[XMR] Monero - A secure, private, untraceable cryptocurrency - page 1394.

xulescu

sr. member

Activity: 263

Merit: 250

Quote from: fluffypony on September 24, 2014, 07:16:24 PM

It verifies checkpoints when loading off disk. It's a bad idea to treat the blockchain as a "file" (same with p2pstate and poolstate), as we have and will abstract these away from their physical files.

Checkpoints are a temporary measure that we're going to get away from eventually, so we're just doing the best we can with something we'll be stuck with for the next few years:)

Well duh, my bad. If it verifies checkpoints then only the checkpoints need to be signed

Furthermore, even after abstracting, there is still going to be a file on the disk, even if that is a compact DB.
Finally, 'next few years' seems like a lot of checkpoints to me to be doing them manually.

But I understand there are other complexities involved with key management, so there definitely is a trade-off here.

fluffypony

donator

Activity: 1274

Merit: 1060

GetMonero.org / MyMonero.com

Quote from: xulescu on September 24, 2014, 07:12:08 PM

My understanding is that the daemon doesn't verify the correctness of the blockchain when it's loading it from disk, and for performance reasons the intention is to keep it this way. In this case, shouldn't the daemon sign all the bin files (i.e. pool, p2p, chain)? Shouldn't it verify the blockchain if there is a problem with the signature?

I argue that automatic checkpoints should be treated the same way, not in case you guys disappear, but so that you don't have to do it manually in the future

It verifies checkpoints when loading off disk. It's a bad idea to treat the blockchain as a "file" (same with p2pstate and poolstate), as we have and will abstract these away from their physical files.

Checkpoints are a temporary measure that we're going to get away from eventually, so we're just doing the best we can with something we'll be stuck with for the next few years:)

xulescu

sr. member

Activity: 263

Merit: 250

Quote from: smooth on September 24, 2014, 05:56:14 PM

Quote from: fluffypony on September 24, 2014, 05:50:17 PM

Quote from: smooth on September 24, 2014, 04:21:52 PM

Quote from: fluffypony on September 24, 2014, 11:18:14 AM

Plus open checkpoints evaluated at runtime allow us to disappear off the face of the earth and a new group could still deliver checkpoints (ie. a reduction in centralisation).

The only plausible way for someone else to take over if we disappear off the face of the earth would be to also take over maintaining the software, which means they could change any public key used to verify a signature, if it were done that way.

The idea that the existing software can continue to run indefinitely and decentralized without being updated is totally implausible.

Point. So then the checkpoints.json thing is a convenience tool more than anything else.

In any case I agree with your point that it doesn't need to be signed, especially if blockchain.bin is not signed.

My understanding is that the daemon doesn't verify the correctness of the blockchain when it's loading it from disk, and for performance reasons the intention is to keep it this way. In this case, shouldn't the daemon sign all the bin files (i.e. pool, p2p, chain)? Shouldn't it verify the blockchain if there is a problem with the signature?

I argue that automatic checkpoints should be treated the same way, not in case you guys disappear, but so that you don't have to do it manually in the future

dEBRUYNE

legendary

Activity: 2268

Merit: 1141

Thanks for clarifying!

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: dEBRUYNE on September 24, 2014, 06:03:31 PM

Quote from: crypto_zoidberg on September 24, 2014, 05:11:26 PM

https://github.com/fluffypony/bitmonero/commit/014708fe71c1379af281ca9ac17e82c159e98e6d

lol

Monero devs (particular fluffypony) have no idea what they do

Any comments on this?

Quote from: smooth on September 24, 2014, 06:08:29 PM

Quote from: sonoIO on September 24, 2014, 05:17:50 PM

Quote from: crypto_zoidberg on September 24, 2014, 05:11:26 PM

https://github.com/fluffypony/bitmonero/commit/014708fe71c1379af281ca9ac17e82c159e98e6d

lol

Monero devs (particular fluffypony) have no idea what they do

fluffypony, isn't he lead dev of XMR?
Check Descryption column in row with his name here
https://privacysolutions.no/

No that is a mistake on the privacysolutions web site. Now that you've pointed it out I'm sure he will have it corrected.

fluffypony made a mistake thinking the BBR commit was a general cryptonote exploit issue.

