So it's possible to switch "on the fly" to a new hash function? Wouldn't all the old transactions then be compromised (because they could be trivially recomputed)?
SHA-256 has already been weakened by a factor of 16 (according to my friend. I can't find documentation on that, but I trust him). That's 16 out of 2^256, so not a huge deal, but still.
|
|
|
Thanks Gavin. Glad to help.
|
|
|
A mathematician friend of mine pointed out that there are very few if any hash protocols that have survived for 10 years or more. What would Bitcoin's solution be if SHA256 were to be cracked tomorrow?
|
|
|
Gavin, you should set DEBUG = False in your Django settings next time. I hit some kind of exception page and it gave me your secret and the URI of your JSON gateway. I'll send your bitcoins back to you if you'd like. I'm emailing you.
|
|
|
Are you verifying their information before you issue the certificate? Or are you just signing anything that somebody gives you 100BC for?
|
|
|
It would be interesting if we could find some way to make this distributed like the Bitcoin client. I dunno if that's even close to possible, but it would be cool if it were.
|
|
|
So basically, you're running Bitcoin on a VPS and using an HTTPS connection from App Engine to signal it what to do? Why not just host the site on your server?
|
|
|
Sure, but Apple would likely not accept it.
|
|
|
I think a nice feature would be the ability to keep multiple Bitcoin "accounts" in your wallet.db. Perhaps one account for spending money, one to save for your monthly payments, etc etc. You would then be able to choose what account each receiving address fed into.
It would be nice for people like gavinandresen who is running [link=http://freebitcoins.appspot.com/]The Bitcoin Faucet[/link] or casino operators. That way, the casino's "bank" or faucet's "tank" or whatever could be kept separate from other coins in the same wallet.
|
|
|
Showing the number of Bitcoins available is on my TODO list. I just checked and the balance is up to 1,135 (thanks to whoever donated!).
I got 5 then felt bad so sent you 50 back And right now it is 5 bitcoins per IP address (not bitcoin address). Not per-day-- just 5. I want to start out conservatively, I will loosen it to 5 per (day?/week?/month?) if people start having lots of trouble because they get a dynamic IP address from their ISP that already got some.
My mistake. I don't see that being a big problem. Perhaps have it reset every week? I doubt you'll be hard-pressed for coins, at least for now. To make that tougher I could make it 5 bitcoins per IP AND 5 bitcoins per bitcoin address (so they couldn't have all the bots in the botnet using the same BC address). That actually wouldn't help much. It's completely trivial to generate a new address per transaction (with JSON-RPC). If I were coding a botnet, that's how I'd do it. Adding a CAPTCHA might be wise if you notice problems, but for now I doubt you have much to lose by skipping it. Just out of curiosity, how did you build that on the App Engine? Could I possibly see your source? I might set something similar up on my local server. As I understood it, you can't make any sort of outbound request from app engine, though. So how do you send the coins?
|
|
|
FATAL: Module xt_owner not found.
It's not a big problem at the moment. I'd still like to see authentication and wallet encryption in bitcoin in the future. Also, if I were root, couldn't I just sudo su - <USERNAME> and evade the owner check in iptables?
|
|
|
Yeah, using only the IP is somewhat unsecure, but it's better than nothing.
I wonder if it's possible to generate coins on app engine...
|
|
|
Couldn't someone just keep making new bitcoin addresses and drain your system?
You should at least toss recaptcha on there.
It only gives 5 coins / IP / day. I dunno if it also checks addresses. But it's true, a good captcha wouldn't be a bad idea.
|
|
|
That's true. It is getting to be time for a new release. Maybe Laszlo's performance patch will make it into the svn too?
|
|
|
iptables -A OUTPUT -o lo -p tcp --dport 8332 -m owner --uid-owner root -j ACCEPT iptables -A OUTPUT -o lo -p tcp --dport 8332 -j REJECT
Oh sweet. I didn't know you could do that. Setting the UID to my username will block the packet for everyone but me (and root, obviously), right?Not working for me. It gives the error: iptables: No chain/target/match by that name.
|
|
|
I really like that. Do you think it would be good to post when the number of bitcoins left is below 200-300? That way people like me could donate to it to help keep this going.
|
|
|
Is there some way this might be recast as a file socket (I suppose Windows would be an issue) or with some sort of security?
At the moment, the lowliest user on any of my machines can happily make a completely unauthenticated SendToAddress call and empty my wallet.
|
|
|
That's a very pragmatic answer. I like it. However, how would that work with the combined IP / Bitcoin Address URI (URN? URL?) scheme described here? [link]http://bitcointalk.org/index.php?topic=158.msg1322#msg1322[/link] I know it's been nearly a month, sorry.
|
|
|
I don't see why these two ideas are mutually exclusive, although I'd assume implementing SSL/TLS is not trivial. We do already link to the OpenSSL library, so I don't know. I personally would prefer a urn scheme to handle a bitcoin address. urn:bitcoin.org:19vcWM6EEbQHVdN2W8NXv9ySgsPjbZ6gU3@12.34.56.78
That would be perfect, although I would prefer to use the hostname on the right side. Of course, I'm the kind of guy who might shop at thenerdsshop.com For grandma, the entire bitcoin concept is pretty confusing at the moment. Even neglecting all the technical details, the UI still shows a huge string of numbers and letters (your receiving address) and best practices currently require you to deal with that every time you give someone your address. Another option is to use something like what OpenID uses: hidden tags on the store's (hopefully SSL) site. Then you could just enter a site's URL as the receiving address. It would hit that site, search for something like <link rel="bitcoin.address" href="19vcWM6EEbQHVdN2W8NXv9ySgsPjbZ6gU3"> <link rel="bitcoin.server" href="12.34.56.78">
Or some other form and try to send securely to that.
|
|
|
|