I'm sure if you do some internet searching you can find the exact technical information (hint: DER encoding for ECDSA).

Every tx is signed - the problem is the signature itself (which is considered part of the transaction for the purposes of the tx hash which is what identifies it). Unfortunately it is possible to change a signature (slightly) without invalidating it.

Think of it like the number 42 being also able to be represented as 42.0 (same number but the representation is slightly different).

From what I gather the latest release of Bitcoin should now only accept a specific format of the signature which should stop the current (annoying but not causing loss of funds) attack vector.

Unfortunately the Blog package work has been delayed as I decided to rework the way that encrypted fields were being handled (which will also be applied to the attached files for consistency).

I will be reworking the Message package to use the new encrypted field implementation before I start on the Blog package (a delay of perhaps a week).

One thing that anyone following this project will discover is that it is not being rushed (nor is it chasing VC funds that would probably force it to be rushed). The project actually began many years ago as an example of a new way to create 3-tier web applications and is now evolving into a new way to create blockchain applications.

For signing offline txs in a 100% air-gapped manner (no USB or other wire connection) you might find this useful: https://susestudio.com/a/kp8B3G/ciyam-safe
(although it isn't the easiest thing to use admittedly).

Doh! There is a way that it could be done though (as I dealt with this stuff many years ago with Windows apps) and that would be to have an override default .conf file that would be placed in say the Windows directory (this would of course require code changes to achieve and would be Windows specific and would perhaps be a lot of mucking around just for Windows so I'm guessing that won't be considered).

It is a bit annoying that it doesn't behave nicely when already running (I would think that something should be able to be done about that issue).

Copying and pasting the address and then the amount is going to perhaps be the only workable option (unless you want to muck around with the registry which is probably not a great idea unless you are confident in doing so).

Did you try it with your D: drive version already running (i.e. are you ending up with two bitcoinqt.exe's running)?

Basically the problem is going to be that it is acting like a typical "launch an external application" which of course won't be running your shortcut version.

If it is possible to get the "datadir" into the .conf file then that might be the best solution (I'm not sure if that is possible yet as I know that it wasn't in the past).

Yes it is - do you understand that the question does not mention "private key" but instead "public key" or did you simply not read it?


Unfortunately it is you (and most other posters in this topic) that are causing the mess and confusion by not even bothering to read the OP.

To the @OP - unfortunately this is why this forum is no longer very useful for any sort of technical advice.

It seems that those replying so far do not understand the difference between a public and a private key.

The answer is *of course* a Bitcoin address can be determined from a public key as it is basically just a base58 formatted version of a cryptographic hash of the public key.

What you can't do is go from the Bitcoin address back to the public key (as cryptographic hashes are not reversible) and the public key of course can't be used to do anything like a tx without also having the private key (which cannot be determined from it).

I think that is supposed to be sue (not your mistake - it is like that in the article itself).

For some reason he seems to think people can only get or use BTC by mining (rather a stupid mistake for a professor to make).

Personally I am beginning to wonder whether the rules about coin age and dust should be re-evaluated as what has mostly been seen when the blocks are near to full is loads of tiny txs (as this type of attack can still occur even with larger blocks).

The cheapest ASIC equipment all comes from China - it also has very cheap electricity (which is why more than 50% of the mining power is in China now).

Iceland would have the cheapest electricity of all though (but it would need to import the ASIC from China which I understand has been happening).

Certainly I don't want to see Bitcoin being centralised to any one country so I do hope we'll see mining being performed throughout the world.

Huh?

I think you are not understanding how Bitcoin works (unless you think that reversible equals playing with tx malleability or low fees).

Well - I'm not sure what is the best solution but a US only solution would actually spell the end of my interest in Bitcoin for sure.

Bitcoin's best feature is that you can send txs to anyone, anywhere in the world - I'd hope that should remain its main focus (as nothing else does this as easily or as cheaply).

Transaction pending makes a lot of sense (and nice to see a constructive post from an ad-sigger).

You have read that Thailand is looking to introduce its own version of the GCF and that other countries are starting to do the same (can't blame them as the NSA has been spying on everyone in the world so the rest of the world is now wanting to slow access down to the US and its allies)?

South Korea being still a big supporter of the US is unlikely to change its approach anytime soon but some of its neighbours are less likely to follow its lead IMO.

You make good points in terms of terminology @shorena but I guess my beef with the "double-spend" term is that is actually the "very crux" of what Bitcoin actually does (i.e. it solves that problem).

So if the public perception is that Bitcoin can be "double-spent" then in the public's mind Bitcoin hasn't actually achieved anything at all!

One thing I think you need to be very careful of when you decide upon this is just how getting rid of arbitrary restrictions could actually cause severe centralisation.

Already miners in China has resorted to using an SPV approach due to the GCF (Great Chinese Firewall) slowing down all international internet traffic. So if all limits are removed then you have just removed the world's 2nd (soon to be 1st) biggest economy from even participating in mining. Is that a good idea?

And if you keep going in that direction then Africa is killed and India then Australia and eventually Europe and South America and you are pretty much just left with the US and Canada (I am guessing the region where you probably come from).

Non-local txs are now treated basically like local txs until confirmed (making the UX much quicker).

Attached files are also now working with the CIYAM blockchain and if they are identified as being "private" then they are automatically encrypted and decrypted.

Work has begun on the blockchain Blog package which hopefully will be nearing completion by next week.

I like "conflicting transaction" but not "to conflict-spend" (the latter just seems rather hard to understand).