Pages:
Author

Topic: Namecoin was stillborn, I had to switch off life-support - page 6. (Read 46204 times)

hero member
Activity: 906
Merit: 1034
BTC: the beginning of stake-based public resources
DNS does not require its own currency.

No, but it does require a serialization mechanism whose developers aren't actively hostile to it being used for information storage.

In other words, you can't use the bitcoin blockchain for this.

So if it isn't its own currency (and therefore pays no block reward) and you can't substitute the BTC blockchain, why should miners waste computing power on it?


If you are going to decentralise you'll need a proof of work / proof of stake mechanism.

The monetisation of proof of work such as a namecoin like system is one way to achieve this.

Other proof of work systems could potentially be used too, I'd be interested to see what gets proposed.
donator
Activity: 980
Merit: 1004
felonious vagrancy, personified
DNS does not require its own currency.

No, but it does require a serialization mechanism whose developers aren't actively hostile to it being used for information storage.

In other words, you can't use the bitcoin blockchain for this.

So if it isn't its own currency (and therefore pays no block reward) and you can't substitute the BTC blockchain, why should miners waste computing power on it?
donator
Activity: 980
Merit: 1004
felonious vagrancy, personified
Another reason why alternative implementations are so important.  Nice catch, libcoin.


It's just a hardfork that needs to be done in order to enforce the rules, no?

Well, it will be awfully hard to administer such a hardfork - either you reorganize all the way back to block 139872,

Oh come on now, that's not difficult at all.  And calling it "reorganization" makes it sound more difficult and complicated than it really is.  The rule is simple: trust the difficultywise-longest chain that obeys the validation rules.  You found an epic bug in the check for the "obeys the validation rules" part.  Fix that bug and the system will do the right thing.

Nothing actually gets reorganized, which is why this terminology makes no sense.  You simply ignore blocks that aren't on the difficultywise-longest valid chain.

A lot of miners will lose a lot of block rewards, but they'll get over it.  Any legitimate transactions mined into the  invalid chain will be remined.



administrator
Activity: 5222
Merit: 13032
I hope that someone uses this opportunity to create a decentralized DNS network that's actually good. Namecoin always had a lot of flaws which probably would have prevented any real success. In particular, DNS does not require its own currency.
legendary
Activity: 1680
Merit: 1035
Is this what you mentioned while in Amsterdam, when you asked the OT developers to hold off on implementing Namecoin?
hero member
Activity: 906
Merit: 1034
BTC: the beginning of stake-based public resources
not sure if i totally understand the implications, but does the fact that anyone can update the values means that the ownership of the domain is compromised? i would guess it's not, in the sense that once they fix the bug then the real owners of the domains can just update again to the right value (in case someone else updated their value without authorization) and no one else can change it once it's patched.

i think it's not a big deal for the owner of the domain to have to do an update after the patch rather than having to cancel all the domain registrations
Yes, the ownership of the domains is compromised - in fact they are equally owned by everyone, so if you have a domain you can steal/grab/claim any other domain at will.

Well, the update I executed means that I now own the d/bitcoin domain - and tracking back trying to fix this stuff could be quite complicated.

Also, namecoin is a math based currency - the math is fine, however, someone forgot to check it before trusting in it. So today namecoin is nothing but an alt coin - it is not a secure registry for key-value pairs, but it could become one in the future, once the rules are switched on. To claim domains backwards becomes inelegant, messy and calls for an authority which we are usually not in favor of...

What we need is some form of proof of work system to enforce the ownership of the domains...
sr. member
Activity: 1526
Merit: 473
So all the brains and noise in crypto and open source projects over looked such a disaster?
I'm not sure whether to congratulate you or offer my condolences to the dev team and the big players.

This is rather interesting, not only for crypto, but also for all open source projects; having a project "open source" and calling the myth of "open source is more secure" doesn't make the code more secure.. Having developers like yourself actually looking into the code and testing the hell out of every possibility  is what makes it secure.

Nice work, hope a fix, patch, rebirth or whatever you want to call it will be pushed out soon as such noise is in no way good to any cryptos including but not limited to Bitcoin 

Open source is more secure exactly because it can get wider peer review. Programmers make mistakes, but with closed source issues can go un-notices for years - even on purpose while other exploit the 0day. The NSA have been doing this for example.