In the current environment being a bit on edge is understandable.

I see that it has has been reverted.

rdnkjdi

legendary

Activity: 1256

Merit: 1009

Quote from: dEBRUYNE on September 24, 2014, 06:03:31 PM

Quote from: crypto_zoidberg on September 24, 2014, 05:11:26 PM

https://github.com/fluffypony/bitmonero/commit/014708fe71c1379af281ca9ac17e82c159e98e6d

lol

Monero devs (particular fluffypony) have no idea what they do

Any comments on this?

To quote the trollbox ... sexual tension Grin

dEBRUYNE

legendary

Activity: 2268

Merit: 1141

Quote from: crypto_zoidberg on September 24, 2014, 05:11:26 PM

https://github.com/fluffypony/bitmonero/commit/014708fe71c1379af281ca9ac17e82c159e98e6d

lol

Monero devs (particular fluffypony) have no idea what they do

Any comments on this?

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: fluffypony on September 24, 2014, 05:50:17 PM

Quote from: smooth on September 24, 2014, 04:21:52 PM

Quote from: fluffypony on September 24, 2014, 11:18:14 AM

Plus open checkpoints evaluated at runtime allow us to disappear off the face of the earth and a new group could still deliver checkpoints (ie. a reduction in centralisation).

The only plausible way for someone else to take over if we disappear off the face of the earth would be to also take over maintaining the software, which means they could change any public key used to verify a signature, if it were done that way.

The idea that the existing software can continue to run indefinitely and decentralized without being updated is totally implausible.

Point. So then the checkpoints.json thing is a convenience tool more than anything else.

In any case I agree with your point that it doesn't need to be signed, especially if blockchain.bin is not signed.

fluffypony

donator

Activity: 1274

Merit: 1060

GetMonero.org / MyMonero.com

Quote from: smooth on September 24, 2014, 04:21:52 PM

Quote from: fluffypony on September 24, 2014, 11:18:14 AM

Plus open checkpoints evaluated at runtime allow us to disappear off the face of the earth and a new group could still deliver checkpoints (ie. a reduction in centralisation).

The only plausible way for someone else to take over if we disappear off the face of the earth would be to also take over maintaining the software, which means they could change any public key used to verify a signature, if it were done that way.

The idea that the existing software can continue to run indefinitely and decentralized without being updated is totally implausible.

Point. So then the checkpoints.json thing is a convenience tool more than anything else.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: fluffypony on September 24, 2014, 11:18:14 AM

Plus open checkpoints evaluated at runtime allow us to disappear off the face of the earth and a new group could still deliver checkpoints (ie. a reduction in centralisation).

The only plausible way for someone else to take over if we disappear off the face of the earth would be to also take over maintaining the software, which means they could change any public key used to verify a signature, if it were done that way.

The idea that the existing software can continue to run indefinitely and decentralized without being updated is totally implausible.

xulescu

sr. member

Activity: 263

Merit: 250

Quote from: 25hashcoin on September 24, 2014, 03:51:42 PM

I've never mined any coin in my life. I am interested in mining Monero. I run Ubuntu. Is there an easy/straightforward guide on how i can set this up?

Welcome, and let me point you to http://monero.cc/getting-started/index.html

Depending on your setup, make sure to read the OP and look for a list of miners. You might have to follow their threads to get more information about how to compile, run, configure them from their own threads (if applicable).

xulescu

sr. member

Activity: 263

Merit: 250

Quote from: psterryl on September 24, 2014, 03:54:15 PM

Quote from: ArticMine on September 24, 2014, 03:51:53 PM

Quote from: psterryl on September 24, 2014, 03:23:24 PM

Quote from: ?? on ??

