-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release 0.8.7 http://download.nxtcrypto.org/nxt-client-0.8.7.zipsha256: e2322bd01fe303d74511b377468f1ceaf51d623dc41f6f3044c22146d883911a Change log: Fixed unconfirmed balance calculations for the genesis block account. Fixed the display of the genesis account balance in the NRS UI. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJTGH8pAAoJEFOhyXc7+e2AQ00P/216yArWoDXO3sk+F8Edspyu hl5wFmmdlFyECs/qlqg0rbn2vyAYgPFKFC3I2bjBM67V/pl0+W4h3BaQeHlm7gDs ihotgNg6yNwrGfU7I9Gtxdz5aLSArLMPTyDhNWWlx3Vvkq86RZMjFWk6Wylk9nEy a7CvEOzlUbG3PlcYoGyu9fI7826ME3STwZ7Ty8XqHAQUs896GteOVyJv+qTzs3gq pLspROOkeWTKecLedZ612v7lQRx7JLEN8CGQPAqaL2tGe9pqsgzhCo3yTcCN+9mk I15omJ7L4r8Xkp0h20mrIZGS6eGFOzo5kvbsIc8WaMA1KyolWcF4Pqas4hBAXMGT MsI+z0puGlo39Y5E4K2dSwLg7cul0ObAIhNUb2S72fx+4zX7QgQFl4vXp08GGUNO p3V5ifDgntfkEAepJ66SdPzcRQGS5DntmB8JUgEQjdiBtNiWtmMfknqUrd/PLLgY H/8QSDUSeVMaSwLZ1eO/oe+4ggJG8goJGB7yEkt6NfAEfgKT+Rsp6xJkhO9Md+CY LVA9wH6DRm8MQcWOj9BYavuNp/LaCP1YnJm0zViZ8+OWPbTIX8OZGToTSWVPWrh7 IdEFXhSOegkDP3n20E/okNsg4nNg9qcuYp1Z5UcaEJYCBrpHPmAnkz04cXLCNRzA 0sAlxddD0yaP5qb9VACq =ojEb -----END PGP SIGNATURE-----
|
|
|
Jean-Luc How to get rid off of unconfirmed transaction, staying here for a long time? http://217.17.88.5:7875/Did refresh also restarted node, nothing helps. Do I need to reload blockchain from scratch? It will never be confirmed because it is not valid. It is a special case that I will fix in 0.8.7.
|
|
|
What are all these [2014-03-06 02:30:59.520] DEBUG: Blacklisting 162.217.203.172 because of: Signature verification failed [2014-03-06 02:31:02.545] DEBUG: Blacklisting 162.217.203.150 because of: Signature verification failed [2014-03-06 02:31:06.698] DEBUG: Blacklisting 162.217.202.154 because of: Signature verification failed [2014-03-06 02:31:10.839] DEBUG: Blacklisting 162.217.203.28 because of: Signature verification failed [2014-03-06 02:31:17.579] DEBUG: Blacklisting 162.217.202.172 because of: Signature verification failed [2014-03-06 02:31:22.727] DEBUG: Blacklisting 162.217.204.40 because of: Signature verification failed
on testnet ? This is why we had to reset the test blockchain. Because of the bugs in AE balances, a block must have been generated by an account that didn't have enough balance, when calculated correctly, so the 0.8.6 nodes started rejecting this block. And very many [2014-03-06 02:38:36.204] DEBUG: Dropping invalid transaction nxt.NxtException$ValidationException: Asset aaab already exists
Why this "aaab" thing is repeating? I see "AAAb" asset, is somebody constatnly trying to register "aaab" and fails or is "aaab" somehow stuck in blockchain? Those are harmless, the unconfirmed transactions are stuck in the unconfirmed transactions pool of still active 0.8.5 nodes. They will eventually expire. 0.8.6 nodes should drop such transactions from their unconfirmed transactions pools, if this continues to happen even after we have no more 0.8.5 nodes on test net, I will look into it again.
|
|
|
Give the applicant a real life scenario to work on. Something that has to be done for Nxt. A small part of a bigger task. So you can assess if he/she is good enough to be in the core dev team.
Realistically, somebody faced with unfamiliar code cannot just jump in and start adding features. Even if he succeeds in doing it, it will look like a patch, an if/else hack, because he would be missing the big picture at first. In a real company, a new programmer usually starts by just fixing bugs, for a week or two. Then, maybe start working on a feature that has already been designed and some skeletal work has been done on it. Or is very similar to an existing feature so that he can copy and follow the same design pattern (e.g., add a new transaction type which fits in the existing transaction types framework and doesn't need changing it). One would need at least a month of experience, getting familiar with the code, before being able to design and add a new feature all by himself. "In addition to Java developers, and in fact much more urgently, we need a good cryptographer."
Is that the same msin is working on with the review of the code? Or we need a cryptographer in our core dev team? Do you (or anyone else) have a suggestion whom we should approach?
I don't think that guy had time to actively contribute to Nxt all the time. We don't really need a 100% full time cryptographer, but somebody who we can consult with regularly, and who can stay reasonably up to date with the current state of Nxt. Most of the time we don't need to make changes that require consulting a cryptographer, but when we do, we need to have somebody to refer to. Like, when considering changing the TF algorithm, or when deciding if there is any risk in accepting the proposed fix for the signature verification failing.
|
|
|
You are right. Maybe he should directly call the method that also takes a Random as a parameter, and pass it his own instance of a SecureRandom.
|
|
|
I have also sent the html interface to jean-luc, hopefully it will be in the next version (it is in this NxtWallet.exe already)
I will not have time to make another release until Sunday at best. For now, people should install Wesley's client manually.
|
|
|
If you´ve read my PM, I am trying to help you build a core dev team...
Yes, I need to think about how this should be done. Before the source was public, the problem was how to decide who is trustworthy. Now that it is open, how do we decide who is good enough? Companies conduct technical interviews. Those will filter out the completely ignorant, but for more experienced people it becomes difficult to judge who is better. I am also not confident in my own skills as an interviewer, and also some good people perform bad at interviews because of the stress and pressure to perform. Especially for an open source project, I don't feel doing interviews is the right approach. For paid developers, we could consider trial projects, which they would do on their own fork of the repository, and if at the end we like the code and integrate it into the main repository, we accept them as paid developers. This would mean they would have to spend a few weeks without pay at first. Or, we can take the risk and do it as a one month paid contract, with the option of making it permanent. This would be something the NXTtechdevfund committee should discuss. I would need to research how other open source projects decide who to accept and trust, e.g. how the linux kernel development is organized, and see if we can adopt their project management practices. In terms of skill set, being a very good Java developer is the only requirement. The code does not depend strongly on any specific tool or library. We use a database, so some familiarity with relational database and SQL is needed, but there are enough areas of the code one can work on without touching the database at first. We also use servlets and Jetty, so again familiarity with servlets and the http protocol would be helpful, but most Java developers already have that. Good object-oriented design skills are essential. So is writing clean and maintainable code. For developers with main background in languages other than Java, I can tell immediately that Java is not their native language - I have seen lots of Java code that reads like C. The original BCNext code was very foreign too, so I had to rewrite lots of it. So for somebody coming from C/C++ background, if this is going to be their first Java project, they would need to learn a lot, so that the code they add actually reads like Java. In addition to Java developers, and in fact much more urgently, we need a good cryptographer. This person doesn't even need to be that fluent in Java, the language background wouldn't matter (well, he should at least be able to read and understand the Java code). But I don't have much cryptography background myself, so this is an area where we currently lack skills, especially after the departure of BCNext.
|
|
|
Why my public node seen in active peers window has red flag and shown as disconnected, while it is really live and I can connect to it from outside?
It will be shown as disconnected (permanently) if it cannot be reached at its announced address, or visible address in case it does not announce an address. It may also be switched to disconnected temporarily if a connection fails, but will appear connected again the next time it succeeds.
|
|
|
Are there any plans to publish the complete and actual source code somewhere in the near future?
I only found the source code of v4.6. Is ther something more actual available?
We only publish in the near past, this way we control the future
|
|
|
fractional assets also? If the comment field is not possible, I can work around that, but please let me know so I can plan accordingly.
Possibly, I will see what it takes for fractional assets. The comment field is an easier change, I will do that, but will have to reset the test blockchain again.
|
|
|
Is JL available for new dev core team consideration post CFB?
My understanding is that he is here long term JL, can you confirm this? The community is just trying to take stock of who is and isn't on-board for the months to come. Yes, I will still be here after CfB leaves.
|
|
|
about AE test
1. balance=2864 2. ask order (my asset) quantity:15, price=200(2nxt) fee=1 quantity:10, price=300(3nxt) fee=1 balance=2862 Ok 3. bid order (my asset) quantity:25, price=300(3nxt) fee=1 4.balance=2846 should be 2864-3=2861 so 2861-2846=15 is lost ( 25*3-15*2-10*3=15 )
test Ok in .8.6 cancelling a order, there are two results : e.g. 1. ask order quantity:5, price=100(1nxt) fee=1 wait a minute, confrimed. 2. bid order quantity:4, price=100(1nxt) fee=1 not confrimed yet 3. cancel the ask order two results: 2.bid order win ,confirmed before the cancelling ask order so order matched, and the left ask order cancelled ( quantity:1, price=100(1nxt))3. cancel ask order win, confirmed before the bid order so bid order don't change, ask order all is cancelled. test Ok in .8.6 So you are saying I have managed to fix that bug? Are there any known AE bugs that are still reproducible in 0.8.6?
|
|
|
jean-luc
If you can get asset trades denominated in other assets implemented, then NXT AE would be able to dominate all other centralized exchanges. Basically all cryptos supported by the gateway could be directly traded against any other crypto. It would be fantastic!
After trading, people could withdraw directly to their wallet whatever crypto they have assets for
I think this is a much bigger change than assets supporting fractions, but maybe its a conditional handling in Order.java for all the trades of an asset denominated in another asset. Even if BTC is the only other asset something can be denominated in, that would get us 90% of the benefit, but I think the way the code is structured, it would be almost the same work to allow arbitrary denominations based in other assets.
James
I will look into that after I am done with the rest of my near term plan. I need to prioritize features, and this is again not a simple change. Supporting fractional amounts is critical because it is needed not only for the AE.
|
|
|
about Asset Exchange test everything looks like ok. found a api error 1. getTrade OK {"trades":[{"timestamp":8778667,"price":200,"bidOrderId":"10668185170919619908"," askOrderId":"11342895551343357312","quantity":15},{"timestamp":8778667,"price":300,"bidOrderId":"10668185170919619908","askOrderId":"627868227848821830","quantity":10}]} 2.getAskOrder http://127.0.0.1:6876/nxt?requestType=getAskOrder&order=11342895551343357312 (this api don’t corret) {"errorCode":5,"errorDescription":"Unknown order"} askorder or bidorder api cannot return result. 3.getTransaction OK (use this api replace getaskorder api) http://127.0.0.1:6876/nxt?requestType=getTransaction&transaction=11342895551343357312btw i have issued some tulips(quantity=100). Tomorrow i will launch Tulip Bubble TEST, who earned most testNxt will win the match. I will donate 500 true Nxt to the winner. Was this order completely filled? If so, it has been removed from the system, so it is normal to get an unknown order. Trades are used to keep track of past orders that have been already executed.
|
|
|
Is there an open source software with an online interface which we could use for logging testcases and bugs? Something like JIRA?
For just keeping track of bugs, now we all should use the issue tracker on bitbucket, where the public source it. There are tools like Jenkins and Hudson, to do continuous integration, but we don't have automated tests yet so it is a bit early to look into those. For manual testing, writing test plans and keeping track of test results, somebody with more QA experience should speak up, I don't know what is out there. We need an organized QA team and testing more urgently than we need java devs. The QA people can start contributing productively much faster than a new java dev can get familiar with the code, so we would see real results from getting a QA immediately.
|
|
|
Just throw AE in the water... it will either swim or drown!
best test is production, if it breaks we can fix it.
If it drowns it will take the whole Nxt ecosystem with it. We cannot just roll back the production blockchain, the way we had to do yesterday with the test blockchain - I asked test nodes to delete their copies. We may have cosmetic bugs, but things like calculating account and asset balances have to be rock solid, otherwise it is free money for the lucky ones that first discover the bugs and run away after converting to Bitcoins. We had a bug where cancelling an asset order would give you back twice the original amount, imagine this on main net...
|
|
|
import org.apache.commons.lang3.RandomStringUtils;
private String generatePassphrase() { // No space, backslash, newline, tab String symbols = "!\"$%^&*()-_=+[{]};:'@#~|,<.>/?"; //$NON-NLS-1$ String alphaNum = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890"; //$NON-NLS-1$ int low = 70; int high = 90; Random random = new Random(); int count = random.nextInt(high - low) + low; return RandomStringUtils.random(count, symbols + alphaNum); }
Java.util.Random is not cryptographically secure. Change it to SecureRandom or people using Offspring to create Nxt accounts would be vulnerable http://stackoverflow.com/questions/11051205/difference-between-java-util-random-and-java-security-securerandom"Random only has a 48-bit internal state and will repeat after 2^48 calls to nextLong() which means that it won't produce all possible long or double values." This means all passwords created by OffSpring should be crackable. It's not secure at all In this case he is only using java.util.Random to pick up the length of the password, between 70 and 90 chars, so it does not need to be SecureRandom. Of course I hope the apache RandomStringUtils internally uses SecureRandom, this is where it would matter.
|
|
|
any date set for launch of AE yet?? or still to be decided?
I proposed the 13th march, and asked if not some one should step up and take ownership for the launch of AE. March 13th is not possible. I posted my plan some time ago: https://bitcointalk.org/index.php?topic=345619.msg5449690#msg5449690The test network is ready, the known asset exchange bug looks fixed, but more testing is needed to make sure there are no others. Now I need to start working on increasing the divisibility of amounts and fees, to allow for fractional amounts in the future, and I want to have this ready and tested before Asset Exchange is enabled on main net, because this type of transition would be really more difficult after AE is live. There is no time to do that before March 13th, end of March is more likely.
|
|
|
Looking at making Assets support fractions, I think it is a matter of changing:
quantity = Integer.parseInt(quantityValue); -> parseLong and making Nxt.MAX_ASSET_QUANTITY multiplied by 100000000
IssueAsset.java, PlaceBidOrder.java, PlaceAskOrder.java and TransferAsset.java seem to be the only places that needs to be changed other than Order.java lines 69 to 71:
private volatile int quantity; private Order(Long id, Account account, Long assetId, int quantity, long price) {
just need to change the int to a long
There might be a few other places as I have only just now started looking at this code, but I dont think getting fractional assets will be that hard at all. We would need to change the client code to multiply everything by 100000000, but I think it is worth doing to get support for fractional assets in AE
Wait, I at first thought you were talking about fractional prices which is what I am busy thinking about. You mean fractional asset quantities? Why is that even necessary?
|
|
|
As I said, I will approach the candidates once we have some names and know how the newcomers would be able to contribute.
Who is going to conduct the technical interviews?
|
|
|
|