I am here in this year! Congratulations to core devs and all the Monero people! Version 0.9 is here! I am just a bit confused, entering https://getmonero.org-- there is no evidence that Monero v. 0.9 has been released indeed! No news, no other signs. One can acidentally guest, by clicking "Windows download" he gets newest v. 0.9 version only by the name of zip archive being downloaded. Please fix the site, https://getmonero.org! - "Current Version: 0.9.0.0 Hydrogen Helix" |
|
|
|
Both are Cryptonight-based coins. What is the main difference (on the technical side)?
Monero is a vastly different project from its CryptoNote origins. In the year-and-a-half since we took over as stewards of the Monero project we've added 246000 lines of code (ignoring modifications to external libraries such as unbound, miniupnpc, lmdb, etc.) and modified 13890 existing lines of code. Our focus has been on major improvements to both the protocol and implementation, as well as incremental refactoring and commenting. To give you a stark example of the differences: Bytecoin currently has 13336 comments in its code, and Monero has 36072. Off the top of my head, here are things that Monero has done that Bytecoin hasn't: - Discovered severe, fundamental flaws in the underlying CryptoNote protocol- Proposed fixes for those flaws- Implemented fixes for those flaws in a hard fork - Implemented a rolling hard fork mechanism - Completely overhauled and improved the CMake build mechanism with the assistance of Kitware, the creators of CMake - Improved and extended the wallet storage format - Massively improved the (purposely obfuscated / broken) PoW hashing mechanism - Added Electrum-style mnemonic seeds - Created and added wordlists for various languages (English, Portuguese, Russian, Japanese, Spanish, Italian) - Created a multilanguage subsystem for all CLI tools - Added transaction auto-splitting - Massively improved payment ID scanning - Added support for OpenAlias- Created and implemented a scheme for address + payment ID serialisation - Created and implemented a scheme for stealthed payment IDs - Implemented a cryptographically secure DNS seeding system - Implemented a cryptographically secure distributed checkpoint referencing system - Moved from in-RAM database to a backend-agnostic blockchain database - Created an LMDB blockchainDB implementation (with the help of Howard Chu, the creator of LMDB) - Created a BerkeleyDB blockchainDB implementation - Created an OS-agnostic raw blockchain format - Built tools to convert between blockchain implementations, as well as import and export them - Added support for FreeBSD, 32-bit Windows, 32-bit Linux, ARM v6, ARM v7 (and above) - Added QoS (bandwidth control) to the wire protocol - Implemented a proper background forking (daemonising) mechanism that supports Unix forking and Windows services - Added a core crypto implementation based on SUPERCOP ref10- Switched to a triangular distribution for output selection - Created a "trusted daemon" system for remote daemon use And in which one would you invest?
Both will probably be non-existent in a few years. If by some chance Monero survives it will find its use as a privacy-centric currency / store of value, not as an investment vehicle. The non-fixed emission (to maintain mining incentives ad infinitum) means that it will never have the same scarcity as Bitcoin, but I think it's already been demonstrated that scarcity in altcoin distribution is wholly overrated. |
|
|
|
hi guys i have around 1k xmr that always stays locked and never gets unlocked. i do not know if those 1000 are real or if they somehow magically summed up becasue i did send money to myself several times... anyway, yesterday i tranfsered money to my cold wallet...later i realized it did not work, money was still here in my normal wallet..very strange, i rescant everything and now have this crazy behaviour. this event shoked me, if i wouldnt have used rescan_spent i wouldntn have noticed it was not send to my cold wallet. i hope this did not happen with my old hot wallet i deleted ..  dont want to open cold wallet to see whats up. allready did rescan_spent + rescan_bc, without success, the 1k stays locked, also if i wait over night. any ideas ? i know people had similar problems but they didn have a corrupted balance later no? Two things that occur to me: 1. Can you try restore from .keys file rather than rescan, just to eliminate potential rescan bugs? Just delete the .bin and reopen it. 2. When you transferred did you get a txid? If so, did you check if it hasn't been mined yet (on a block explorer)? It sounds like you might be rescanning whilst a tx is not (yet) mined, but that's just a guess based on the info. |
|
|
|
The link on the getmonero site still points to the previous version..
Fixed, sorry about that |
|
|
|
There it is folks, if you want to know if this coin is secure, go ahead and pony up the money.
