NXT :: descendant of Bitcoin - Updated Information - page 988.

garp

member

Activity: 94

Merit: 10

Quote from: Anon136 on February 08, 2014, 11:33:46 PM

NXT is 100% proof of stake and uses something called transparent forging instead of mining. Transparent forging allows you to predict which forgers will author upcoming blocks and if you trust those forgers than your transactions can be thought of as instantly secure. If you dont trust them than its still faster than bitcoin with 1 minute confirmations. Unlike fast coin or min coin though these 1 minute blocks actually add security similar in strength similar to bitcoins 10 minute confirmations. The fact that we dont rely on mining means that huge amounts of resources are saved in securing the blockchain. This means that transactions can still be secure at a fraction of the fee of mined coins. We also take a data driven approach to transactions rather than using scrypts which will allow visa level transaction volume when the need arises. Our devs are implementing decentralized asset exchange later this month! Stick around and keep reading and learning. There is a lot to learn about nxt and a lot that is worth learning. This is not your average copycat coin and you are very early to this party indeed.

Very well and clearly explained.
Although I'm trying to keep up with this thread since 2013, still usefull for myself as well

Thank you.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: gimre on February 09, 2014, 02:41:00 PM

There is no way you can patch Crypto.sign. (or it would be bloody dumb)

Why do u think so?

gimre

legendary

Activity: 866

Merit: 1002

Quote from: Come-from-Beyond on February 09, 2014, 01:20:11 PM

There are 2 options:

1. Patch Curve25519 class
2. Patch Crypto class

Option 1, unlike option 2, may lead to problems u can't even imagine. I would patched Crypto...

There is no way you can patch Crypto.sign. (or it would be bloody dumb)

Quote from: Come-from-Beyond on February 09, 2014, 01:41:51 PM

Common sense doesn't work in cryptography. The problem is easily solvable by another way, so everyone who uses ur fix is just looking for troubles.

The statement that changes in Curve25519 can't lead to private key leakage still require a proof. If u can't provide the math, then u should prove that current implementation was incorrectly translated into Java from the original.

It's not about common sense, it's about knowing and understanding underlying problems.

Let s be your secret/priv key.
public key is nothing more than G*s in very specific finite field.

Finding priv key, while having public key == DLP on elliptic curve.

NOW, signing is actually:
v * temp, where temp is related ONLY to PUBLIC key. (v is dependent ONLY on the data)

What BloodyRookie's patch does is changing v into v' and changing the above to:
v' * temp

This leads to following OBVIOUS implication:

If OLD/original sign() doesn't leak private key bits =then=> PATCHED sign() doesn't leak them.

(whatever old one leaks is up to you, I know it doesn't, cause it's NOT related directly to private key)

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Unclaimed coins have been transferred to the keepers

Quote from: Come-from-Beyond on February 09, 2014, 02:16:31 PM

2'904'675 NXT was sent to each of the accounts:

http://localhost:7874/nxt?requestType=getTransaction&transaction=8229158905562123840
http://localhost:7874/nxt?requestType=getTransaction&transaction=419112573708720396
http://localhost:7874/nxt?requestType=getTransaction&transaction=818794594833884287

PS: Only 100k left on the account controlled by me. It will be used to pay the reward for the injected fatal flaw. All other rewards/bounties must be paid from the accounts controlled by the keepers.

Bitventurer

sr. member

Activity: 491

Merit: 250

S P 8 D E

Quote from: Fatih87SK on February 09, 2014, 01:37:11 PM

Awesome!

can you design the cells in the chain ?

smartwart

full member

Activity: 171

Merit: 100

Quote from: bitcoinpaul on February 09, 2014, 01:42:03 PM

Quote from: smartwart on February 09, 2014, 05:31:08 AM

Quote from: bitcoinpaul on February 09, 2014, 01:49:56 AM

Quote from: Zahlen on February 08, 2014, 05:55:38 PM

I've started a section on the wiki for organizing our projects. In particular, check out the List of Proposals and Bounties page. I'm thinking we could link to stuff that is "active" there. That could be links to forum threads, google docs, or other wiki pages where projects are being discussed and hashed out, and project statuses are being updated.

For a good example of this, check out the wiki page for the new address format using Reed-Solomon encoding that NxtChg started a long time ago. Very clearly organized.

My thinking is to use the Discussion pages for throwing around ideas, criticisms, suggestions, etc, and use the main pages for summary of the proposal/project status.

Not enough folks are using Discussion pages . Click on this tab more often:

James, this could be the right place for you to put up your (many, many!) ideas for comment. EvilDave, you could put your carbon offset proposal here too. Lots more projects that I don't remember (this is why we need to put all of them in a convenient place).

Pin, maybe it could be easier if you got everyone to post their projects on the wiki instead? Then you can just go through a list of links.

Don't worry about messing things up, it's a wiki, everything can be reversed. And don't worry if you don't know wiki formatting, just type/copy and paste. Other people can help you clean things up. If there's demand, I'll put up a quick guide to simple wiki editing.

I'll be technical support. Anyone has a problem, e.g. getting errors, can't figure out how to do something, ask me and I'll troubleshoot.

+1000

At least, put all your ideas and projects into this wiki. We need this! Nxt needs this!

absolutely the right thought,
but maybe this: List of Proposals and Bounties page
is interfering with: http://wiki.nxtcrypto.org/wiki/Planned_Features

I think we should have ONE place not to waste much time for synchronizing it later?
What do you think?

cheers

But we have

- planned features (http://wiki.nxtcrypto.org/wiki/Planned_Features)
- a big think box which contains all ideas with their possible consequences, and thoughts about target audiences (http://wiki.nxtcrypto.org/wiki/List_of_Proposals)

First one should be more clear and short, the second is more a collection and discussion point which can change several times daily.

We should keep both. What do the others think?

And:
What do others think in general about a / this place for discussion about possible features, service providers and target audiences?

so we have two options:

1. to have planned features (http://wiki.nxtcrypto.org/wiki/Planned_Features) with final description
and a big think box which contains all ideas (http://wiki.nxtcrypto.org/wiki/List_of_Proposals)

2. to have planned features (http://wiki.nxtcrypto.org/wiki/Planned_Features) with final description
- extended by a sub topic "Think Box"

In general, could the discussion Tab from Planned Features be the Think Box?

In any case we should restructure the "Planned_Features" to have just the feature as a link.
Behind that link we find the description of that specific feature.
The "Account Control" Page could be the reference for the detailed description.

That would make it well structured like:
+ Feature Name =link=> Detailed Description Page like. (same as already for Account Control)

bitcoinpaul

hero member

Activity: 910

Merit: 1000

Quote from: TwinWinNerD on February 09, 2014, 07:29:39 AM

Quote from: BitcoinForumator on February 09, 2014, 07:28:19 AM

I've seen a couple of forging pools throughout this thread and noticed a possibitly of forging only by giving "forging rights" without giving the NXTs.

Has anyone one of you tried this and which pool did you use?

I am pretty sure that possibility was only discussed, it is not possible yet

Maybe this gets implemented in Account Control, which is developed by BCNext himself right now.

fmiboy

full member

Activity: 189

Merit: 100

Quote from: joefox on February 09, 2014, 01:21:35 PM

Quote from: freigeist on February 09, 2014, 01:08:50 PM

Is this documentation at http://www.thenxtwiki.org/wiki/Nxt_API#Description
already obsolete as there were already several daily updated from 0.5.11 to 0.7.2?

The documentation for the high-level API is still current (minus a few recent changes that are yet to be updated). Same API calls that worked on 0.5.11 also work in 0.7.2.

some are missing, but once you start using them more often, you will figure out from error messages what each query/API call needs.

martismartis

legendary

Activity: 1162

Merit: 1005

NXTsolaris doesn't run in PC at all. Even I cannot close it in normal way.

EDIT: running finally.

bitcoinpaul

hero member

Activity: 910

Merit: 1000

Quote from: smartwart on February 09, 2014, 05:31:08 AM

Quote from: bitcoinpaul on February 09, 2014, 01:49:56 AM

Quote from: Zahlen on February 08, 2014, 05:55:38 PM

I've started a section on the wiki for organizing our projects. In particular, check out the List of Proposals and Bounties page. I'm thinking we could link to stuff that is "active" there. That could be links to forum threads, google docs, or other wiki pages where projects are being discussed and hashed out, and project statuses are being updated.

For a good example of this, check out the wiki page for the new address format using Reed-Solomon encoding that NxtChg started a long time ago. Very clearly organized.

My thinking is to use the Discussion pages for throwing around ideas, criticisms, suggestions, etc, and use the main pages for summary of the proposal/project status.

Not enough folks are using Discussion pages . Click on this tab more often:

James, this could be the right place for you to put up your (many, many!) ideas for comment. EvilDave, you could put your carbon offset proposal here too. Lots more projects that I don't remember (this is why we need to put all of them in a convenient place).

Pin, maybe it could be easier if you got everyone to post their projects on the wiki instead? Then you can just go through a list of links.

Don't worry about messing things up, it's a wiki, everything can be reversed. And don't worry if you don't know wiki formatting, just type/copy and paste. Other people can help you clean things up. If there's demand, I'll put up a quick guide to simple wiki editing.

I'll be technical support. Anyone has a problem, e.g. getting errors, can't figure out how to do something, ask me and I'll troubleshoot.

+1000

At least, put all your ideas and projects into this wiki. We need this! Nxt needs this!

absolutely the right thought,
but maybe this: List of Proposals and Bounties page
is interfering with: http://wiki.nxtcrypto.org/wiki/Planned_Features

I think we should have ONE place not to waste much time for synchronizing it later?
What do you think?

cheers

But we have

- planned features (http://wiki.nxtcrypto.org/wiki/Planned_Features)
- a big think box which contains all ideas with their possible consequences, and thoughts about target audiences (http://wiki.nxtcrypto.org/wiki/List_of_Proposals)

First one should be more clear and short, the second is more a collection and discussion point which can change several times daily.

We should keep both. What do the others think?

And:
What do others think in general about a / this place for discussion about possible features, service providers and target audiences?

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: BloodyRookie on February 09, 2014, 01:20:16 PM

I don't want to be offensive, but it seems that the curve25519.java file is a black box for you. Talking about leaking private key bits from those changes is ridiculous.
But if BCNext, Jean-Luc and you refuse to make changes to that file then we just have to live with a (in my opinion annoying) every now and then failing signature/verification system.

Common sense doesn't work in cryptography. The problem is easily solvable by another way, so everyone who uses ur fix is just looking for troubles.

The statement that changes in Curve25519 can't lead to private key leakage still require a proof. If u can't provide the math, then u should prove that current implementation was incorrectly translated into Java from the original.

Fatih87SK

hero member

Activity: 616

Merit: 500

Quote from: bitcoinpaul on February 09, 2014, 01:30:39 PM

Quote from: marcus03 on February 09, 2014, 11:33:00 AM

Here is version 1.7 of my Windows NXT client "NXT Solaris".

The (future) open-source version now has the everything implemented that the closed-source version has (except for the blockchain explorer which won't be available in the open-source version).

...

Donations
I hope you like my client and I’d be extremely happy to see some donations for the future of this project!

NXT: 1758531264253431177

Nice!

Awesome!

bitcoinpaul

hero member

Activity: 910

Merit: 1000

Quote from: marcus03 on February 09, 2014, 11:33:00 AM

Here is version 1.7 of my Windows NXT client "NXT Solaris".

The (future) open-source version now has the everything implemented that the closed-source version has (except for the blockchain explorer which won't be available in the open-source version).

...

Donations
I hope you like my client and I’d be extremely happy to see some donations for the future of this project!

NXT: 1758531264253431177

Nice!

bitcoinpaul

hero member

Activity: 910

Merit: 1000

Quote from: Come-from-Beyond on February 09, 2014, 01:20:11 PM

Quote from: gimre on February 09, 2014, 11:03:27 AM

Quote from: Come-from-Beyond on February 09, 2014, 09:52:40 AM

I hope that u won't create a "solution" that leaks private key bits. I'm against the changes until I see a formal proof, so u better talk to Jean-Luc.

Well, I understand math behind the change. (Please, spend 5 min, to read original BloodyRookie's post).

The ONLY difference to original sign is that (x-h) is represented correctly.
(and it WON'T leak keys, attacker would STILL need to solve DLP problem in that group:
or in other words, if s is priv key, what is the difference between a*s and a'*s)

I'm going to run NRS with patched Curve from now on.

edit: some more explanation here: https://nextcoin.org/index.php/topic,3915.0.html

There are 2 options:

1. Patch Curve25519 class
2. Patch Crypto class

Option 1, unlike option 2, may lead to problems u can't even imagine. I would patched Crypto...

+1

I'm no dev, but please don't touch curve.

wesleyh

sr. member

Activity: 308

Merit: 250

More work has to be done to find someone to do a crypto review.. This really is essential and more pressing than any other development in Nxt.

joefox

full member

Activity: 210

Merit: 100

Quote from: freigeist on February 09, 2014, 01:08:50 PM

Is this documentation at http://www.thenxtwiki.org/wiki/Nxt_API#Description
already obsolete as there were already several daily updated from 0.5.11 to 0.7.2?

