Topic: [XCR] Crypti | Dapps | Sidechains | Dapp Store | OPEN SOURCE | 100% own code | DPoS - page 123. (Read 804676 times)

With such a short block time you can expect a dramatic blockchain file size increase after a month of operation.

Let's talk about DPoS Forging.  What has been the observed monthly upload / download transfer of data in MB required to run a DPoS node on your testnet?  What's the average number of bytes being added to a DPoS blockchain every ten seconds?  What's the minimum number of bytes added for a zero block in 0.2.0?

All this talk of TV Shows... I have to say I love me some Vikings. That show is amazing! (Also a huge firefly fan though).

Yes, Max is on it... The lag is because Lin is the only one trusted with the passwords to the cold wallet.

He could use the web wallet for a secure transaction, but I bet Lin "Trusts no one"

The Bter hot wallet is down to only 37K.  Have you got a contact at Bter that you can ask for a reload to keep the withdrawal of Crypti going? 

Did you have a chance to finalize plans?

Love this show. one of the best on the TV now.

I am indeed a Browncoat forever.  My user name here was a natural when I became involved with Crypti and saw you had a lead dev named Syrenity.  Firefly (how can it possibly be more than a decade old now?) goes beyond being my favorite TV show into effectively being a personal creed.



My top current TV show is Better Call Saul, which has its season one finale tonight.  I can certainly empathize with a guy who is called a chimp with a machine gun.  

http://www.amctv.com/shows/better-call-saul

BCS is a worthy prequel to Breaking Bad, which is right up there with The Sopranos as a Shakespearian-level drama vying for Best TV Show Ever.  

second favorite TV show? Let me guess at your #1 favorite TV show........... could it be FIREFLY ?   

Mal, great post on keyloggers.

There are HARDWARE key loggers as well.  A USB extension cable can contain a hidden keylogger in the plug.  PS2 keyboard cable adapters are also available with a keylogger.  I used one for years as a backup recorder for my daily reports for work.  

There is also a USB stick available that monitors WiFi transmissions in the immediate area.  I use a WiFi keyboard at home (concrete walls, 1 mile from other houses) for my laptop because I like the screen to be 3 feet away, not on my knees.   My I-Pad also has a detached Bluetooth keyboard, from which the keystrokes can be farmed.  

Using this keyboard in a public place would make my keystrokes farm-able by such a device.  

Always practice safe computing....... especially when traveling to other countries.  Internet cafes and hotel courtesy computers are prime abusers of keyloggers.

To clarify, this means Crypti DOES have protection against WiFi / Bluetooth sniffing but DOES NOT have protection against keyloggers.  EVERY cryptocoin has this vulnerability and ALWAYS WILL.

If you have sizable amounts invested in ANY cryptocurrencies including Crypti, do yourself a favor:

1. Buy a cheap used laptop at EBay.  
2. Zero every single byte on its hard drive using a program from this list:  http://pcsupport.about.com/od/toolsofthetrade/tp/free-data-destruction-software.htm
3. Reinstall from scratch the operating system of your choice FROM A FACTORY ORIGINAL (NOT PIRATED!) CD OR A DOWNLOAD THAT IS MD5 HASH VERIFIED BEFORE INSTALLATION.
4. Go directly to the cryptocoin's website (and ONLY that website - DO NOT SURF THE NET AT ALL) and download the coin wallet program.
5. Use ONLY THIS LAPTOP for all future coin transactions.  
6. Use this laptop for NOTHING else.  Consider it your private, dedicated banking terminal.  FOR GOD'S SAKE DONT EVER USE IT TO SURF THE INTERNET.

As a cryptocoin user, keyloggers are your mortal enemy.  Isolate your cryptocoin activity to a zone where you have taken active measures to prevent keyloggers from ever being installed.  

Are you REALLY paranoid (like me)?  Consider using a virtual keyboard to enter your password:  https://www.raymond.cc/blog/how-to-beat-keyloggers-to-protect-your-identity/  None are perfect;  Oxynger KeyShield is probably best:  http://www.oxynger.com/download.html

But wait!  What if Oxynger has a secret keylogger installed in its software?  Or what if Awesome Password Generator sends emails straight to the NSA?

