|
That's what I want to avoid. Anyway, if there is no other way, do you know where can I find a torrent file with the blockchain?
Thank you.
|
|
|
|
|
Hi,
I was using bitcoin-qt 0.10.0 and it worked so far but now, it always fails. This is the last part of the debug.log file. In the end there are two ERROR entries.
2015-04-20 01:53:44 Bound to 0.0.0.0:8333
2015-04-20 01:53:44 init message: Cargando el índice de bloques...
2015-04-20 01:53:44 Opening LevelDB in C:\Users\****\AppData\Roaming\Bitcoin\blocks\index
2015-04-20 01:53:44 Opened LevelDB successfully
2015-04-20 01:53:44 Opening LevelDB in C:\Users\****\AppData\Roaming\Bitcoin\chainstate
2015-04-20 01:53:44 Opened LevelDB successfully
2015-04-20 01:53:56 LoadBlockIndexDB: last block file = 252
2015-04-20 01:53:56 LoadBlockIndexDB: last block file info: CBlockFileInfo(blocks=244, size=95301518, heights=350714...351103, time=2015-04-04...2015-04-07)
2015-04-20 01:53:56 Checking all blk files are present...
2015-04-20 01:54:09 LoadBlockIndexDB(): transaction index enabled
2015-04-20 01:54:10 LoadBlockIndexDB(): hashBestChain=000000000000000001bd8a044a084bbee53c8a6b7bb118145f71c31edab15764 height=350919 date=2015-04-06 02:53:23 progress=0.976874
2015-04-20 01:54:10 init message: Verificando bloques...
2015-04-20 01:54:10 Verifying last 288 blocks at level 3
2015-04-20 02:09:31 ERROR: ReadBlockFromDisk : Deserialize or I/O error - ReadCompactSize() : size too large
2015-04-20 02:09:31 ERROR: VerifyDB() : *** ReadBlockFromDisk failed at 350690, hash=000000000000000013290aecbe160e27e4d92b71dd2e397e9a8abeaee85ac7ac
What can I do?
Thank you.
|
|
|
|
|
Bitcoin is not so big right now to raise any serious warning so, govs will let it run for some extra time. Basically black money moves across banks and tax havens and bitcoin is not comparable with those traditional mechanisms.
US / Europe are not stupids, they know that law enforcement agencies can deal with illegal activities using bitcoin or any other currency. What they'll want is tax bitcoin and that is not a bad thing, in fact if govs tax bitcoins then they are saying they have a value, are legal and that would be the best for bitcoin.
|
|
|
|
|
Yes, it is confirmed! I saw it this morning. Excellent!!!
|
|
|
|
|
Congratulations, Nicolas! I have to read it.
|
|
|
|
yeah now there will be dozens of people running these kinds of scripts looking for exploitable transactions.
There are dozens of people running different kind of scripts for all kind of purposes. I did it for self education and others with the same curiosity can do it too because the protocol and the maths are on the public domain. Another important point is that this robot is useless because it looks for an old and very specific problem that happened almost a year ago. the days of johnoe are unfortunately over, coins lost this way will not be returned
The good old times of Johoe. System must be secure and we have to work with that goal in mind, we cannot base all our hope in johoe, superman or robocop, we must build a reliable system in part with tools like this one which could be a ble to detect problem earlier and save money without any superhero intervention. |
|
|
|
Here you have the calculation explained: http://bitcoin.stackexchange.com/questions/25814/ecdsa-signature-and-the-z-valueIn code, it is:
private static BigInteger CalculatePrivateKey(BigInteger m1, BigInteger m2, BigInteger s1, BigInteger s2, BigInteger r)
{
var q = BigInteger.Two.Pow(256).Subtract(new BigInteger("432420386565659656852420866394968145599"));
var m1m2 = m1.Subtract(m2);
var s1s2 = s1.Subtract(s2);
var s1s2_inv = s1s2.ModInverse(q);
var k = m1m2.Multiply(s1s2_inv).Mod(q);
var t = s1.Multiply(k).Subtract(m1).Mod(q);
var prk = t.Multiply(r.ModInverse(q)).Mod(q);
return prk;
}
|
|
|
|
|
It seems that Ben Lawsky didn't read the bitcoin foundation comments because he still speaks about "virtual" currencies instead of "digital" currencies.
|
|
|
|
I've been studing bitcoin for a couple of weeks and I was able to understand it (partially) after creating some little and useless tools (that's how I learn new things) so, I was very surprised by the bci issue and all the technical discussions about security especially about ECDSA and how to get the private key from the signature that reuse the same R values. In fact in for a while I though there was a robot stoling bitcoins and that idea hit my head all the day so, yesterday I created a bitcoin transaction sniffer (a tcp sniffer that filters the 8333 port) that watches for transactions sent to my full node and checks if two or more inputs are reusing the same R value in the scriptSig, if there is a reuse then it calculates the private key and imports it to the wallet. I know it sounds like a hacking tool with no good intentions but currently it is a harmless tool and an example about how to obtain the private key from two signatures that are reusing the same R value (the math is interesting). It can be used for other kind of realtime transactions analysis and the idea to implement it with a sniffer instead of doing a fake node could be useful too because we can analyse the traffic and collaborate with the network at the same time. Here you can see a console output when it is sniffing the tcp/ip traffic for incoming transactions.  And the code is in github https://github.com/lontivero/BitcoinWatcher.git |
|
|
|
They were sent to this address at approximatly 00:50:20 GMT 1M77fUCzQrmY8jHRRgpzDVPAK5eQ31bwxZ
Within 17 seconds of me depositing 100 btc into my account they were stolen and transfered to another address without me even being logged into the blockchain wallet servce.I robot that scans new transactions (timestamped or not), awsome!
|
|
|
|
It is just that, you know, there are 4 or 5 very known and annoying trolls that are a bit aggresive in this forum and constantly insult those that think btc is not a ponzy scam. What is really wierd is that they use their time and effort creating new accounts and opening discussions with the plain intention to let you know that you are not selling your bitcoins because your are just an idiot.
Is there something behind the trolling or are just idle people?
I agree OP...and it's not just here. I don't know if it's that the subject is money and that's what brings out the strangest inappropriate behavior from people who would never act that way in real life (sober) or the cognitive dissonance arising from the deeply held belief that money must be issued by governments, but what ever it is, it is really weird. Is someone bankrolling theses weirdos? I doubt it. That said, a good lesson to learn (one that I'm still learning) is to not feed the trolls. It's more than a cute saying. Not responding is by far the best thing to do...although i must admit, I love your self moderated topic...moderating and locking are the best weapons against the trolls. I've put up with a ton of trolling elsewhere, so I did some digging to try to understand the mindset that drives people to act so rudely...I found this really insightful: https://bitcoinfoundation.org/forum/index.php?/topic/1028-article-i-found-insightful-on-trolling/I got it, I really did not realised that I was feeding them with this topic. Thank you. |
|
|
|
|
It is just that, you know, there are 4 or 5 very known and annoying trolls that are a bit aggresive in this forum and constantly insult those that think btc is not a ponzy scam. What is really wierd is that they use their time and effort creating new accounts and opening discussions with the plain intention to let you know that you are not selling your bitcoins because your are just an idiot.
Is there something behind the trolling or are just idle people?
|
|
|
|
|
Replacing low fee transactions by higher fee transactions is possible and is up to the miners however that can kill 0-confirmation transactions because we can propagate a low fee tx and hours after that send another tx with higher fee then miners will prefer the second one and confirm it.
I know 0-confirmation tx are never valid but they are useful for small amounts but if tx replacement is perform by miners based on fee then 0-confirmation tx are riskier than before. I know I am not an expert and I can be wrong.
|
|
|
|
The prng code is 30 lines. It was trivial to resolve the few syntactic differences by hand.
Hmm... I used to test potential employees with less than 30 lines of C++ that only one out of one hundred understood perfectly so I guess that you must be an extremely good programmer.  But a C++ program is a C program encrypted with a very strong encryption method.  +1. It is my favourite write-only language after perl  |
|
|
|
In case of "bank" no way than use unique address for every customer. Combined with no-sql-database it should work pretty fast.
I think that is the more natural approach but it is not a good idea. 1) reuse addresses is never a good idea 2) all eggs together sound dangerous if they are in a reused address It could be an acceptable approach if he can move the biggest part to a cold wallet |
|
|
|
|
@amaclin the problem that I see with all companies providing bitcoin services is that they introduce almost systemic risks in the bitcoin ecosystem. I mean, even when this is not a systemic issue, it is big enough to be an *almost* systemic issue. That is not good, sadly.
|
|
|
|
Interesting observation from that paper I don't remember ever seeing before: Another slightly related security issue also arose from the fact that k has to be chosen by the signature algorithm. If two values k1, k2 in two different signatures have a known linear relationship k2 = ak1 + b with a, b ∈ Z, the private key d can be extracted from the two signatures without the knowledge of the values k1, k2, since it results in two linear equations with only d and k1 unknown. It means that two R values don't have to be identical (reused) for their private keys to be breakable, it's enough for them to be "close" to each other, so that R 2 can be found adding G to R 1 relatively small number of times, few million for instance so it would be implementable in practice to check the neighborhood of every R value ever used against the complete set of R's. I know that two R values in theory should not ever be close to each other if RNG is decent, but we see in practice that not only they are close but often identical. That is what I was talking about all the day, they don't have to be identical at all and that why nobody will realise about the "bug" except the developer who introduced it. |
|
|
|
|
Show Posts
