NEM (XEM) Official Thread - 100% New Code - Easy To Use APIs - page 1285.

mixmaster

sr. member

Activity: 388

Merit: 250

Quote from: Come-from-Beyond on March 31, 2015, 07:12:24 PM

Quote from: mixmaster on March 31, 2015, 07:00:39 PM

I can't recognize anything dangerouse.

A "lightweight" client is nothing else than NCC connecting to any NIS (not running locally on your machine, but somewhere else). So you do see the whole blockchain, just with the eyes of another node. You don't have to trust that node, because you don't send him a private key with funds, but just a private key with the importance score of your account with funds. The harvested fees are still not at risk, because they are sent to the "original" account with funds directly.

Remote server may use your harvesting power for double-spending.

Erm... What gave you that idea?

nzminer

legendary

Activity: 1918

Merit: 1001

Quote from: mixmaster on March 31, 2015, 07:08:58 PM

Quote from: nzminer on March 31, 2015, 07:07:02 PM

OK, so the main benefit to me using delegated harvesting is extra security?

You can harvest on remote NIS without risk, yes.

When it says remotley does that mean that i can harvest with my computer off because the remote server is doing it?

mixmaster

sr. member

Activity: 388

Merit: 250

Quote from: wakasaki96744 on March 31, 2015, 07:02:11 PM

From that I ended up getting
"local harvesting" = sending private key of [Account A ] to server.
"delegated harvesting" = sending private key [Account B ] to server.

The fee you explained is the result of the passing of the private key to the nis server. I'm guessing Tongue

Local harvesting = send the private key of the account you are harvesting with to your local NIS.
Delegated harvesting = a new account is generated with zero balance, but importance score of the account for which you activated delegated harvesting. then the private key of that new account is sent to (any) NIS. the harvested fees still go directly to the original account (for which you activated delegated harvesting).

David Latapie

hero member

Activity: 658

Merit: 503

Monero Core Team

My own tutorial

For Linux

1. http://blog.nem.io/mac-installation-guide-standalone/
2. terminal 1 '(path)/package/nix.runNcc.sh'
3. terminal 2 '(path)/package/nix.runNis.sh'
4. wait some seconds
5. go to http://localhost:8989/ncc/web/dashboard.html
6. create a wallet and enter your private key you got previously (if you don't, it is probably over)

Sadly my amount of XEM is: 0! Just before I has 2 250 000 (don't remember if it was XEM or NEMStake

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: mixmaster on March 31, 2015, 07:00:39 PM

I can't recognize anything dangerouse.

A "lightweight" client is nothing else than NCC connecting to any NIS (not running locally on your machine, but somewhere else). So you do see the whole blockchain, just with the eyes of another node. You don't have to trust that node, because you don't send him a private key with funds, but just a private key with the importance score of your account with funds. The harvested fees are still not at risk, because they are sent to the "original" account with funds directly.

Remote server may use your harvesting power for double-spending.

dodgecharger

hero member

Activity: 1005

Merit: 500

win 7 32-bit here
not support 64-bit version of java!
how do I download nem-0.6.25 Huh

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: kodtycoon on March 31, 2015, 06:59:03 PM

Quote from: Come-from-Beyond on March 31, 2015, 06:54:30 PM

So, if you have a full client then you see the whole blockchain and can harvest locally.
If you have a lightweight client then you don't see the whole blockchain and can harvest only by signing data received from remote server(s).
And now imagine that network is sybil-attacked and the attacker can trick you into harvesting on a fork...

easy fix, allow ncc to query multiple nis to ensure that the server your are harvesting on is not on a fork. eigentrust could also play a part but im not sure exactly how it works. from my minimal understanding of it, possible eigentrust could effectively blacklist the node with bad data and stop you from harvesting on it. idk, just thinking that could be a possibility to prevent that.

I took into account that a lightweight client talks to several nodes. If a sybil attack is conducted then you will be connecting to rogue nodes in most cases. Let's assume that you managed to find a honest node, what will you do when receive contradicting info? You can't rely on EigenTrust because its data can be faked (sybil nodes will supply evidence of their legitimacy) and you will get contradicting info again.