Exactly, I'm not saying it isn't, I'm trying to say that if a software is open source, it shouldn't be taken for granted. I'm not a dev myself, I wish I were, but I think devs in the crypto community should make some sort of organization to do nothing but test for such bugs and us the users can donate to them, or they should be paid from TX fees, ads etc... This community is getting wider and bigger, being decentralized doesn't mean we can't have a well known organization to look after the technical side of things for all crypto related software

Well, I disagree, I see it as the duty of the exchanges and wallet services to perform this kind of scrutiny / review before adding a new alt-coin to their assets. I know that this has not been the practice so far, while everything has been wild west gold digger mentality, but things are getting legit, and you should do your best to secure your customers values. Anyway, it was actually in this process I found the above bugs, and I have seen other bugs in other alt-currencies, but never any alarming ones until now.

If this were the case, we'd be putting a lot of faith into exchange devs. Historically speaking, this doesn't feel like the safest idea. Frankly, I don't see this model eliminating the aforementioned concerns. Establishing a publicly-operating organization, one disconnected from any exchanges, and without any coin devs, feels like an option that could promote more security whilst eliminating personally vested interests from influencing a specific coins reputation. If a coin could pass the organizations' tests & review, we've got a seal of approval, which could impact the frequency pump and dump coins. 

Truth be told, my technical/coding prowess is certainly underwhelming compared to many in this community, so the following is purely thoughts aloud. ...on a screen.

Operating such an organization would take a development team as coin investigation would be rigorous & thorough. This sounds expensive. How is it funded?

A. Directly by exchanges. If the organizations' Seal of Approval proved useful and gained support, this could force the exchanges to use the org's services when adding new coins, lest they run the risk of allowing other exchanges to gain a competitive edge.
B. Conglomerate. Exchanges are given the option to enroll with the organization. Upon enrollment, a % of fees generated (or flat rate [perhaps reoccurring], whatever) is contributed to a fund. This is the operating fund for the organization. New coins can submit application directly to the org for approval. At this point, the enrolled exchanges vote on investigatory review. 
C. By the community. Seems difficult as it would be donation based. This sounds like its begging for closed door deals, bribery, and kickbacks.

What to avoid?

A. Operating in private. It seems to me we'd all benefit from such a group posting their investigations so the technical community can review where any conclusions are coming from. Devs miss things, as Libcoin has pointed out. Enabling the community to review the work of the organization would lend to benefit all involved. 
B. A Future funding operation model - i.e. The organization being funded with the coins it approves. Keeping the organization unbiased is key.



This is a half formed thought.  9-5 work is calling. I could expand on these ideas if its of interest.  Cheers!
newbie
Activity: 26
Merit: 24
not sure if i totally understand the implications, but does the fact that anyone can update the values means that the ownership of the domain is compromised? i would guess it's not, in the sense that once they fix the bug then the real owners of the domains can just update again to the right value (in case someone else updated their value without authorization) and no one else can change it once it's patched.

i think it's not a big deal for the owner of the domain to have to do an update after the patch rather than having to cancel all the domain registrations
Yes, the ownership of the domains is compromised - in fact they are equally owned by everyone, so if you have a domain you can steal/grab/claim any other domain at will.

Well, the update I executed means that I now own the d/bitcoin domain - and tracking back trying to fix this stuff could be quite complicated.

Also, namecoin is a math based currency - the math is fine, however, someone forgot to check it before trusting in it. So today namecoin is nothing but an alt coin - it is not a secure registry for key-value pairs, but it could become one in the future, once the rules are switched on. To claim domains backwards becomes inelegant, messy and calls for an authority which we are usually not in favor of...
hero member
Activity: 906
Merit: 1034
BTC: the beginning of stake-based public resources
Thanks for sharing this info. As a non-programmer, but technical person info like this is very valuable.

If it did come down to a hard fork I only see namecoin coming out a stronger in the long run. Decentralisation of DNS is a very strong proposition.

... Having developers like yourself actually looking into the code and testing the hell out of every possibility  is what makes it secure...

+1
newbie
Activity: 13
Merit: 0
not sure if i totally understand the implications, but does the fact that anyone can update the values means that the ownership of the domain is compromised? i would guess it's not, in the sense that once they fix the bug then the real owners of the domains can just update again to the right value (in case someone else updated their value without authorization) and no one else can change it once it's patched.

i think it's not a big deal for the owner of the domain to have to do an update after the patch rather than having to cancel all the domain registrations
legendary
Activity: 1022
Merit: 1033
This is sad, Namecoin was a big innovation.

It was a good proof-of-concept, but implementation is incredibly amateurish.

A bunch of undergrad CS students could produce a better one. (I'm not joking.)
newbie
Activity: 26
Merit: 24
So all the brains and noise in crypto and open source projects over looked such a disaster?
I'm not sure whether to congratulate you or offer my condolences to the dev team and the big players.