Welcome to the hall of mirrors.  If you worry about this kind of thing, do a binge catchup session and join me in watching my second-favorite TV show:  http://www.fxnetworks.com/shows/the-americans/episodes

If you log in from a public computer, or do not have anti-virus software running;  there is always the danger of a keylogger getting your password to Crypti and any other account you may have, banks, credit cards, porn sites, email, Facebook, etc.  

If you are in a public place and use a wifi or Bluetooth keyboard, the information typed on such a keyboard is not encrypted when sent to your I-Pad, and can be intercepted and used to steal your funds.

The Crypti passphrase is hashed before being sent over the web, so interception, while possible, is encrypted.  

Yep, it's being taken care of. Rest assured.

The key doesn't even get to the node. Everything is signed locally and you simply "upload" a hash.

http://crypti.ws/charts.php

We are back on the road guys.

That's interesting. How does it work? If you login to a remote note and enter your private key to login; what prevents the owner of the node/webserver from recording your key?

Mal I can't go in to detail about things.. But rest assured both of those will have solutions soon


Ok its been fun being off my leash for today, I'm going back to may dark dungeon to get back to work!!!

I gotta say I would rather see:

"IF YOU USE SIMPLE PASSWORDS, YOU WILL LOSE YOUR CRYPTI.

IF YOU LOSE YOUR PASSWORD, YOU WILL LOSE YOUR CRYPTI.

THESE TWO POINTS CANNOT BE STRESSED ENOUGH.

USE 35+ RANDOM ALPHANUMERIC CHARACTERS IN YOUR PASSWORD."

on the 0.2.0 password page instead of:

"For security reasons, please use long passphrases."

Heck, I'd put in a link to Awesome Password Generator there too.

I saw too many people lose their NXT in the early days and get turned off of the whole cryptocoin thing because this was not common knowledge or widely discussed.  Crypti will hopefully do much better in this area.  It's critical.

Ok this may help bridge the gap, in an over simplified comparison: Bitcoin WIF can be compared to Crypti passphrase.

So we know what Crypti passphrases are, but what is a Bitcoin WIF?
WIF (Wallet Import Format) is used in Bitcoin for things like cold storage wallets and many other things..
All of your Bitcoin wallet addresses have one and it and be found from your wallet command line.

So lets look at the example of Paper wallets




- Ok to the Left we have your standard BTC address, as you can see this is used to Load (send BTC to it) and Verify (block explorer check the balance)

- To the right we have a WIF private key used to Spend (use the BTC)

So how do we use/spend that BTC?



You simply go to your BTC wallet console and copy the WIF in to the command line
with the command
The wallet then "hashes" the key pairs and address from this number



you know have a address to send BTC to, the above WIF hashes to 1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm


So what does this have to do with Crypti?

Ok remember I said Crypti passphrase are "like" BTC WIF

Let use the same string of numbers and letters above from the WIF and put it in to a Crypti wallet as a Passphrase



Here is what we get



Account: 14078299672521807431C

Crypti uses a different Hash algo then Bitcoin (see above)
However the same WIF entered in to any Bitcoin wallet anywhere will always give you the same address in to the wallet

I think by now your seeing where this comparison is going.. but if not..

 the same Passphrase entered in to any Crypti wallet anywhere will always give you the same account in to the wallet

Please note I have over simplified this a little, it is much more complex when you get in to the code...

To sum it up entering 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf in to
Bitcoin wallet gives you
1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm

Crypti wallet gives you
14078299672521807431C

I guess I never thought about it but if you are having a hard time coming up with a good Crypti passphrase and you own Bitcoin, you could always use the same. I would not recommend this, it would be like someone getting your car keys and then also robing your house with the key on the same ring..

So moral of the story in Bitcoin the wallet stores this info in the wallet.dat file, in Crypti you store it in your Brain. Oh and that means ppl can't hack your wallet and steal your Crypti keys oh and with Crypti the passphrase can be up to 100 characters and use ANY unix character like ¿ Ð ‡

Because if you haven't put it together by now, if someone guesses your WIF its the same as if they guess your Crypti passphrase
So bitcoin uses  51 characters (only numbers and letters) and always start with the number 5.

Please understand guessing either a hard Passphrase or a WIF is very very hard for either of them.