To date reliable lightweight clients are possible only in PoW cryptocurrencies. If NEM team found a solution for a non-PoW case then it's a breakthrough. But I'm skeptical that they really did.

mixmaster

sr. member

Activity: 388

Merit: 250

Quote from: nzminer on March 31, 2015, 07:07:02 PM

OK, so the main benefit to me using delegated harvesting is extra security?

You can harvest on remote NIS without risk, yes.

nzminer

legendary

Activity: 1918

Merit: 1001

Quote from: wakasaki96744 on March 31, 2015, 07:02:11 PM

Quote from: nzminer on March 31, 2015, 06:49:51 PM

Quote from: mixmaster on March 31, 2015, 06:45:51 PM

Quote from: nzminer on March 31, 2015, 06:43:48 PM

Why have i had a transaction made of 6 XEM go out of my account?
I never sent any funds anywhere, it says its an importance transaction, is this think sort of automatic to increase your importance?

You activated delegated harvesting and confirmed to pay a fee of 6 XEM. MAYBE you should read, what you confirm.

I never confirmed to pay anything, i just clicked delegated harvesting and it told me it would take 6 hours, anyway what is the difference between delegated harvesting and local harvesting?

maybe this helps answer the question? Huh

Found it on NEM's forums and you can disregard the multisig stuff unless its important to you. (replace "remote harvesting" and "secure harvesting" with "delegated harvesting")

https://forum.ournem.com/technical-discussion/remote-harvesting-2876/msg12704/#msg12704

Quote

Actually you could

Initiating harvesting be it remote or local is NOT a transaction, it's simply passing
private key to nis server.

So rigel's right.

edit:

There are actually TWO differences.
1) In case of "secure harvesting" fees goes directly to associated account, if you'd like to use multisig account to do that, fees will go there (which is not that bad, as only cosignatory account has access there anyway).
2) In case of "secure harvesting", it's the MAIN account that holds the power and responds for PoI

So basically to summary:
harvesting works by passing (private) SECRET key, to the server
since we wanted to allow harvesting on remote nodes, we've introduced "secure harvesting" (remote harvesting)
secure harvesting works by issuing special transaction, that becomes part of the blockchain, in that transaction, there is information about "remote harvesting account", i.e. search for following transaction in nembex: 4c2a92c19a49914bda6239dcc94e81080fba7f7bdfffea0d42c88a70eefeec53, displayed "Remote PK" is a public key of harvester
secure harvesting works by passing private key of that account to some node, this private key is useless anyway
now, what rigel is suggesting is that, you could create multisig account, and use that account's private key, to do harvesting

OK, so the main benefit to me using delegated harvesting is extra security?

wakasaki96744

member

Activity: 81

Merit: 10

Quote from: nzminer on March 31, 2015, 06:49:51 PM

Quote from: mixmaster on March 31, 2015, 06:45:51 PM

Quote from: nzminer on March 31, 2015, 06:43:48 PM

Why have i had a transaction made of 6 XEM go out of my account?
I never sent any funds anywhere, it says its an importance transaction, is this think sort of automatic to increase your importance?

You activated delegated harvesting and confirmed to pay a fee of 6 XEM. MAYBE you should read, what you confirm.

I never confirmed to pay anything, i just clicked delegated harvesting and it told me it would take 6 hours, anyway what is the difference between delegated harvesting and local harvesting?

maybe this helps answer the question? Huh

Found it on NEM's forums and you can disregard the multisig stuff unless its important to you. (replace "remote harvesting" and "secure harvesting" with "delegated harvesting")

https://forum.ournem.com/technical-discussion/remote-harvesting-2876/msg12704/#msg12704

Quote

Actually you could

Initiating harvesting be it remote or local is NOT a transaction, it's simply passing
private key to nis server.