   Quit horsin' around. |
|
|
|
add to that fact that with 0.9, it will be easier to promote XMR to new users and to promote projects using XMR (such as monerodice)
I must have missed the fact that you can invest in the house on monerodice. That's pretty cool. I just read in the FAQ that "Given how new the site is, and the risk of bugs and security issues, all withdrawals are processed manually from our cold wallet. We try and process them as quickly as possible, and thus most withdrawals will be credited within 15 minutes." How many people have access to the cold wallet? If something ever happened to fluffypony and rznag, would there still be a way for people to withdraw their funds? As long as you've set your emergency withdrawal address, yes, in the event of something catastrophic happening it'll flush out to those addresses. The remaining funds (for those that haven't set a withdrawal address) would go through a manual allocation process by a third-party (if we both got hit by a bus simultaneously) or by one of us. |
|
|
|
$18 million sounds like a fortune to you doesn't it ? You run an import/export company with less than 1m annual turnover and you think you're a wiseguy.
How do I know its less than 1m ? You look cheap. Your watch costs $100 or less.
Microsoft does not invest in projects that are unlikely to succeed or are led by amateurs. Vitalik is young, he has the capacity to learn. Ethereum is as revolutionary to cryptocurrency as web was to the internet.
Gosh, what do I deal with first. No, $18 million doesn't sound like "a fortune". It's a fair chunk of change, and given that it is the 4th highest amount raised by a crowd-funded project it is clear that it *is* a fair amount of money. To a startup that is manufacturing hardware at scale it is barely enough money to get a run going, but to a software startup with relatively low base costs it is, frankly, a fortune. There are plenty of unicorn software startups that spent a lot less than that in their first several years of existence, much less the first year. As to your comments about me and my company: not only do you not know me, have never met me, know nothing about my life and my businesses, but you are arguing a point that is not up for discussion. See: https://yourlogicalfallacyis.com/ad-hominem. Try an actual argument instead of a logical fallacy, please. Finally, Microsoft has not invested in Ethereum or in Vitalik. They have signed a deal with ConsenSys, which is Joseph Lubin's company. FYI: this is the same Microsoft that sunk $5 billion into AT&T, or more recently bought Nokia and then promptly took a $7.6 billion impairment charge (on a $7.9 billion deal). |
|
|
|
And we did it for a minuscule fraction of the $18 million raised by Ethereum. But I'm surely preaching to the choir here - as a CEO of a large corporation, you'd surely never let such a phenomenal amount of money be wasted, would you?
I don't think money was wasted and neither does Microsoft. Stop feeling butthurt, project you forked from the original ring signatures developers failed. It happens. Startups/projects that don't succeed in the first two years usually fail.. Next time work harder! Ethereum has two years to prove its worthiness, so far they are doing great! So as a CEO of a large company you would be completely fine with what has been done with $18 million? Either your claims of being a CEO is farcical, or you're such a trust fund baby that you have no idea how to value money. Or, as smooth said, you're shorting. |
|
|
|
Fixed Cry me a river pony, Vitalik's project is alive and kicking, yours is about to die soon. 2 years of development and you couldn't code a simple wallet GUI.
Once ethereum developers create ring signature dapp monero will die for good.
"Alive and kicking" only because it created $18 million in bagholders. Our unfunded little project has had 1335 commits in the 591 days since we took over as stewards. In that time our 32 contributors have added 283 704 new lines of code, modified 17 388 lines of code, and removed 1056 lines of code. And we did it for a minuscule fraction of the $18 million raised by Ethereum. But I'm surely preaching to the choir here - as a CEO of a large corporation, you'd surely never let such a phenomenal amount of money be wasted, would you? |
|
|
|
I'm not going to speculate on the future of Ethereum ring signatures here. Monero already has a working system today - I think it will become more popular once we have more web services using it.
