i started the project before 2 weeks, so this is now just the begin. with the time it will grow and hopefully many people will join the hackathon. Its not so hard. Look at Hackathon #1, any person can easy learn this basics: https://bitcointalk.org/index.php?topic=998907



Thank you! Only couple hours left then we start it tonight! i hope you all come and join it.

I am sorry, my intention of this thread is only to make a benefit for the users/developers of bitcoinprojects overall..
i look for the correct board and move it. excuses.


yes agree. this sound strange to me. normally so skilled developers take care on this and think about this factors..

you are correct regarding the direct danger for bitcoinwallet. but this board is also for the development and technic discussion of general projects for bitcoin i think. so advice for security update should fit in. if not, please advice me.

and so i think service-maintainer must make the update (if affected openssl versions are used) because bitcoin-enviroments will be directly affected by the vulnerability.. True that BTC-core itself is not affected directly. but btc-services offline because a server get crashed by DoS is very bad i think. and many BTC-services are harmed/affected hardly by this downtime-risk.. so in my opinion when you run a btc-related service than you must rush for the update very fast.
operators of high-frequency service in darknet are in update-progress, and i hope the big btc-service in clearnet also make it.

and of course this is only my opinion. so i am thankful for other opinion and also other knowledge.


#EDIT: it s good when linux distros backport only the fixes which used to remove vulns . but i think most users apply patching manually without waiting for official updatepatch. spescially webmasters. and also not sure what is sense of reformatting in the SAME TIME??? why not only fix vuln and in next version increment reformat codebase?

development-team is working on high pressure and we have some little modifications still and final testings waiting for all developers for approoving the release. we will give information shortly.

but also can confirm the actual version v18 is working good, also the API is working good. so i am not so sure what is with polo, but i also have no information from the problem of polo.

#EDIT: BTC-Core/wallet is not affected directly by new openSSL vulns. But server can be attacked because of it through DoS and overload.. or also the second high serverity vuln is reclassification of FREAK attack and gives a risk so a bad certificate will be accepted by victim and then badguy can make the man-in-the-middle attack IF a NULL pointer dereference is triggered.

Referencing to https://www.openssl.org/news/secadv_20150319.txt i advice all user and service-maintainer to upgrade OpenSSL if you run online BTC-project.

Vulnerabilities: (red one is high severity)

OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291) affects OpenSSL version: 1.0.2 - upgrade to 1.0.2a!

Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k.
OpenSSL 1.0.0 users should upgrade to 1.0.0p.
OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

Multiblock corrupted pointer (CVE-2015-0290)
Segmentation fault in DTLSv1_listen (CVE-2015-0207)
Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
Segmentation fault for invalid PSS parameters (CVE-2015-0208)
ASN.1 structure reuse memory corruption (CVE-2015-0287)
PKCS7 NULL pointer dereferences (CVE-2015-0289)
Base64 decode (CVE-2015-0292)
DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
Empty CKE with client auth and DHE (CVE-2015-1787)
Handshake with unseeded PRNG (CVE-2015-0285)
Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)

source: https://www.openssl.org/news/secadv_20150319.txt

please take it serious!
ca333

3ShEKLHK7Z1HKjpwGp3XzijKe9sxHWkL5VdxBAT1Jq4wHd3zAtMgN17qQagQhTt8TLKpoQoRsLiTmmd 45vRFLHjh

sended 500.000 QORA to QgWfhvQJuYSGXTEq5g7zrr5SWZgFSt5cGw
Thank you for participating in the hackathon!

next hackathon countdown is running! www.satoshihack.com



THANK YOU soo much! next hackathon is this weekend. i hope you come here too. its same difficulty level this time!
so not so hard when already solved hackme #1.

the wallet of qora is PLATFORM-independent! So it work in ANY operating system.

i give you explanation:

1. Download v18 wallet folder. (unzip content)

2. then open command terminal. and cd into qora-folder

3. when you are in qora-folder only run command: ./run.sh


ps. we work in installer package (OSX, unix) for automation so only need double-click. will provide it for community VERY SOON!
its finish already but must confirm with all the team first and make final test.

we builded good core-team with experts in many fields. In examle i make the security expert and core support also with the core-development for many improvings for end-user and back-end. roadmap is now in work progress. we release this week when all devs from team approove.

scriptmastr is making mobile solution: http://www.qora2go.pw
and i have maked the API-bind class declaration.

so qora is going in good way now and will show this crytocommunity how a good coin must be coded and developed. So maybe we are little silent in this thread. But not because nothing happen. Its the opposite. MANY THINGS happen now.. and good devs is quiet for the moment he works.  

and we also involve the community more. when you have suggestion you can start a poll from the wallet and post in this thread also. then we from dev-team can see it and all can vote for your idea. and if you have any idea, also post in this thread if you want without poll.
then we see what user wish from us.

you can see the next competition countdown on www.satoshihack.com.
its coming weekend.


no still not sent. but its the confirmed winner. He sended me also PMs.

I think this mean you can put the information in the blockchain, but you don't add personal-data (name, social insurance ID,etc.). Only necessary information (i.e. from above: health data, clinical-report, age of the patient, etc.) is then stored in blockchain and can be analyzed by doctors and medi-research.


relating to above example i think when you store such data in encrypted format(with personal data), so you then can give the priv-key of encryption to the doctors and the doctors can then decrypt it to use the information. In this example you have data stored coded. so nobody can read it in the chain. But only the person with the privkey can read it.. so you only are "giving up" the data to who you want to be able to read it...


