Topic: NXT :: descendant of Bitcoin - Updated Information - page 451. (Read 2761645 times)

In my thinking there are two balances, - apologies if this is a bit long....

The Reserve Balance which is an amount of NXT you cannot withdraw and you can initiate instant transactions up to that level - this is a permanent reserve until cancelled.

The other balance is the Instant Balance which is updated as soon as an instant transaction is broadcast by a node i.e. 0 confirmations.
This reflects the liability the account has created with an instant transaction.
The node the transaction is broadcast through will have an realtime view of this because it will update the accounts instant balance before broadcasting the tx, all nodes seeing the TX will also update the instant balance for that account.
If the account tries to initiate more TX that would make Instant Balance > Reserve Balance this would create an error.

An attack vector such as you describe would rely on being able to send the TX through a node which had not yet updated its instant balance total for the account in question.

For instant transactions to work I would want to ensure that both accounts had to be connected to a node and both nodes had the same view of the instant transaction balance of the sending account. If the seller is logged into the buyer node then this is a possible edge case attack.

This means that the sellers account can confirm that there are sufficient reserved funds for the instant purchase because it also has a view of the buyers instant balance that it can verify with other nodes - this would be a possible client verification/check  during the purchasing process, the seller NRS node is passive in this process other than providing data to the sellers software client.

Even if the buyer switches nodes, the seller doesn't and the sellers node reconciles the instant balance of the sellers account using normal time line rules.... So unless the buyer can get the seller onto a node that doesn't know the buyers balance or initiate trades with lots of sellers which it knows are connected to nodes which won't get the instant balance update then an attack will fail ( I think)


Once the instant TX is confirmed the liability reduces and the instant balance can be reduced.

Not for the same node. You could ask Jean-Luc.

I really don't understand a lot about programing, Does that mean in the future it will take more powerful computers to run the network or just more computers? and if N/W is "network" what is H/W

Have a look at here: http://www.nxtcrypto.org/nxt-change-log/nxt-084e-change-log

If am not completely mistaken, an attack should work like this:

I have 1000 merchants. I want to buy 1000 items, 1 from each merchant. I initiate the trade and pay each of them 1 NXT. My reserve fund is 100. So, if everything goes well, I have 1000 items and paid only 100.

The merchants send me the items as soon as they have the confidence that I can pay and I do not cheat. That confidence is different from merchant to merchant.

1) They send the transactions I send them to the network.
2) They wait for a moment to see what other transactions are coming through.
3) They re-evaluate my reserve fund.

Here kicks the network randomizer in:

A) Some merchants see that I was cheating, so they will cancel the trade and nodes start deleting my transactions for that very account.
B) Some merchants are faster and did not wait for so long. They already sent me the item. They need to be refunded, so they resend the transactions.

---

I see this is not quite secure as it might seems from the beginning. In case merchants of type B trying to refunding them, I could easily abort the refunding process by spamming the network with transactions. I can replay this over and over again.

Is there a way to distinguish merchants from me?

As chanc3r mentioned, username+password is merely an illusion. Actually, username+password is weaker because the first half of your "pass" is known by everyone. If your password is decent i.e. 35+ chars, I don't think any amount of CPU power (currently) can break it in an economical fashion.

Ok got you...
the 100 reserve I understand - this is the pre fund for instant TX
EDIT 2: the 24 hours is arbitrary and the reserve should be held permanently to cover instant TX liability up to that amount until the user cancels the instruction which cannot be done if they are any instant TX not fully confirmed.
EDIT: this is the maximum total liability they can create and they cannot withdraw the reserve balance.
I still don't understand the 1/10 if it were a limit per instant TX as further risk management, its stil arbitrary but I could understand it but I don't get it as a 24hr limit on the reserve - why is this?

Hello

They will not launch the product this month,they will maybe next month.
Open beta testing is still going on.
If you want you can test the latest open beta software by yourself.

http://beta.emunie.com/

For more info you can check the forum:
http://forum.emunie.com

No, you do not get what I was trying to say. You need TWO fractions of your total amount:

Say you have 1000 NXT for non-instant transactions available.

Now, you want to have 100 NXT for instant transactions available. So, you have only 900 NXT available for non-instant transactions.
But still, you are only allowed to have 1/10 of THESE 100 NXT to spent within the frame of 24 hours.

Replace 100, 10 and 24 with your preferred constants.

As you might see, you cannot have the 900 NXT available for instant refunding. Why? Because you can withdraw them at any time.

Well, you would have a special account for this. How much NXT you put into it is up to you.

1/x or definitely 10? - I just think users will think of an amount like 200, 500, 1000 nxt rather than 1/10 or 1/x, i should have expressed more clearly, I think the user should be able to specify the level of pocket money they need.... aka reserve balance

Don't get to worried about it. It happen to me at every single exchange except on DGEX but there you have to wait anyways. BTER likes to do this also very often. Vircurex is in my opinion most stable, it happend to me only once there but you have to wait 50 confirmations and liquidity is next to nothing.

Cryptsy is another story. They are already notorious for not crediting the coins even after 1000 confirmations, I believe that with NXT this will only get worse. I submitted my 4 ticket today with Cryptsy in a week. 2 days ago my NXT withdrawal was stuck for a day, I got pissed, contacted them and asked them to cancel it. They habe done it in 30 mins, I sold them and got BTC out of there. Today I gave it another chance. Deposited 10k, after 14 hours, nothing. I contacted them after 30 mins they asked me for all the info even though I provided the blockchain screenshot, so quite obviously they were stalling. After my second email they sent me a reply that because of the big number NXT deposits they they are overwhelmed and deposits take over an hour. What a bunch of crap. Once I get deposit through I will withdraw the coins and never enter this bullshit exchange, ever!!! It might be the best to convert them to BTC cause they will probably be stuck 3 days again.

If nothing, they respond to ticket in under an hour, but they will solve your problem just if it is straightforward, meaning cancel deposit.

You still need the 1/10.

Which Mobile Clients are out there?

How is the status of local signing, Come-from-Beyond?

So the 1/10 reserve is arbitrary and with a different method like reserve balance the users could decide the level of reserve depending on how much 'pocket money' they would need.

Thanks, what do others think about this alternative method of 'pre-funding' instant transactions?

https://bitcointalksearch.org/topic/m.5591145

BCNext wanted to use 1/7 but 1/10 is easier to calc without a computer.



Good idea.

This was the way I explained it to you.

Make me something illustrative for our average Joes.

Really, ALL of the current exchanges that handle NXT SUCK HUMONGOUS MONKEY BALLS!
This really pisses me off!    (probably already noticeable   )

Now it's Cryptsy at it (again).

Sent over 7500NXT 5,5 hours ago. I can see it in the address, but they haven't added it to my account.
Same thing happend to me several times with Bter and also at Vircurex.
All were solved eventually, but in the meantime it's waiting, waiting and waiting. At least NXT transfers are fast, that way I get to wait even longer if some exchange screws up (pun intended).

Man, I would be SO relieved if a decentralized exchange would be in place....

Is that the way we will explain it to Average Crypto Moe?

The 90% are like a reserve fund for merchants in case they already send you the item and you cheated them via double spends.