So rigel's right.

edit:

There are actually TWO differences.
1) In case of "secure harvesting" fees goes directly to associated account, if you'd like to use multisig account to do that, fees will go there (which is not that bad, as only cosignatory account has access there anyway).
2) In case of "secure harvesting", it's the MAIN account that holds the power and responds for PoI

So basically to summary:
harvesting works by passing (private) SECRET key, to the server
since we wanted to allow harvesting on remote nodes, we've introduced "secure harvesting" (remote harvesting)
secure harvesting works by issuing special transaction, that becomes part of the blockchain, in that transaction, there is information about "remote harvesting account", i.e. search for following transaction in nembex: 4c2a92c19a49914bda6239dcc94e81080fba7f7bdfffea0d42c88a70eefeec53, displayed "Remote PK" is a public key of harvester
secure harvesting works by passing private key of that account to some node, this private key is useless anyway
now, what rigel is suggesting is that, you could create multisig account, and use that account's private key, to do harvesting

From that I ended up getting
"local harvesting" = sending private key of [Account A ] to server.
"delegated harvesting" = sending private key [Account B ] to server.

The fee you explained is the result of the passing of the private key to the nis server. I'm guessing Tongue

Parana

sr. member

Activity: 378

Merit: 250

Step into a world!! A P2P world!

Quote from: Come-from-Beyond on March 31, 2015, 06:54:30 PM

Quote from: Parana on March 31, 2015, 06:51:51 PM

As the privites Keys are yours and they are on your computer used to access the remote server, why not? ( you dont send your keys over the network)

So, if you have a full client then you see the whole blockchain and can harvest locally.
If you have a lightweight client then you don't see the whole blockchain and can harvest only by signing data received from remote server(s).
And now imagine that network is sybil-attacked and the attacker can trick you into harvesting on a fork...

I really dont see this as a problem... for any kind of transaction, you'll need the passwork to access the wallet locally ( where is the beloved money). you just need to be sure your node is up to date on blockchain.

Probably, after restart the server, the syncing will be enough to make everything work as expected.

This kind of situation will lead you to harvest nothing, cause you are on a paralel chain, and not on the main blockchain, where transactions happens. Unless everyone will be on a parallel blockchain, which is, im my opnion, almost impossible.

mixmaster

sr. member

Activity: 388

Merit: 250

Quote from: Come-from-Beyond on March 31, 2015, 06:54:30 PM

Quote from: Parana on March 31, 2015, 06:51:51 PM

As the privites Keys are yours and they are on your computer used to access the remote server, why not? ( you dont send your keys over the network)

So, if you have a full client then you see the whole blockchain and can harvest locally.
If you have a lightweight client then you don't see the whole blockchain and can harvest only by signing data received from remote server(s).
And now imagine that network is sybil-attacked and the attacker can trick you into harvesting on a fork...

I can't recognize anything dangerouse.

A "lightweight" client is nothing else than NCC connecting to any NIS (not running locally on your machine, but somewhere else). So you do see the whole blockchain, just with the eyes of another node. You don't have to trust that node, because you don't send him a private key with funds, but just a private key with the importance score of your account with funds. The harvested fees are still not at risk, because they are sent to the "original" account with funds directly.

kodtycoon

legendary

Activity: 1568

Merit: 1002

Quote from: Come-from-Beyond on March 31, 2015, 06:54:30 PM

Quote from: Parana on March 31, 2015, 06:51:51 PM

As the privites Keys are yours and they are on your computer used to access the remote server, why not? ( you dont send your keys over the network)

So, if you have a full client then you see the whole blockchain and can harvest locally.
If you have a lightweight client then you don't see the whole blockchain and can harvest only by signing data received from remote server(s).
And now imagine that network is sybil-attacked and the attacker can trick you into harvesting on a fork...

easy fix, allow ncc to query multiple nis to ensure that the server your are harvesting on is not on a fork. eigentrust could also play a part but im not sure exactly how it works. from my minimal understanding of it, possible eigentrust could effectively blacklist the node with bad data and stop you from harvesting on it. idk, just thinking that could be a possibility to prevent that.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: Parana on March 31, 2015, 06:51:51 PM

As the privites Keys are yours and they are on your computer used to access the remote server, why not? ( you dont send your keys over the network)

So, if you have a full client then you see the whole blockchain and can harvest locally.
If you have a lightweight client then you don't see the whole blockchain and can harvest only by signing data received from remote server(s).
And now imagine that network is sybil-attacked and the attacker can trick you into harvesting on a fork...