This is rather interesting, not only for crypto, but also for all open source projects; having a project "open source" and calling the myth of "open source is more secure" doesn't make the code more secure.. Having developers like yourself actually looking into the code and testing the hell out of every possibility  is what makes it secure.

Nice work, hope a fix, patch, rebirth or whatever you want to call it will be pushed out soon as such noise is in no way good to any cryptos including but not limited to Bitcoin 

Open source is more secure exactly because it can get wider peer review. Programmers make mistakes, but with closed source issues can go un-notices for years - even on purpose while other exploit the 0day. The NSA have been doing this for example.

Exactly, I'm not saying it isn't, I'm trying to say that if a software is open source, it shouldn't be taken for granted. I'm not a dev myself, I wish I were, but I think devs in the crypto community should make some sort of organization to do nothing but test for such bugs and us the users can donate to them, or they should be paid from TX fees, ads etc... This community is getting wider and bigger, being decentralized doesn't mean we can't have a well known organization to look after the technical side of things for all crypto related software

Well, I disagree, I see it as the duty of the exchanges and wallet services to perform this kind of scrutiny / review before adding a new alt-coin to their assets. I know that this has not been the practice so far, while everything has been wild west gold digger mentality, but things are getting legit, and you should do your best to secure your customers values. Anyway, it was actually in this process I found the above bugs, and I have seen other bugs in other alt-currencies, but never any alarming ones until now.
sr. member
Activity: 368
Merit: 250
bitify.com - Bitcoin Marketplace & Auction site
So all the brains and noise in crypto and open source projects over looked such a disaster?
I'm not sure whether to congratulate you or offer my condolences to the dev team and the big players.

This is rather interesting, not only for crypto, but also for all open source projects; having a project "open source" and calling the myth of "open source is more secure" doesn't make the code more secure.. Having developers like yourself actually looking into the code and testing the hell out of every possibility  is what makes it secure.

Nice work, hope a fix, patch, rebirth or whatever you want to call it will be pushed out soon as such noise is in no way good to any cryptos including but not limited to Bitcoin 

Open source is more secure exactly because it can get wider peer review. Programmers make mistakes, but with closed source issues can go un-notices for years - even on purpose while other exploit the 0day. The NSA have been doing this for example.

Exactly, I'm not saying it isn't, I'm trying to say that if a software is open source, it shouldn't be taken for granted. I'm not a dev myself, I wish I were, but I think devs in the crypto community should make some sort of organization to do nothing but test for such bugs and us the users can donate to them, or they should be paid from TX fees, ads etc... This community is getting wider and bigger, being decentralized doesn't mean we can't have a well known organization to look after the technical side of things for all crypto related software
legendary
Activity: 1064
Merit: 1000
So who is going to create the new name coin chain?

Is there even a dev team?
legendary
Activity: 1064
Merit: 1000
So all the brains and noise in crypto and open source projects over looked such a disaster?
I'm not sure whether to congratulate you or offer my condolences to the dev team and the big players.

This is rather interesting, not only for crypto, but also for all open source projects; having a project "open source" and calling the myth of "open source is more secure" doesn't make the code more secure.. Having developers like yourself actually looking into the code and testing the hell out of every possibility  is what makes it secure.

Nice work, hope a fix, patch, rebirth or whatever you want to call it will be pushed out soon as such noise is in no way good to any cryptos including but not limited to Bitcoin  

Open source is more secure exactly because it can get wider peer review. Programmers make mistakes, but with closed source issues can go un-notices for years - even on purpose while other exploit the 0day. The NSA have been doing this for example.
legendary
Activity: 2492
Merit: 1473
LEALANA Bitcoin Grim Reaper
So who is going to create the new name coin chain?
newbie
Activity: 10
Merit: 1003
Maybbe it's time to clean everything, and change prices in order to don't have all domains squatted

It's great you found this

What a pitty, I really loved Namecoin idea  Cry
legendary
Activity: 1316
Merit: 1000
newbie
Activity: 26
Merit: 24
Looks like NMC is dead. Gox will never add it after this.

Ironically, it was while adding it to Kraken, that I discovered this - how could we possibly, as an exchange sit with this knowledge and start trading NMC? Now, it is different, and we might take it up again, but we need to fix the namecoin key-value database integrity first, or at least see it being fixed soon.
sr. member
Activity: 363
Merit: 250
Looks like NMC is dead. Gox will never add it after this.
Pages:
Jump to: