity: 3108
Merit: 1359
If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?
There is a checkpoints chain. All checkpoints MUST follow this chain without exceptions, and even key owner can't violate this rule.

P.S. How much times can you ask the same questions? Read the topic and commit description.

https://bitcointalksearch.org/topic/m.3042252
https://bitcointalksearch.org/topic/m.3022480
hero member
Activity: 798
Merit: 1000
‘Try to be nice’
Yawn, i hope you kids spend lots of energy on this ...
hero member
Activity: 714
Merit: 500
Hmmmmm......
full member
Activity: 120
Merit: 100
Yes, he can. But his checkpoints will cause conflict, all clients will switch into safe mode and "Invalid checkpoint found!" or "Invalid chain found!" warning message will be displayed. Stolen key becomes useless immediately after this and checkpoints chain reset would be required to resolve this situation. That's why he must DDoS existing node before, to prevent it from sending checkpoints.
Something does add up here...

Why would the attackers' checkpoint cause conflict? How would the network know that they were created by the attacker, if he used the same private key and/or same physical machine as the "real" masternode?

If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?

Where could I read technical information about how exactly this "advanced checkpointing" works?
legendary
Activity: 3108
Merit: 1359
Yes, he can. But his checkpoints will cause conflict, all clients will switch into safe mode and "Invalid checkpoint found!" or "Invalid chain found!" warning message will be displayed. Stolen key becomes useless immediately after this and checkpoints chain reset would be required to resolve this situation. That's why he must DDoS existing node before, to prevent it from sending checkpoints.
full member
Activity: 120
Merit: 100
Quote from: checkpointsync.cpp
Checkpoint master key can be established by using the 'makekeypair' command. The public key in source code should then be updated and private key kept in a safe place.

Any node can be turned into checkpoint master by setting the 'checkpointkey' configuration parameter with the private key of the checkpoint master key.
What if an attacker (instead of DDoS'ing the masternode) steals the private key? Could he then become a masternode himself and generate fake checkpoints?
full member
Activity: 190
Merit: 100
hard time for FTC even after update - i mean its still work - its not happening alone.
So people enough lessons and now back to work back to mining and supporting and no trolling.
This threat was full of interesting info but somehow the flames over run it and now again is very hard to read between the lines of flames.

anyway its a move so now be patiente and wait, I hope you will get some of the important updates aswell.
 Wink
hero member
Activity: 630
Merit: 500
mullick, he already knows everything and has nothing to say. FUD is a normal LTC early-adopters behavior, they are trying to protect own investment, that's natural.

Typical of someone that speaks on behalf of FTC, you seem to have the incorrect perception that LTC and FTC are mutually exclusive. And that when someone says something bad about FTC, it must be because they support LTC and don't want competition. That's the stupidest thing around, and is stated usually out of a lack of a valid response to dismiss the issue brought up. While I understand FTC copied the code from LTC (like 90% of alts), I find it amusing that FTC supporters feel that LTC investors find it a threat.

As a decent sized miner, I hope FTC stays around for a very long time, as it steals hash rate from LTC. I also appreciate the link to the code on github, as I wasn't aware it was out there, but my overall feeling is that this is still a very, very bad move.

Feathercoin, as much as it has a close-knit community of supporters, which do work very well together, has a reputation issue outside of their world, and that is caused by numerous reasons:

  • A lot of sloppy mistakes with copying the LTC code (leaving private key in?) - I'm not a coder, nor have the skills to create my own coin without more research (I can ctrl-C/ctrl-v with the best of them though), but I have read statements of those that have those skills, and trust their opinion on this. I think many updates LTC made have not been added to FTC yet either

  • The trading community, and also the "marketing group" borders on the level of a used car dealership out of work salesforce. When you have your marketing pumping a coin when it is being attacked, and have orphaning miner blocks, and the coin nearly doubles in value with horrible things occurring, people lose trust in the coin. It was clear from reading the forums, that this wasn't being done by individual investors, but people with affiliation to the FTC team. Sure, we'll all trade it and make money as it's simple to read the pumps (and dumps). Obviously every coin gets pumped, but the manufactured "support" that is being directed by those in "official" positions does not earn trust by most. Telling the minions to go upvote any FTC article, and downvote the bad comments is lame.

  • Centralization - The coin has not earned that trust as minor or major as the implementation might be. Like everything FTC does, they want to fast-track success, and take shortcuts. Sure, everyone wants their coin to be the best, but stop forcing it. You're trying to build an empire with cardboard cutouts of buildings. Most miners didn't ask for this solution and as I said, I lost a lot of blocks when FTC had the big attack a few months ago

  • I won't even go into any rumor of instamine/premining, as I don't want to hear the defenders. Just let this die, we all know it happened, I'm willing to overlook this at this point in FTC's growth


Improve your reputation by getting the shadiness out of the coin. Stop trying to pit LTC vs FTC, as you'd find a lot more supporters willing to listen if you didn't act like the spoiled little brother that competes for attention with big brother. It was decided that you'd use the same "genes" to make the coin, and now supporters are trying to distance themselves from it in their aspirations to overtake LTC. It isn't going to happen. Frankly, I don't even know if LTC will succeed. Any form of officially supported centralization won't get you closer.

