Sorry, I don't agree! I don't see what can be good to burn coins! Maybe I don't understand well...
But many coins will be lost on other ways - for example in lost wallets...
I love that coins are NOT burned, but go as fee from one wallet to another!
The idea is that whenever you burn coins, the rest of the coins become more valuable. This is a way to pay a dividend to all QORA holders. In this way, whenever someone ran a service that lots of people were using, it would make QORA itself profitable, and these profits would be given to everyone who had QORA coins, because some coins were burned, making the rest of the QORA that everyone held more valuable. Many of the top coins on CMC use this idea: Ripple, Bitshares, NXT, Counterparty. I think Ethereum will as well. Its a great way to provide value to the coin and get people excited about investing in it. Thanks for the explanations! I knew that of course.... but the burned amount is so less... in my opinion it is much better to pay for services directly and if necessary the fee can be higher! The higher fee would bring more people to forge! we can also think so: qora is POS system and generate more value in the time. so why not burn some amount of it? so its always good balance for it and NO inflation happen... |
|
|
|
Wow this is all incredibly good news. Thank you and welcome to our new developers!
I have an idea regarding the Qora services that I think could be a big deal for Qora's future.
In some other coins, there is the concept of having the blockchain be profitable. For example, in Ripple, Bitshares, and NXT (3 of the top 10 coins), there are ways in which the currency is burned forever when the services of the blockchain are used. (There are also ways to pay dividends or yield on assets within the system, as another way that profitable enterprises can run in the blockchains.
My idea for QORA is: what if some percentage of the QORA which was spent on these services that we develop was burned forever, thus reducing the QORA supply permanently?
Even if the burned amounts are very small, this could generate a lot of excitement for the coin. This is the entire value proposition behind XRP (the ripple coin), as small amounts of XRP are burned whenever ripple is used. The idea of a deflationary, profitable coin is something that gets a lot of people very excited, and should gather us more support for QORA.
How I imagine this would work is:
There is a community standard that 10% (or some amount) of all payments for the QORA services are permanently burned.
This percentage could be configurable such that the person running the service could set the burn rate (higher burn rates would be more attractive to the QORA community, but if they person needed to burn 0% thats fine, as long as people support them). Alternately, it could be a fixed amount like 10%.
Service providers could either slightly raise their price, or just accept getting slightly less QORA, knowing that the process was very good for QORA itself and was increasing the value of their coins.
What we would need:
* A way for QORA to be burned permanently. Does this exist in the code?
* Code for service providers to set the burn rate of their service.
* Community agreement that this is a good idea, and agreement on what the standard burn rate is, or whether it is up to the service provider. (We could all vote on this in the voting system).
Do you all like this idea? Especially devs working on services, are you opposed to this, or do you like it? We definitely do not want to implement something liek this if it would alienate our developers.
If this is implemented, it could be a powerful idea for us to market to the crypto community to gain more QORA supporters.
yes is simple. only add unspendable pubKey linked to new sendbutton [BURN] and send tx to unspendable key. so its burned forever. i also think this is good idea! it will minimize cap and rise value. |
|
|
|
i am happy to believe and trust to Qora. it was bottom when i met qora but i believe its potential and it ll increase day by day
Hello QORA-user and QORA-team, the potential is very big. and with a team which work together, share idea together and MAKE THING HAPPEN TOGETHER. then the limit is nonexistent. I looked for many projects in last weeks, and have soo big interest for helping a coin and go in a OS community and cryptocurrencies project because i have big faith in the soul of OS. So now i find the a good project to also help! thank you for this chance in this project. i will put all things i make for qora in: https://github.com/ca333/qora/also you can see my other projects i make or see my posts in bitcointalk so you see what is my interest and hobby. i have graduated from ETH zurich and have deep knowledge in many fields of IT most i work in networkrealted projects and cryptography. one from my new projects is satoshihack.com, bitcoinhackme.com and bitcoinhack.com under the project satoshislab.com. my project goal for this is here: https://bitcointalk.org/index.php?topic=993678and i will make it now in the first hackathon for BTC and QORA in satoshislab.com - so i bring more and more skilled people from IT with more knowledge in various IT-fields in the crypto-community. thank you! ca333 |
|
|
|
In the first HackMe also additional 500k Qora wait for the Winner. thank you! ca333 |
|
|
|
Make one thread for your website, it fits better in service announcements, not project development. Move the current thread there (I did this). Different sections exist to allow for better categorization, not so you can post copies in all sections it kind of fits in. If it fits in multiple sections, then pick the best one. If you aren't sure, ask a moderator.