The documentation for the high-level API is still current (minus a few recent changes that are yet to be updated). Same API calls that worked on 0.5.11 also work in 0.7.2.

BloodyRookie

hero member

Activity: 687

Merit: 500

Quote from: Come-from-Beyond on February 09, 2014, 09:52:40 AM

Quote from: gimre on February 09, 2014, 08:58:55 AM

I've made repo with test:
https://github.com/gimer/curve25519-sign-test

I've also added class files to the repo, so it's enough to replace "nxt-0.7.2\webapps\root\WEB-INF\classes\nxt\crypto\Curve25519.class" with file from the repo and it should work.

I hope that u won't create a "solution" that leaks private key bits. I'm against the changes until I see a formal proof, so u better talk to Jean-Luc.

I don't want to be offensive, but it seems that the curve25519.java file is a black box for you. Talking about leaking private key bits from those changes is ridiculous.
But if BCNext, Jean-Luc and you refuse to make changes to that file then we just have to live with a (in my opinion annoying) every now and then failing signature/verification system.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: gimre on February 09, 2014, 11:03:27 AM

Quote from: Come-from-Beyond on February 09, 2014, 09:52:40 AM

I hope that u won't create a "solution" that leaks private key bits. I'm against the changes until I see a formal proof, so u better talk to Jean-Luc.

Well, I understand math behind the change. (Please, spend 5 min, to read original BloodyRookie's post).

The ONLY difference to original sign is that (x-h) is represented correctly.
(and it WON'T leak keys, attacker would STILL need to solve DLP problem in that group:
or in other words, if s is priv key, what is the difference between a*s and a'*s)

I'm going to run NRS with patched Curve from now on.

edit: some more explanation here: https://nextcoin.org/index.php/topic,3915.0.html

There are 2 options:

1. Patch Curve25519 class
2. Patch Crypto class

Option 1, unlike option 2, may lead to problems u can't even imagine. I would patched Crypto...

freigeist

hero member

Activity: 1116

Merit: 535

Is there any public node or test node running the latest NRS version that allows
api calls?

Is this documentation at http://www.thenxtwiki.org/wiki/Nxt_API#Description
already obsolete as there were already several daily updated from 0.5.11 to 0.7.2?

lophie

hero member

Activity: 924

Merit: 1001

Unlimited Free Crypto

Quote from: gimre on February 09, 2014, 12:54:45 PM

Quote from: lophie on February 09, 2014, 12:20:27 PM

Basically I need you to implement BIP0032 for NXT, or at least tell us if and why it is not possible to do so.

A link to show you what I am trying to accomplish here: https://github.com/genjix/bips/blob/master/bip-0032.md, It was implemented in Electrum bitcoin thin client. For me it will suffice if you make the appropriate working address generation in Java.

definitely possible, but currently, I don't think, you would be able to use derived keys -- that is, not until, there will be APIs that CfB mentioned here:

Quote from: Come-from-Beyond on February 08, 2014, 03:04:29 PM

Quote from: wesleyh on February 08, 2014, 02:41:56 PM

How does one sign a transaction on the client side instead of sending the password in the clear to the server? Any info on this?

I'm working on this. The workflow will look like:

1. U use prepareTransaction API call that returns raw bytes
2. U sign the bytes and inject the signature into them
3. U use broadcastTransaction to send the transaction

Also I think it might be possible, to use bit different scheme, than the one described in BIP.

(out of curiosity, why would you want that, cause maybe there's other way to do it in case of NXT?)

Signing on the client side is already implemented in the android client and the code is open source. The only problem is the desktop client communicates over browser so the signing should be java script, But anyway I honestly don't know how this is related.

With MPK you can have one public key that is able to generate other public keys without touching the private keys. Because they are linked from the seed in a certain way, Both chains (Private key chain, public key chain), will generate corresponding keys in a sequence.

A very good example is AcceptBit.com which is a private key free POS system.

The MPK functionality is VERY important to my new exchange, Also I believe it to be a key element in the automation of decentralized markets, At gateway level.

- Lophie

p.s: There is no way to do this in NXT, I am lacking proper knowledge to surpass the dam of different curve functions between Bitcoin and NXT...

Topic: NXT :: descendant of Bitcoin - Updated Information - page 988. (Read 2761635 times)