You don't even have a GUI, monero man-child developers (thats how Vitalik calls them) are useless. Way over 50% of hash rate are botnets. It's dead Jim... I'm still holding a decent amount (couple tens of thousands) but the first pump that comes along - I'm out. Oh well, I guess I'd better copy-and-paste my comment from Reddit on the state of Ethereum: On the topic of poor design: - Vitalik has repeatedly eschewed and ignored commentary from researchers and plowed ahead with poor design decisions. - Where he hasn't ignored the commentary, he has instead noted it and then layered complexity on top of the bad idea in order to make it workable (complexity is the enemy of secure cryptography and good system design). - He also repeatedly fails to cite prior research / researchers, which I guess leads some to view him as more than he is, which in turn leads to an inherent trust in a poorly designed system. - He uses mathematical notation in a completely incorrect manner in formal papers (some of which govern the very inner workings of Ethereum) such that mathematicians are unable to peer review the paper. If you can't understand what he's trying to express, how can you confirm if the concept is valid or the mathematical proof is correct? - When the above is pointed out to him he (naively or foolishly or disingenuously) claims that the security of the model is "in the code" and not in the mathematical proofs. This bizarre world-view is only dangerous in light of the fact that the system has to at least protect its users somewhat. On the topic of mismanagement: - Instead of focusing on a single implementation they instead hired developers to build out at least 4 of the multiple implementations. - The consequence of this was not only a breaking inter-implementation fork 6 months ago, but also has (as their security auditors put it) "testing needs...more complex than anything we've looked at before". - They raised $18.4 million, which was almost entirely spent a year later. According to the blog post on the matter they have enough money to make it to June 2016, possibly a little beyond that. That is truly shocking, considering that Ethereum had the 4th highest crowd-funded project funds. - Instead of biting the bullet and immediately beginning a systematic process of converting the majority of the funds raised into a store of value that would remain relatively stable for the 3-5 years it would take for the project to be built up, they kept the bulk of it in Bitcoin, resulting in a $9 million shortfall on their initial funding amount (when viewed in USD terms). - Despite promising financial transparency with the money that had been raised, it took them over a year before they suddenly realised they actually needed to come through on that. A startup needn't make their financial activities public at all, but if that is the case then don't promise such transparency. Doing so, and then failing to deliver on that promise, points to incredible mismanagement by individuals that have no clue how to run or build up a company. |
|
|
|
Is there something wrong with monerodice.net?
I have withdrawn my funds 2 days ago from monerodice.net
But I have never received the funds in my mymonero.com wallet and the transaction hash for the transaction shows 0 and my balance on monerodice shows 0 too.
Was it the ~78 XMR withdrawal? I completely missed that, just processed it now - sorry about that. |
|
|
|
<removed some frustration shit>
We need a non javascript mirror. That is the only way any real traffic is going to happen.
You know that we spent a ton of effort making sure the forum works without Javascript, right? We eventually even recently fixed the JS menu, which was a pain as Bootstrap likes a JS menu...but all sorted now:) I didn't know that, and thanks for the effort. To be frank I like Javascript, especially when it's done right. In this particular case though, the thing that I found most cumbersome is the append-posts-and-scroll-endlessly feature. Is there a way to disable this that I'm missing perhaps? You mean turn on pagination instead of the eternal scroll, even though you have JS enabled? Can look at it  |
|
|
|
<removed some frustration shit>
We need a non javascript mirror. That is the only way any real traffic is going to happen.
You know that we spent a ton of effort making sure the forum works without Javascript, right? We eventually even recently fixed the JS menu, which was a pain as Bootstrap likes a JS menu...but all sorted now:) |
|
|
|
Also, the official forum is forum.getmonero.org. Announcements and discussions are often posted there instead of here, though may also get cross posted here.
I've tried to use the official forums before and just found them unpleasant... it's hard to put my finger on it; maybe it has to do with the alignment or style of the text, or perhaps the old-school nested comment trees... not 100% sure. I'm sure someone at one point worked very hard to put them together, so I hope no one takes it personally, but I would almost rather Monero move over to a Simple Machines Forum standard itself. This place catches a lot of shit, but with a few exceptions its actually very functional and pleasant to use. I agree, not a big fan of that forum design. You guys know that you can change that, just click on the little gear button at the top to go to settings ( https://forum.getmonero.org/user/settings) and under "Forum View" just change "Sort posts by" to Latest or Oldest, per your preference. Then you'll never see a nested thread again:) |
|
|
|
So please credit me with the prior art and then you need to implement my solution and not Shen's.
How on earth do you get that you have prior art?! Where is your published paper, predating Shen's, that describes your scheme??? Honestly, I'm too busy to have a circuitous discussion about this, so I'll let Wikipedia explain what prior art means: Prior art (state of the art[1] or background art[2]), in most systems of patent law,[3] constitutes all information that has been made available to the public in any form before a given date that might be relevant to a patent's claims of originality. If an invention has been described in the prior art, a patent on that invention is not valid.
Information kept secret, for instance, as a trade secret, is not usually prior art, provided that employees and others with access to the information are under a non-disclosure obligation. With such an obligation, the information is typically not regarded as prior art. Therefore, a patent may be granted on an invention, although someone else already knew of the invention. A person who used an invention in secret may in some jurisdictions be able to claim "prior user rights" and thereby gain the right to continue using the invention. As a special exception, earlier-filed and unpublished patent applications do qualify as prior art as of their filing date in certain circumstances.