I think this comes in the future. But maybe in medi-research and alternative opensource communities with relation to medical projects.
Problem is when it comes to pharmaindustry its VERY PROFITORIENTED.... not always oriented in optimization of a process.
I think adapting a blockchain and make its parameters for this purpose can give other options. In example: The patient or owner of medical data or other private data to stored in the blockchain have his private-key and NEVER give it somebody else. But the doctor have a public key which is able to receive the data from a patient. So the data remain private @patient untill patient transfer it to PublicKey of doctor.
So this is maybe one option.. But i think many many other concepts can work for this.

Also i like this discussion, its interesting topic!
thank you!
ca333

yes is all correct but the DogeCoin test-net pubkey prefix is not correct. (https://github.com/dogecoin/dogecoin/blob/master/src/chainparams.cpp#L226)

Litecoin:
main: 48 dec = 0x30 hex
test: 111 dec = 0x6F hex

Dogecoin:
main: 30 dec = 0x1E hex
test: 113 dec = 0x71 hex

hope it help.
ca333

thank you i am happy you like it!

i make a new hackathon NEXT weekend. so i have one sponsor for one more hackathon. And in 2 weeks i make a bigger hackathon with bigger price and little more difficult.

i let the hackathon online. so when you want play again you can always.


and when you have general questions you can ask me here: https://bitcointalk.org/index.php?topic=993678
or in IRC: #satoshihack

THANK YOU ALL AGAIN FOR COME IN THE HACKATHON!

no sorry i make wrong explanation. i mean not alphabetical signs. i mean its maximal shifts is 26 from latin. so ZERO (ROT0) is also option when shift = ZERO.

so in the example we have. the ROT0(keyFromPhoto) you must make a ROT21(keyFromPhoto) for DECODE. because we have a ROT5 from ORIGINAL KEY.

EXAMPLE: I say ROT5 is hint. Now you take the CODE FROM IMAGE AND EVERY ALPHABETICAL SIGN YOU GO BACK 5 positions. So example:
5OEDrG8yU1ortreRJXeyVed24BDOatCGvok8PQDthB9M5wVBvCh
5JZYmB8tP1jmomzMESztQzy24WYJvoXBqjf8KLYocW9H5rQWqXc

rot26 is total number of possible shift.. and ROT5 is the hint in level 1. and it say back to the roots (revert it).

ROT5(originalkey) = key in photo. i also say often you must DECRYPT it. so its logical that is encrypted format....
so when you revert you have ONLY THIS OPTION: ROT26-ROT5 = ROT 21.

and it even have internetsites with it make it automatically (http://planetcalc.com/1434/).
#edit: so only google for caesar cipher bring you to the solution....
 
so ALSO WHEN YOU NOT SURE YOU CAN TRY IT BOTH. ROT5(key) or ROT21(key) when original key is encoded with ROT5


#EDIT: in IT we start COUNT ON ZERO. so ROT0 is also possible. we have maximum 26 shifts WITH ROT0..
so ROT 25 is max. i count 26 FOR POSSIBLY SHIFTS.

private keys associated with uncompressed public keys are 51 characters and ALWAYS start with 5. and we know that ROT5 is only on alphabetical chars! so then you know it start with 5. So only this option (51 chars) is left...

Congratulations! Post/Send me your QORA-address and i send you 500K Qora. also suggest hodl the qora. We work on it and price is already +20% in some day. It will make + many % in next weeks...

The next hackathon start next week because i find the sponsor now will fund new hackathon!

THANK YOU ALL FOR PARTICIAPTE!!! I hope you have fund in it and it make the brain hot! Next week i make similar difficulty. So come back!

LEVEL 1: the secret code is hided in the second JS-function. You MUST SCROLL DOWN.
LEVEL 2: The URL passes variable to PHP. You must change the variable "68934a3e9455fa72420237eb05902327" which is md5("false") and make it md5("true") = "b326b5062b2f0e69046810717534cb09". in example: http://www.md5-hash.com/md5-text-encrypt
LEVEL3: "<!--%67%6F%6F%64%6A%6F%62%0A%09%09%09-->" is hided in sourcecode. This is URL encoded string. You make the url-decoding: http://meyerweb.com/eric/tools/dencoder/ and it give you: "goodjob"

LEVEL 4: this is again a md5 hash of the value true. 1 can also be true. so md5(1) = "c4ca4238a0b923820dcc509a6f75849b"

LEVEL 5: The key is hided IN the photo. You open the photo in ANY texteditor or with cat/nano/vi/vim and you see on the end of the file:
"5OEDrG8yU1ortreRJXeyVed24BDOatCGvok8PQDthB9M5wVBvChn". so we now from level 1 the hint ROT5. This mean ROT5(originalkey) ="5OEDrG8yU1ortreRJXeyVed24BDOatCGvok8PQDthB9M5wVBvCh". the "n" is one character too much because private keys associated with uncompressed public keys are 51 characters and always start with the number 5 on mainnet.
so you only do it reverse ROT26-ROT5 = ROT21: i.e with: http://planetcalc.com/1434/ and you get real privkey: "5JZYmB8tP1jmomzMESztQzy24WYJvoXBqjf8KLYocW9H5rQWqXc"

IT S SOLVED. https://blockchain.info/address/1hackxBzktVKWn1FnkSBFoWQC1tWL9nFa

winner please post here. so you get the place in Hall of Fame + 500.000 QoraCoins.

a small hint: https://en.bitcoin.it/wiki/Private_key#Base58_Wallet_Import_format