Parana

sr. member

Activity: 378

Merit: 250

Step into a world!! A P2P world!

Quote from: Come-from-Beyond on March 31, 2015, 06:47:44 PM

Quote from: kodtycoon on March 31, 2015, 06:45:40 PM

cos the blockchain is on the server...

If this server is controlled by you then it's the same as in Nxt, I'm interested in the scenario when remove server is controlled by a hacker, can you still harvest there?

As the privites Keys are yours and they are on your computer used to access the remote server, why not? ( you dont send your keys over the network)

Parana

sr. member

Activity: 378

Merit: 250

Step into a world!! A P2P world!

Quote from: SpiryGolden on March 31, 2015, 06:37:28 PM

So I read ...thread over thread over thread over website again other website again some big bullshit ...and ended up here. Where guess ...what ? I found more bs. I can't find the end of this ....where is the silver lining in this "Crypto" or how it is?
It says something like : "The fundraising is especially designed to promote fairness and egalitarianism. This is the first funding scheme of this type ever and we believe it is revolutionary in its effort to bring egalitarianism to the crypto industry. "
How is promoting fairness and egalitarianism ? And how raising funds on Bitcointalk with a lausy Google Spreadsheet is revolutionary ?
Can please somebody tell me what the hell is this ?

I interpret this as: Dont let the pups take control of a big part of coin, using methods ( You'll have to find it by yourself somewhere on ournem forum).

Spreadsheet is a very effective way to make a lot of people to have the same information....

you talked about: Silver coins, inbdirectely about Pups and about the google Spreadsheet thing...

for sure you are angry with something you dont want to tell us!

Shocked

nzminer

legendary

Activity: 1918

Merit: 1001

Quote from: mixmaster on March 31, 2015, 06:45:51 PM

Quote from: nzminer on March 31, 2015, 06:43:48 PM

Why have i had a transaction made of 6 XEM go out of my account?
I never sent any funds anywhere, it says its an importance transaction, is this think sort of automatic to increase your importance?

You activated delegated harvesting and confirmed to pay a fee of 6 XEM. MAYBE you should read, what you confirm.

I never confirmed to pay anything, i just clicked delegated harvesting and it told me it would take 6 hours, anyway what is the difference between delegated harvesting and local harvesting?

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: kodtycoon on March 31, 2015, 06:45:40 PM

cos the blockchain is on the server...

If this server is controlled by you then it's the same as in Nxt, I'm interested in the scenario when remove server is controlled by a hacker, can you still harvest there?

mixmaster

sr. member

Activity: 388

Merit: 250

Quote from: nzminer on March 31, 2015, 06:43:48 PM

Why have i had a transaction made of 6 XEM go out of my account?
I never sent any funds anywhere, it says its an importance transaction, is this think sort of automatic to increase your importance?

You activated delegated harvesting and confirmed to pay a fee of 6 XEM. MAYBE you should read, what you confirm.

kodtycoon

legendary

Activity: 1568

Merit: 1002

Quote from: Come-from-Beyond on March 31, 2015, 06:44:57 PM

Quote from: kodtycoon on March 31, 2015, 06:42:00 PM

whats the security whole you see? the account you harvest with is not harvesting without seeing the whole blockchain. the accont you harvest with just borrows the importance of another, in a very similar way to nxt, only the harvested nem gets redirected to the main account so it doesnt matter if someone gets the private key for that account. if there is a security flaw with nems delegated harvesting due to a proxy account doing the harvest, then the same can be said about nxts leased forging.

How do you see the whole blockchain if you harvest on a remote server?

cos the blockchain is on the server...

Topic: NEM (XEM) Official Thread - 100% New Code - Easy To Use APIs - page 1285. (Read 2985503 times)