I wish the entire FTC team was behind a coin that was more unique in its offering, as with the right technology that brought a lot of new things to the table, people would flock to the coin, assuming the claims are truthful (please try and hold back marketing mode to try and tell me how unique FTC is).

It's good that this conversation is taking place here, because only mostly die hard supporters even venture to the FTC forums, so you're dealing with only people with vested interest, and very few non-biased opinions. This is a bad idea.. If you can't take the heat get out of the kitchen, and if the coin can't withstand scrutiny on the bitcointalk forums where the majority of people are, then maybe you should question your long term viability. Stop playing the victim as well. I'm easily won over by truth, I dislike any appearance of shadiness. I'm convinced the people behind this coin are brilliant (sadly, many of the pumpers/marketers are not), but I haven't been able to figure out yet if it's a Bernie Madoff brilliant, or a Richard Branson brilliant.

/rant off.
legendary
Activity: 3108
Merit: 1359
mullick, he already knows everything and has nothing to say. FUD is a normal LTC early-adopters behavior, they are trying to protect own investment, that's natural.
legendary
Activity: 1064
Merit: 1002
NVC isn't more scamcoin than FTC or LTC. And you have nothing against this sentence.
Was NVC premined? Yes. Not just premined, but half of the premined coins were given to an exchange so they would accept NVC into their exchange.

All premined coins have been destroyed. I have looked over the blockchain and noted the graphs here:

http://www.cryptometer.org/novacoin_96_hour_charts.html

From the research I have done it appears it is as Balthazar has stated all along. All premined coins were destroyed.

There seems to be a lot of FUD going around about NVC at the moment.

Balthazar is a great developer. NVC has widened the gap between itself and PPC over time by balthazars continued development. Look at github. Its a endless field of updates all for the better
legendary
Activity: 1242
Merit: 1020
No surrender, no retreat, no regret.
That's right. But it could be almost impossible, because he can start another one, even at home PC behind the NAT. It will be interesting to see how they would try to DDoS his ISP. Roll Eyes

Wouldn't the main node, be hardcoded into the client? How could he just make a new one? He'd have to upgrade every client on the network, would he not?

Could you just read the source code? Sunny explained it well there. There are no domain names or IPs hardcoded, only the master public key. Any node may be configured into a checkpointer through its RPC interface.

Quote from: checkpointsync.cpp
Operations

Checkpoint master key can be established by using the 'makekeypair' command. The public key in source code should then be updated and private key kept in a safe place.

Any node can be turned into checkpoint master by setting the 'checkpointkey' configuration parameter with the private key of the checkpoint master key. Operator should exercise caution such that at any moment there is at most one node operating as checkpoint master. When switching master node, the recommended procedure is to shutdown the master node and restart as regular node, note down the current checkpoint by 'getcheckpoint', then compare to the checkpoint at the new node to be upgraded to master node. When the checkpoint on both nodes match then it is safe to switch the new node to checkpoint master.

The configuration parameter 'checkpointdepth' specifies how many blocks should the checkpoints lag behind the latest block in auto checkpoint mode. A depth of 0 is the strongest auto checkpoint policy and offers the greatest protection against 51% attack. A negative depth means that the checkpoints should not be automatically generated by the checkpoint master, but instead be manually entered by operator via the 'sendcheckpoint' command. The manual mode is also the default mode (default value -1 for checkpointdepth).

Command 'enforcecheckpoint' and configuration parameter 'checkpointenforce' are for the users to explicitly consent to enforce the checkpoints issued from checkpoint master. To enforce checkpoint, user needs to either issue command 'enforcecheckpoint true', or set configuration parameter checkpointenforce=1. The current enforcement setting can be queried via command 'getcheckpoint', where 'subscribemode' displays either 'enforce' or 'advisory'. The 'enforce' mode of subscribemode means checkpoints are enforced. The 'advisory' mode of subscribemode means checkpoints are not enforced but a warning message would be displayed if the node is on a different blockchain fork from the checkpoint, and this is the default mode.
legendary
Activity: 3108
Merit: 1359
Wouldn't the main node, be hardcoded into the client? How could he just make a new one? He'd have to upgrade every client on the network, would he not?
No, of course. There is no "main", "master" or "trusted" node. Checkpoints are working just like alerts, using a broadcast protocol. Any node can send them, if it has corresponding private key. It's just a low-level notification messages, which interpreted by your client according to local policy and then relayed to another clients which also relays them. If bushstar's VPS becomes offline, he can send checkpoints from any other machine without problem.
Pages:
Jump to: