Show Posts
|
Pages: [1]
|
Thanks so much San1ty for posting your bot for us all! ![Grin](https://bitcointalk.org/Smileys/default/grin.gif) I'll be taking a look at the code when I get a chance... Until then, would you mind posting a couple screenshots of the bot in action? ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
I would chat with ChuckOne ( https://nxtforum.org/index.php?action=profile;u=140), he seems to be willing and able to work on this project and showed a lot of interest. I can assure you the bounty is real and legitimate, and would probably be placed in the care of Anon (escrow) once there was some commitment. Thanks for the reassurance, some escrow would give me faith in the bounty. I'll see if ChuckOne is interested.
|
|
|
Thanks for the info! Figured it must be a founder (assuming it's all legit) I think we should move this discussion to somewhere on nxtforum and see what other people have the interest (and ability) I am thinking a large project like this would probably take more than one dev. Two might work. I mean, really, this feature is the Holy Grail of crypto. ![Grin](https://bitcointalk.org/Smileys/default/grin.gif) I would want to know who I'd be working with and to speak with whoever is putting up the NXT. The problem with doing such a big bounty like this is there is really nothing keeping the poster honest at the end of the day... It's a big leap of faith for a long project.
|
|
|
Can anyone verify the above two links (cryptopapers and crytowallets) are safe to use as coin storage? My biggest fear (and no offense to those posters/sites) is that it's just a scam to steal my coins lol. I saw this thread in the newbie forum: https://bitcointalk.org/index.php?topic=520767.20 where a post recommends a wallet and people immediately knew that it was a scam. I, on the other hand, would never have known because every suggestion is news to me. So being very new, of course I'm just skittish. I am just trying to figure out the best way to store bitcoin and a handful of altcoins for the longterm. I am thinking a paper wallet, but am not even sure what that is (is it the same as cold storage?) and am trying to figure out if I need one paper wallet per type of coin, or if there's something that will store all my coins together. Can someone also expand on the comments above regarding a USB stick? You store addresses on there? What do you mean by "addresses"? ![Embarrassed](https://bitcointalk.org/Smileys/default/embarrassed.gif) Thank you much!! I can't speak for cryptowallets by my application is completely legit. You are completely right to have this worry and i recommend that anyone with these concerns run CryptoPapers fully offline. We are still in Closed Beta but very soon we are releasing Open Beta to the Chrome App Store and GitHub. Read about all of the advanced features that will be available here: https://nxtforum.org/cryptopapers/---- Let me try to address your questions. - Yes, paper wallets are considered cold storage - USB sticks are a good way to store coins but they are vulnerable to EMPs unlike paper, which is a very small risk depending who you ask but worth mentioning. - An Address is just the public facing side of your Private Key. All coins are set up so that you can't spend from an Address unless you can properly Sign a Transaction with the correct Private Key. (For those of you that want to get technical you turn the Private Key into the Public Key using a Public Key Cryptographic Curve called secp256k1. The Public Key is then turned into an address by running it through SHA256 twice and then RIPEMD160 once, then converting it to Base58Check)
|
|
|
My bounty is still active.
Hi, Glad to hear it. What is your connection with NXT if you don't mind me asking? Also, was proof of that much NXT posted somewhere? I have some ideas how a cross-chain trustless system could be achieved but they are very out-of-the box ideas. I hope this will not be a problem. If this were simple it'd already be done ![Wink](https://bitcointalk.org/Smileys/default/wink.gif) Should we be talking about this on nxtforum? There are some users there that may want to help contribute to solving this challenge. Cheers, - Fractal
|
|
|
Is this bounty still active?
Who put up the 3-5M? Was it you pinarello?
I would give this my best shot, and find some others with cryptographic / programming experience to see if this can be done.
|
|
|
Along the same lines of this project: http://cryptopapers.comBeta just got released, 25 coin types so far, tons of advanced features.
|
|
|
I also wanted to add, that while there weren't many more noteworthy features to announce at the time of his original post, we can now include the following, already done: - BIP38 Encryption / Decryption for all coins - 8 different variations of wallet including circular, credit-card sized, and coin-shaped - Over 250 backgrounds - Color shift, allows you to change the color of any background to whatever you want (Chrome only) Coming Soon: - Vanity address creation - Split-key addresses (addresses requiring 2 private keys to spend) - More: Vote for which features you want to see the most- http://cryptopapers.com/feedback/
|
|
|
- RNG Generation: Entropy collection based on mouse movement
Not exactly a stellar feature. The problem with mouse-based entropy is that a mouse is controlled by a person, and people are pretty bad at being random. For a demonstration of this, have a go at the machine here. This is something that should probably be known about and compensated for before making claims about advanced features. You're right, it's not a stellar feature - it's an Essential feature! (and one we thought was worth mentioning) I would fully agree with you if we were talking about keyboard-supplied entropy. However, mouse entropy is a lot better and this is why all the paper wallet generators do things this way. I'm not sure if this is getting too technical - but here's how the Entropy process works: The system starts out with data about your current time, browser, environment, etc to use as the starting RNG Pool. The pool is then further randomized with between 300 and 400 points of not just mouse coordinates, but the exact time the event was hit. Each coordinate point is then multiplied together and is factored down to 16 bits of data, per coordinate, plus an additional 32 bits from the time. Collecting 300-400 coordinates is enough to go through the pool for several passes. The process of guessing keys that were generated in this way should be no easier than brute-forcing *coin addresses at random. ------ Also - the Beta is live! Head to http://cryptopapers.com to sign up!
|
|
|
Great news for people interested in altcoin paper wallets: CryptoPapers.com is an offline paper wallet generator that we are about to release Beta for in the next day or two. 25 supported coin types so far - more on their way! Bitcoin, Litecoin, Peercoin, Dogecoin, Namecoin, NXT (Coming Soon), Mastercoin, Primecoin, Auroracoin, Vertcoin, Mintcoin, Counterparty, Feathercoin, ProtoShares, Quark, Cryptogenic, Datacoin, Devcoin, Digitalcoin, Infinitecoin, Ixcoin, Memorycoin, Novacoin, Terracoin, Worldcoin, Zetacoin In addition to all these coin types, CryptoPapers will have many advanced features including customizable backgrounds, wallet shapes, BIP38 encryption, integrated security dashboard, and more! Sign up for Beta: http://cryptopapers.comIf you'd like to encourage development of this project any amount of donation is appreciated: http://cryptopapers.com/donateThanks and stay safe!
|
|
|
Oh, I see - the loading screen. Yeah, I got that, too - didn't even think about it. At first, I thought it might be me, so I checked with a VM machine using Firefox instead of Chrome "with some urgency." ![Cheesy](https://bitcointalk.org/Smileys/default/cheesy.gif) Heh, sorry about the scare. ![Embarrassed](https://bitcointalk.org/Smileys/default/embarrassed.gif) DNS attack shouldn't be able to adequately forge SSL certificate in most reasonable scenarios (though it's happened outside cert keys just being stolen/compromised - google comodo attack, allegedly done by a single guy). DNS attacker who was really specific (targeting crypto users, maybe) would probably just self-sign certificates for fake crypto websites and hope you click through the browser warnings (so to answer your question - no - or at least "no, I don't think so."). Idunno SSL cert mechanics well enough to fully answer you, though. Yeah, I'm fairly certain they would need the keys to forge data... Unless you run Safari or iOS http://www.macworld.com/article/2099987/what-you-need-to-know-about-apples-ssl-bug.htmlThough I wouldn't completely write off the possibility that Gox had their keys stolen- at least this panic has a happy ending not requiring me to reinstall any of my machines yet again.
|
|
|
i think this might have been done purposely to deceive in to thinking gox is coming back.
Yes, though this thread has been entertaining, this is not what I'm seeing for HTML source. In all seriousness, there's a fair chance your web requests are being redirected by malware or a malicious DNS server if you're not seeing that. What are you seeing? It has the SSL certification icon when you connect? (my troll hat's genuinely off) Haha! You caused me to have a good freak out there, but I've figured out what's going on. The first clue was that this was only happening to me in Chrome. (I have Chrome in super locked down mode with cookies and javascript disabled by default) This is what I was seeing: <html><head><title>MtGox.com loading</title></head><body><p>Please wait...</p><script>function xdec(data){var o="[bunch of random text]=";var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,dec="",tmp_arr=[];if(!data){return data}data+='';do{h1=o.indexOf(data.charAt(i++));h2=o.indexOf(data.charAt(i++));h3=o.indexOf(data.charAt(i++));h4=o.indexOf(data.charAt(i++));bits=h1<<18|h2<<12|h3<<6|h4;o1=bits>>16&0xff;o2=bits>>8&0xff;o3=bits&0xff;if(h3==64){tmp_arr[ac++]=String.fromCharCode(o1)}else if(h4==64){tmp_arr[ac++]=String.fromCharCode(o1,o2)}else{tmp_arr[ac++]=String.fromCharCode(o1,o2,o3)}}while(i<data.length);dec=tmp_arr.join('');return dec};document.cookie=xdec('[More Random Text]').replace(String.fromCharCode(0),'').split('').reverse().join(''); location.href='/';</script></body></html> So you see, they set a cookie before refreshing the page. End panic mode. Seriously though, thanks for the heads up. Everything checks out SSL and DNS-wise. Correct me if I'm wrong, but DNS attacks couldn't actually forge data under SSL, could they? (Unless of course Gox's server keys were compromised)
|
|
|
i think this might have been done purposely to deceive in to thinking gox is coming back.
Yes, though this thread has been entertaining, this is not what I'm seeing for HTML source.
|
|
|
Did Gox Verify some of your accounts so they could withdraw your USD, and forget that the email notification was turned on??
Anyone else get a verification email?
|
|
|
Count me in!
Transaction: c2938a01293e6dfb8d008c5dab8f7c8790104e46f1fe75d8732beb56d5203d4e
|
|
|
|