Hi folk,

I suspect some potential problem, so i would like to ask to contact me every exchange that trade CN (especially Polo, Bittrex and Bter).
If someone is in touch with exchange operators, please let them know.

Zoidberg

X-posted from BBR thread. Seems an attack against Cryptonote coins may actually be underway?

Is there a link to actual post where crypto_zoidberg posted this?

Click on "Quote from: crypto_zoidberg on Today at 07:06:01 PM" at the top of the quote.

Post was removed.

psterryl

member

Activity: 87

Merit: 10

Edit: never mind, seems this isn't to do with the ongoing attack threat and the devs are already on top of it.

Chicken76

newbie

Activity: 58

Merit: 0

Quote from: skygong on September 24, 2014, 03:37:43 PM

thinks.
how long temporary security precaution？

The initial announcement was for 24 hours. We're waiting for the developers to post more details if there's anything going on that would require it to be prolonged.

ArticMine

legendary

Activity: 2282

Merit: 1050

Monero Core Team

Quote from: psterryl on September 24, 2014, 03:23:24 PM

Quote from: ?? on ??

Hi folk,

I suspect some potential problem, so i would like to ask to contact me every exchange that trade CN (especially Polo, Bittrex and Bter).
If someone is in touch with exchange operators, please let them know.

Zoidberg

X-posted from BBR thread. Seems an attack against Cryptonote coins may actually be underway?

Is there a link to actual post where crypto_zoidberg posted this?

25hashcoin

hero member

Activity: 574

Merit: 500

I've never mined any coin in my life. I am interested in mining Monero. I run Ubuntu. Is there an easy/straightforward guide on how i can set this up?

skygong

newbie

Activity: 9

Merit: 0

Quote from: infofront on September 24, 2014, 02:38:00 PM

Quote from: skygong on September 24, 2014, 02:36:13 PM

Quote from: owlcatz on September 24, 2014, 01:53:24 PM

Quote from: skygong on September 24, 2014, 01:39:00 PM

bittrex.com

Disabled Monero Disabled XMR

？？？

wallet offline precaution at request of the devs

why?

Here is the best and shortest write-up i've seen so far. btw, you should be able to buy/sell, just not withdraw or deposit.

http://bullbearanalytics.com/2014/09/23/whats-going-monero/

[edit - removed tracking info that i missed sorry]

thinks ，I not withdraw or deposit. why？
I want deposit xmr.

temporary security precaution

thinks.
how long temporary security precaution？

psterryl

member

Activity: 87

Merit: 10

Edit: never mind, seems this isn't to do with the ongoing attack threat and the devs are already on top of it.

infofront

legendary

Activity: 2646

Merit: 2793

Shitcoin Minimalist

Quote from: skygong on September 24, 2014, 02:36:13 PM

Quote from: owlcatz on September 24, 2014, 01:53:24 PM

Quote from: skygong on September 24, 2014, 01:39:00 PM

bittrex.com

Disabled Monero Disabled XMR

？？？

wallet offline precaution at request of the devs

why?

Here is the best and shortest write-up i've seen so far. btw, you should be able to buy/sell, just not withdraw or deposit.

http://bullbearanalytics.com/2014/09/23/whats-going-monero/

[edit - removed tracking info that i missed sorry]

thinks ，I not withdraw or deposit. why？
I want deposit xmr.

temporary security precaution

skygong

newbie

Activity: 9

Merit: 0

Quote from: owlcatz on September 24, 2014, 01:53:24 PM

Quote from: skygong on September 24, 2014, 01:39:00 PM

bittrex.com

Disabled Monero Disabled XMR

？？？

wallet offline precaution at request of the devs

why?

Here is the best and shortest write-up i've seen so far. btw, you should be able to buy/sell, just not withdraw or deposit.

http://bullbearanalytics.com/2014/09/23/whats-going-monero/

[edit - removed tracking info that i missed sorry]

thinks ，I not withdraw or deposit. why？
I want deposit xmr.

Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1394. (Read 4670630 times)