To anticipate the subject-matter of a patent claim, prior art is generally expected to provide a description sufficient to inform an average worker in the field (or the person skilled in the art) of some subject matter falling within the scope of the claim. Prior art must be available in some way to the public, and in many countries, the information needs to be recorded in a fixed form somehow. Prior art generally does not include unpublished work or mere conversations (though according to the European Patent Convention, oral disclosures also form prior art—see Article 54(2) EPC).
|
|
|
|
We wouldn't if you didn't sometimes come across like such a Doos. Ek speel maar net.
lol, net 'n grappie, ne? That said what would be the benefit of Evan putting malicious code into his project? Or anyone else from the dev team? Also as they can be rolled back by other members of the team any such theoretical attack from within could hopefully be negated?
Speaking purely hypothetically? The benefit would be when he's cashing out and he needs one-last-pump. BTW: the effects of the backdoor can be observed in both cases when it is used, and not any earlier. So there is really no difference in that regard. The forking is of course possible, but that is easily observable, too, or am I missing something?
Well, imagine he obfuscates the code such that it only activates on a successful deactivation of an existing spork. Then it lies dormant until he reaches out and touches every node with His Noodly Appendage. Wrong.
The spork is merely a secondary lever, not a magical "activate terrible code"-button. A malicious Monero developer for example could implement "underhanded code" into your official GUI-wallet release (you know, in 2045 or so when it's finished) with the simple instruction of having it activate when certain conditions are met, like a date, a block height, a difficulty level, even a certain transaction amount or a combination of any of these conditions. Heck, for all I care he could program his own spork as underhanded code into your release and create the same exact scenario you just tried to reduce onto DASH.
As you can see, your central argument has been easily refuted, making Dash just as vulnerable to that method as any other crypto. Not more, as you tried to construct. Nice try though.
The majority of those conditions (dates, block heights, difficulty levels, transaction amounts) would be easily visible even in heavily obfuscated code. Furthermore, activating at any of those junctures may be sub-optimal for our hypothetical malicious dev's needs. Being able to trigger at point-in-time is incredibly, incredibly powerful (in the negative sense). Anyhow, this has been an interesting conversation, and I've appreciated the more mature responses from toknormal et al., but I think it's best to shake virtual hands and move on. Cheers:) |
|
|
|
So I'd like to address some of the earlier posts. First off, to those that felt it necessary to make puerile comments about me, ad hominem attacks weaken your premise. I understand it's hard to see the wood for the trees, but honestly, get over yourselves. You aren't beyond reproach (far from it), and all of you clearly lack the humility and wherewithal to know what you don't know. Shooting the messenger doesn't make you right, it just makes you ignorant. Stating that you are ignorant is not "FUD", it's a statement of fact, but the good news is that ignorance is a state you can escape from. Now, it's important to understand why this "spork" nonsense is so fundamentally broken. I've seen arguments centred around the "many-eyes" principle of FOSS, and some based on deterministic builds (which is an idiotic argument, and completely misses the point, so I won't be addressing it). I know that for many of you this is your first open-source project, and your first exposure to the development of security software of any kind, and so you may be unfamiliar with thinking adversarially. You may think that merely because a handful of others glance at the code that it magically makes it secure, but that is not the case. Open-source software i just at risk as closed-source software, except that you're not paying known entities to review the code. Neither approach is a magic bullet. So how could a backdoor be hidden in the code? If you've ever seen the International Obfuscated C Code Contest you'll know that it is reasonably trivial to make code nearly impossible to read and grok. But have you ever heard of the Underhanded C Contest? If you're familiar with C then I encourage you to take a look at some of the past entries. The long and the short of it is that it is not unheard of, or particularly difficult, for an obfuscated back door to be slipped into open-source code. But hey - this is a risk in Bitcoin and Monero and other cryptocurrencies, so Dash is fine, right??? Well...for currencies besides Dash the risk is somewhat reduced by the fact that the effects of such a backdoor can immediately be observed, whereas with Dash the "spork" model means that an exploit can be hidden away and only activated at a later stage, or the network can be remotely forked by anyone who holds the spork key. My conversation with dEBRUYNE was neither secret (it was in a public channel) nor was it incorrect. If you can't understand the implications of what I said then it would behove you to discuss it with me, rather than insulting me. |
|
|
|
1) idea
2) write & code
3) peer review & test
4) implement
5) tell people about it
Out of curiosity: What is the difference between 2 and 4 in your list? 2 would be a reference implementation, in Python for example, and 4 would be the actual implementation. |
|
|
|
With unscalable networks its a mute point anyway
*twitch* It's "moot" not "mute". |
|
|
|
|
Show Posts