Say you are totally new to Crypti and want to buy some Crypti at the current $0.005 each from Poloniex.  You download the Crypti "wallet" software and run it.  It loads the blockchain and gives you a welcome screen where you can enter a password.  It downloaded the blockchain in case you have a Crypti account capable of forging and you want to do so.  But you don't own any Crypti yet so you can't forge yet even if you wanted to.  

So at this point you download Awesome Password Generator and come up with a strong 50 character password.  You type this  password in and the program spits out your new Crypti account number which ends with a C.   You write this account number down on a piece of paper and close the Crypti wallet software.   SO FAR NOTHING ASSOCIATED WITH THIS ACCOUNT NUMBER IS ON THE CRYPTI BLOCKCHAIN YET.  You go to Poloniex and buy some Crypti with Bitcoin you already own.   Next you tell Polonex you want to "withdraw" this Crypti you now own.  You give Polo your Crypti account number.  Polo contacts all operational Crypti forging nodes and instructs them to transfer ownership of the amount of Crypti you specified from their account number to your account number.  The forger does this.  NOW YOUR ACCOUNT NUMBER IS ON THE BLOCKCHAIN.  POLO AND A LUCKY FORGER WHO GOT THE FEES PUT IT THERE, NOT YOU.  

You can now go into the jungle for a few years to write your novel on an old manual typewriter, away from any distracting connection to the internet.  When you finally come back, you can fire up your old laptop, run the Crypti wallet software again, enter the password that you never lost, and transfer your Crypti back to the Polo Crypti account and sell it for its appreciated $1 each.   THIS IS THE FIRST TIME YOU EVER ACCESSED YOUR ACCOUNT NUMBER ON THE BLOCKCHAIN, WHICH HAS BEEN CARRIED ALONG ON THE BLOCKCHAIN WITHOUT ANY DIRECT INTERACTION BY YOU UNTIL NOW.

Is this a "cold wallet" or "cold storage"?  Depends on the definition, and everybody defines a "cold storage" differently.   Here's how Bitcoin defines "cold storage":

http://codinginmysleep.com/bitcoin-cold-storage-in-plain-english/

To oversimplify, the most common Bitcoin versions of "cold storage" takes a chunk of the blockchain associated with an account out of cyberspace and puts it on a physical artifact that you can secure with physical means like a safe or a safe deposit box.  There's no longer enough info left on the blockchain to allow the account to be accessed from cyberspace.  For you to get these "cold storage" bitcoins back, you have to "read" that chunk of the blockchain back into cyberspace from its physical storage.  

Brainwallet blockchains like NXT and Crypti cannot be "factored" into "chunks" that can be taken offline.  All their data is right there for the world to see in all their glory, every minute of every day.  This approach theoretically allows a whole bunch of cool but tricky new features that NXT and Crypti are working hard to implement.   It also means that the blockchain and ALL accounts are right there for the taking by any hacker that can figure out a password that accesses an account that has previously been loaded with coin.  

Bitcoin has the ability to implement "cold storage" via brainwallet techniques among other ways such as "paper wallets", "hardware code safes", etc.   Bitcoin generally no longer recommends using "brainwallet" techniques for their "cold storage" because of so many people losing their money.  See:

http://cointext.com/brain-wallet-thefts-increasing/
https://bitscan.com/bitnews/item/the-pros-and-cons-of-brainwallets

All of this is valid.  However, there are many advantages that brainwallets allow which Bitcoin will never see because of how it is structured - another reason Bitcoin is so willing to abandon brainwallets as a technique.  Basically, "offline storage" = "secrets"; "brainwallet" = "open source"....

Brainwallet tech is the foundation Crypti is based on.  It's the only security method Crypti has got.  And DONE CORRECTLY, IT IS VERY SECURE.  However, HUMAN ERROR CAN EASILY COMPROMISE BRAINWALLET SECURITY.

IF YOU USE SIMPLE PASSWORDS, YOU WILL LOSE YOUR CRYPTI.

IF YOU LOSE YOUR PASSWORD, YOU WILL LOSE YOUR CRYPTI.

THESE TWO POINTS CANNOT BE STRESSED ENOUGH.

So, bottom line, brainwallets are indeed a form of "cold storage".  They enable many cool capabilities that are going to be developed in the near future.  And they have got to be handled with care by their users at all times.

Crypti is serious money for serious people.