Do not make another thread about your website in games and rounds. However you may make a thread about the specific ongoing game.
super. thank you for the help and your time! will follow this advice. have nice day. |
|
|
|
IMHO you can but no copy-paste. Give better details on what it is and what it is for.
P.S. It is appropriate if you post in Service Announcements. You will get similar traffic.
thank you for the info! i will then prepare a detailed explanation and then post it in the "Service Announcements". |
|
|
|
Hello, i am developer of https://bitcointalk.org/index.php?topic=993678.0 , so i have the thread in section "Project Development" but want to know is it allowed to post it in the Games section (gamble board section) AGAIN?? because it fits in both boards and i think then many people will have attraction. NOTICE: i have NO advertising on my opensouce project, and its NON-PROFIT project. its only for education of IT-security. thank you! ca333 |
|
|
|
Hello bitcoin-community, i announce a new project under domains "satoshihack.com", "bitcoinhack.me" & "bitcoinhackme.com". I work on this to bring more security experts into the field of BTC and also bring old users of bitcoin into the thematic of it-security. So i thought why not make a bitcoinhackme? A bitcoinhackme is like a normal HackMe site with the only difference: you win reward when you solve it first. So it have many levels and every increment of the level is a little bit harder for solving than the level before. I will make all HackMes public [OpenSource] in my https://github.com/ca333/ after some time. What is satoshihack.com? Satoshihack is my opensource project for BitcoinHackmes. I will run two hackme per month and each of the hackme will contain a BTC-reward for the winnner (the first person to reach last level of the hackme). What is a "hackme"?A hackme is a website with built in vulnerabilities. Its like a puzzle to be solved with different levels. Many factors have to be kept in mind. A hackme covers many topics in IT-security. Such as database-injections, hardcoded pws and password-hashes, bad salts, cross-site scripting, cookie-manipulation, encryption and many others. The hackme motivates the participants to "hack" the site and succeed through the different levels to reach the last level and get a place in the Hall of Fame. How does it work?The BitcoinHackMe will start with level 1 and you must somehow reach the next level and so on and so on until you reach the last level. When you solve the last level you get a privatekey with BTCvalue on it. So example: Level 1 is normal HTML site with password formular. How you come to level 2? option 1: you look in the source and you find the password unencrypted in a simple JS function. option 2: it s only saved in a comment in the sources option 3: the hyperlink for level 2 is in the formular but not added to the button, so PW-form is only to irritate. so you see, it can bring lots of fun and also people often think(use brain) and work together. And so when the best participant reach the last level he will find the privatekey for a little reward. And also we make a HallOfFame for the winner of all the hackme's. When is the launch? The first BitcoinHackMe is solved : https://bitcointalk.org/index.php?topic=998907.0 - congratulation for Injust The second HackMe is solved : https://bitcointalk.org/index.php?topic=1005740.0 - congratulation for ndnhc We will make it not so hard first time. So only use php, html, js and basics of encryption and hashing-algorithms. I will also be in the IRC #satoshihack and give hints when somebody have absolutely NO idea. But last 2 level user must find all out alone. But next hackme then will also contain SQL db, so people learn how to make sql-i and also how to find vulns in database when not proper parameter (query)filtering. In future will also extend with XSS and cookie manipulation for going in the next levels. And when we maybe find good sponsors and supporters for this project we can maybe one day make a big hackme, with real server to hack and so with teams work on it. But for now this is my vision. What is my motivation for this?I think many people in bitcoin-community only see wealth or money primary as motivation but do not think that the community is the important thing here. And the community is not soo large. So i think maybe 10% of it is skilled in IT, but other only have basic idea of it and only come for the dream "bitcoinmillionaire". I think we must help all each other to learn more and more. In the end many are skilled, or the ones who have had no interest in technologies, will start maybe reading more and learning more. What is the goal of BitcoinHackMe?? I want people here to simply start learn IT-security and basic technologies behind it. SO i think this is the future for all of us. Soon the school must also teach children binary calculations and IT-knowledge in very young age because its soo important. My goal for BitcoinHackMe.com is so people who have not much knowledge of IT and hacking make first step and start looking into this topic, so with fun and a motivation (last level BTC-reward and HallOfFame) i think its a good start. Support me: When you have idea from IT security or you think something funny/nice to add in the HackMe, please send me PM or post in this thread. We will make 1 HackMe every 14 days. For now i am paying this all from my own saving. So i am happy when anybody can also donate a little bit only for the HackMe-reward for the winners. Thank you! ca333 |
|
|
|
Signature values can be bigger than 32 bytes. For example also 33 bytes is possible when you see header length descriptor in many tx-scripts.
No. Value is always 256 bit (32 bytes). The encoding can be 33 bytes (with leading zero byte which is useless, because indicates unsigned integer, not a negative) thanks for clarification. will mark this: 33 bytes with leading zero byte. i always thought the 0-prepad is also part of the sig, because the header lenght descriptor tells me how many bytes are used for the sig-value. and in the above example i see 0x21 (33 byte) for lenght descriptor which i have thought means the lenght of the r-sig is 33 bytes. This specific question was previously discussed on bitcoin-development in the thread there.
In particular, this message from sipa explains everything. thank you for posting this. makes it all clear. |
|
|
|
// R can not be wider than 32 bytes
if (lenR > 33 || (lenR==33 && sig[4] != 0x00)) return false;
// S can not be wider than 32 bytes
if (lenS > 33 || (lenS==33 && sig[lenR + 6] != 0x00)) return false;
Signature values can be bigger than 32 bytes. For example also 33 bytes is possible when you see header length descriptor in many tx-scripts. see the inputscripts in this tx: (r sig has 33 bytes - you can also see this from header 0x21) https://blockchain.info/tx/f5d289e3b96248208ee21208cb9bba75114ebe0d3082e2afc692086d05a5a95f |
|
|
|
interesting feedback from person on reddit when I shared this script (I wrote an article on my own site to archive this script and talk about it and share it with others who aren't on here) and it goes like: There's a problem with either the script or the blockchain.info api where the number of tx field doesn't match the actual number of tx sent. In other words, assert( len(addrdata['txs']) < addrdata['n_tx'] ) fails. The script only works for keys with up to 50 tx. If your key got more than 50 tx you have to add some lines (add loop and use optional API-parameters limit and offset to parse through all transactions [50+]).
yes but i writed this in the first post (see above comment), so its only for max 50 tx. when it s more you must adapt the script because it takes the information from blockchain.info and example its more 50 tx, but only loading 50 tx data from bc.info API, then it parses outside range of loaded data. this is the error. i hope you understand. when you need adaption of script write me. i am happy to help you anytime. thank you. Yea I'd like to see the for loop if possible to choose trx size hello sory i don't see yours reply so waited so long. excuse me. ok i post pseudocode hope you can add it with python in fact only little work: full script i write in coming weeks. #EDIT: overload with RL-work. will sit on extension soon. x=0
y=0
z = getTXnr(); //get total number of transactions
n = z%50 //modulo operater so we know the number of tx in last page [b]when its < 50 TX[/b]
m = (z-n)/50 //this is so we know HOW MANY TIMES we have A FULL PAGE (50 tx)
//also we need adapt the urladdr because now we take MORE THAN 50 txs. so we use offset parameter for going through pages.
for y < m:
compare(loadData("https://blockchain.info/de/rawaddr/" + str(addr) + "&offset="+ x)) //now it load the TX begining @x tx.
x+=50; //now we go to NEXT 50 tx.. offset=50 means we ingnore first 50 txs.. or we start @TX NR 51..
y+=1;
compare(loadData("https://blockchain.info/de/rawaddr/" + str(addr) + "&offset="+ x)); //now it take the LAST TXs from the LAST PAGE
//IMPORTANT: in the compare section of the script you MUST ONLY PARSE n transactions
//now REAL example with value: so we think for a [b]tx with 138 TXs[/b]
x = 0 //first offset we start @tx NR. 0
y = 0 //our counter for increment
z = 138 //number of total TX
n = 38 //138 modulo 50 = 38 rest
m = 2 //number of FULL pages with 50 TXs
//1st run of loop:
for 0 < 2:
compare(loadData(blockchain_data(offset=0))); //we start at TX 0 and get data until TX nr. 50
x=50
//2nd run of loop:
for 1 < 2:
compare(loadData(blockchain_data(offset=50))); //we start at TX 50 and get data until TX nr. 100
x=100
//now we leave foor-loop and compare the LAST txs (n)
compare(loadData(blockchain_data(offset=100))); // here its only important so you PARSE ONLY n transaction in the compare-part of the script.
//so for this is the n needed.
have a good sunday evening. thank you. ca333 |
|
|
|
Anyone think about using row hammer as a vector to gain more btc?
i think the bad guys will use everything to gain more wealth. But also we don't forget that a user MUST run a underprivileged process itself on a computer so then its able to use it and this means it don't matter WHAT kind of vuln it uses then, because when a user run untrusted software EVERYTHING can happed with its computer... BUT WHAT I THINK IS MORE A RISK: people can rent other shared servers or VPS and then in example load a software on it (limited privileges) and use the row-hammer vulnerability to GAIN CONTROL OF ALL PHYSICAL MEM AND STEAL ALL DATA(also PRIVKEY when available). also this is only possible when the mem is not monitored by the hoster company and also no proper memtest. For other readers, this is basics of ROM-HAMMER exploits:ITS DETAILED EXPLANATION IS HERE: http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.htmlGoogle project zero published 2 exploits which use the row-hammer effect so for priviliege escalation to allow the Google native client run subset of x86-64 machine instructions within sandbox to escape from sandbox and then be able to directly call system functions (CVE-2015-0565). This is already fixed now, so the cache flush instruction is not allwed now in the NaCl. And this clflush command is prrequisite to run TO MANY activate commands @memory. so take for Example this assembly LOOP:code1a:
mov (X), %eax // read from address X
mov (Y), %ebx // read from address Y
clflush (X) // flush cache for address X
clflush (Y) // flush cache for address Y
jmp code1a so this is also how they called this VULN because the row of memory cells are being ‘hammered’ with ACTIVATE commands and so it affects the nearby memory-row because the silicon is sooo thin in the NEW DRAM technologies because its developed smaller and smaller.. ok and the other exploit is explained perfect here: "The second exploit revealed by the Project Zero runs as an unprivileged Linux process on the x86-64 architecture, exploiting the row hammer effect to gain unrestricted access to all physical memory installed in a computer. By combining the disturbance errors with memory spraying, this exploit achieves to alter page table entries (PTEs) used by the virtual memory system for mapping between virtual addresses and physical addresses, gaining that way unrestricted memory access. Due to its nature and inability of the x86-64 architecture to make clflush a privileged machine instruction, this exploit is hardly mitigable on computers that do not use hardware with built-in row hammer prevention mechanisms. While testing the viability of exploits, Project Zero found that about one half out of 29 tested laptops (manufactured between 2010 and 2014, with all of them using non-ECC memory) experienced disturbance errors within a limited amount of time.[1][2][3]
Due to the need for huge numbers of rapidly performed DRAM row activations, row hammer exploits issue large numbers of uncached memory accesses that cause cache misses, which can be detected by monitoring the rate of cache misses for unusual peaks using hardware performance counters.[2] Also, version 6.0.0 of the memtest86 memory diagnostic software, released on February 13, 2015, includes a so-called hammer test that checks whether computer hardware is susceptible to disturbance errors.[4]"zit-source: wikipedia.org [1]Dan Goodin (March 10, 2015). "Cutting-edge hack gives super user status by exploiting DRAM weakness". Ars Technica. Retrieved March 10, 2015. [2]Mark Seaborn; Thomas Dullien (March 9, 2015). "Exploiting the DRAM rowhammer bug to gain kernel privileges" [3]Liam Tung (March 10, 2015). ""Rowhammer" DRAM flaw could be widespread, says Google". ZDNet. Retrieved March 11, 2015. [4]"PassMark MemTest86 – Version History". memtest86.com. February 13, 2015. Retrieved March 11, 2015. #EDIT: google also published test-application: https://github.com/google/rowhammer-test |
|
|
|
I remember I had sent the script to someone in a PM back at the day, but don't have it now, could someone post it?
so you mean calculate back the pubkey through the pubkey-hash which is in inputscript of transaction? i can write one for you when you need this i described. off course free. only confirm: so basically you want have "sending" address/es of tx inputs. do i understand correct? Yes, it would be wonderful if it would work across different altcoins. Hello i have now check this in detail and its not accurate or i say its not secure for you because its NO sending address 100%. So often its many sending addresses when you have many inputs but you CAN NEVER know when its the REAL sender then only proof the person control NEW OUPUT. So maybe you have then WRONG pubkey. Conclusion: With RPC-bind its not work proper. I see also a opensoucre C# wrapper [1] which use this schematic like you explain, and the DEV say: // Note: Be careful when using GetTransactionSenderAddress(es) as it just gives you an address owned by someone who previously controlled the transaction's outputs
// which might not actually be the sender also you can see in this thread [2] a discussion for THIS problem. [1]https://github.com/GeorgeKimionis/BitcoinLib (title: .net RPC Wrapper in C#) [2]https://bitcointalk.org/index.php?topic=413939.0 (title: get sender address from RPC api ) i hope this help you. thank you. ca333 |
|
|
|
They're encoded as special IPv6 addresses and then passed around normally. IPv6-encoded hidden service addresses start with the prefix FD87:D87E:EB43. If you run Bitcoin through Tor with -externalip=___.onion and -listen=1, you should eventually get incoming connections.
so the client in the TOR-network can itself discover peers when connected to the TOR (with -onlynet=tor) with the above externalip parameter("-externalip=___.onion")? #EDIT: in tor-talk mailing list i read a talk (from Alex Biryukov and Ivan Pustogarov) about this and it say without .onion id in .config there is no chance for the client to advertise to other peer.. |
|
|
|
so you must IMPORT the dll in your c# program. and in your code its not binded. see the code here will do it. this is the DLLFUNCTIONS.cs which you after you make it compile it so it give you the output: DLLFUNCTIONS.DLL. using System.Runtime.InteropServices; // InteropServices is for loading unmanaged code into c#
public class DLLFUNCTIONS {
[DllImport("YOURDLL.Dll")] //DllImport imports the DLL so the entry point is known
public static extern YOURFUNCTION1(YOURPARAMS); //provide the declarations for all your functions you want to use
public static extern YOURFUNCTION2(YOURPARAMS);
} so you import the DLL and then you declare your wrapper functions in the class (DLLFUNCTIONS). but because you have the c++ code with datatyps, structs, pointer arrays also for the texts, and so on and so on, so you must "translate" the .NET objects you use in your c# project for the c++ DLL so it understands this data. this is named "MARSHALING". it s a very complex technics with many features and i suggest you look into it and read it because its soo nice and gives soo mighty options. ok when you have declared your DLLFUNCTIONS you compile it, and finally have a DLLFUNCTIONS.DLL now you can use it in ALL c# projects. so then you use it with: because now compiler know exactly where is entry point of DLL and also how translate the .NET objs to the correct types in the DLL with the parameters we have also declared in our wrapper functions. when you need other help write me. thank you. ca333 (maybe mods put this in the technical support area. but i think rng project suits in this community. it s basic technology in BTC. so i think its also okay here with your project.) |
|
|
|
Hello everybody I have a doubt about bitcoin, please tell me if I undersand it correctly:
Lately we have seen a lot of news about VC funding and new companies wanting to get into the bitcoin business. Thing is, a lot of them talk about how the main innovation in bitcoin is the blockchain itself and not necessarily the currency bitcoin. Using the blockchain for smart contracts and all that.
Now, the way I understand it is that bitcoin has scalability problems. 7 transaction per second are not enough right now for a global payment szstem. So Gavin Andresen thinks that in order to solve that problem the block size must be increased. Some say that this will lead to security problems and especially "blockchain bloat".
Is it possible to massively use the bitcoin blockchain for smart contracts and such applications with a bloated blockchain?
Is there a problem for alternative uses of the blockchain to be used in this case if the gavin solution to scalability gets implemented?
Because in this case the choice is between a non scalable bitcoin and a bitcoin with a "bloated blockchain".
Mine is more of a question than a statement or a critique, I'm really just trying to understand how this works.
Thank you in advance for the answers.
yes you see it right. the great technic in this all is the blockchain. but i don not think they extend blockchain this way. when it comes somthing for "smart contract" or also "p2p-review" or "chainverification of persons" so then it will be i think a secondar chain linked to bitcoin with same parameters. so its a new extra data-layer for this things you mention so its not affect the bitcoin-network. but also we must think for the future. so data we say today is "bloat" or "overload" in some year and linked to moore's law its maybe only small data. think 10 year back. how data, bandwith, memory-limits, etc. its was soo tiny. but with the future its getting bigger and bigger and limits dissapear. also THANK YOU. I like THIS QUESTION because its important people ARE CRITICAL with all topics, specially in the bitcoinscene and opensource and crpytocommunity. so only with critical thinking new idea is born and also only with critical thinking errors and things to change are finded. stay like this and always think soo reflective. never be mainstream! |
|
|
|
|
@steveturk: have you contacted the person with right answer like you said??
|
|
|
|
yes its 0b1100101. Azure won.
It would make sense; 0b = binary key, 1100101= 101 in binary yes and with this case = 0b is the key because its indicate binary format. huuuh. this was soooo nice and cool. steveturk. when you make next hunt?? |
|
|
|
|
yes its 0b1100101. Azure won.
(edit can also be: 7b1100101.because its legit binary formation. so both is correct normally. but standard notation is above )
|
|
|
|
ok here is what i am going to do, I am contacting the person that had loads of answers and if they can explain how they got the answer I will honour it, else its going to the next person.
does that sound fair ?
yes sound fair. |
|
|
|
|
Show Posts
