selling only source code ? what about complete script ? and when you say source code what do you mean selling the source code copying from a browser ? ?
Seriously wtf is wrong with your people, i am starting to think that you are trolling. I am selling a C# application with source code that is an offline faucet app. It connects to your faucetbox account and pays users from there. The revenue you get is from banner ads or popup ads, or any other method that you can build into the app, because i provide the source code which you can modify after or edit as you wish. It is a standalone C# based faucet app for windows! Not a browser faucet! |
|
|
|
1) In a deterministic wallet can somebody guess all the private keys from the wallet if one of them is compromised (if the one compromized is not the seed key but lets say the 2nd one)?
No, however, if the MPK and one private key is compromised, then all of the private keys can be computed. The master key can only be compromized if somebody hacks into your wallet physically. However a random private key could be guessed if the signing process is flawed, so i wasnt concerned about the master key, but rather of the individual keys of addresses. 2) In a deterministic wallet can somebody guess the public keys of all the addresses, if one 1 public key is compromized , that is not the seed public key? Possibly but this isn't unique to HD wallets. Sometimes when you make a transaction, inputs from different Bitcoin addresses may be used in the same transaction which indicates that both addresses came from the same wallet. There are also more advanced techniques like trying to fingerprint your Bitcoin client, or directly connecting to your Bitcoin node and trying to determine which transactions you relay first. You should probably assume that all Bitcoin addresses in your wallet can be linked together. Yes i see its called address taint i believe, when they use different addresses that received payments from 1 address to correlate and check which address belongs to the original sender, however this one is only speculation and cannot prove beyond doubt the ownership of 1 user of an address, so i guess privacy is not destroyed here. What if none of my addresses in 1 wallet have cross-transaction between them, and they are all receiving payments from different sources, then is it posssible to reveal privacy & identity here or link together those addresses (they are all deterministic of course)?What is a HD wallet? |
|
|
|
|
1) In a deterministic wallet can somebody guess all the private keys from the wallet if one of them is compromised (if the one compromized is not the seed key but lets say the 2nd one)?
2) In a deterministic wallet can somebody guess the public keys of all the addresses, if one 1 public key is compromized , that is not the seed public key?
3) What if 2 private keys are compromized, can they look at the math relations between them and guess the rest of it?
4) What if 2 public keys are compromized, can they look at the math relations between them and guess the rest of it?
The first 2 questions refer to security problems, while the other 2 to privacy problems. How does Armory resolve these problems?
|
|
|
|
I`ve already mentioned a solution to this somewhere. We need to have a offline private key storage with offline signatures like Armory delivers. However the broadcasting feature should be done by big storage companies who can afford to store the blockchain. Using services like this: https://blockchain.info/pushtxThis feature needs to be integrated into a lightweight wallet, so that once you securely sign your transaction offline, you can broadcast it on your online PC, from a lightweight wallet, without the need to have the blockchain on your PC. Is there any lightweight wallet that offers this feature? Or is there any plan to do so in the future? |
|
|
|
|
So i`m still waiting your offers guys, my skype is green.stox or "Green Stox" depending on how you find me.
We can talk about the rest of the details there, so everyone who wants to buy, buy it now!
|
|
|
|
|
In the meantime that i`m working on newer versions, check them out and see what software you like to work me on!
|
|
|
|
|
Still looking for good vendors who can sell my stuff for any price!
|
|
|
|
Still giving away these softwares, grab your free software now!  Ok Could you possibly make Bitcoin Real Time Stats to have my wallet id in it Or could you show me how to code it, hack it even. Idk if its possible, it will need a Blockchain api, and it could show your online wallet id. I have no idea in what format the normal .wal files come, so i cant help you with that, but in newer versions i`ll check the api thing, and perhaps make it smoother and easier to load. At the moment i`m working one something else. |
|
|
|
Still giving away these softwares, grab your free software now!
|
|
|
|
I don't understand its purpose... Mind explaining a bit more?
It's a faucet app. Just like an online website faucet, but its an app that you donwload and run offline. The faucet works simply, you put it full of banner ads, and then you distribute a % of it between faucet writers who write captcha. It has also a slot machine in it and an automatic faucet view, which connects directly to coinurl.com, which pays per click. For banner ads i used a-ads.com , and also a few custom banners, for affiliate programs. That combo should generate enough revenue to pay the faucet writers. The captcha is in place to make sure the viewers are human and that they dont abuse the system. So basically they just watch your ads, and you pay them for doing it by a % of your total revenue. If I buy it, will you tell the advertisers with the custom banners to pay me their bill, not you? Obviously, you put there whatever banner you want. For example you got a xapo account and want referrals there, you just put there a xapo banner and hope that some1 clicks it and registers on your referral link. Or put your own a-ads, or google adsense, or whatever. It's the source code so you can customize it as you wish. If you got other advertiser networks, you can perhaps integrate it aswell. I only tested a-ads and coinurl, and they work fine and both pay, but if you got other ad networks, you can do it too on them. It is the source code, so you can edit and customize it as you wish! |
|
|
|
I don't understand its purpose... Mind explaining a bit more?
It's a faucet app. Just like an online website faucet, but its an app that you donwload and run offline. The faucet works simply, you put it full of banner ads, and then you distribute a % of it between faucet writers who write captcha. It has also a slot machine in it and an automatic faucet view, which connects directly to coinurl.com, which pays per click. For banner ads i used a-ads.com , and also a few custom banners, for affiliate programs. That combo should generate enough revenue to pay the faucet writers. The captcha is in place to make sure the viewers are human and that they dont abuse the system. So basically they just watch your ads, and you pay them for doing it by a % of your total revenue. |
|
|
|
|
Still selling my faucet software's source code, if anyone else wants to buy it, give it your offers!
|
|
|
|
Sure, thats a fair price.
Here is my skype, come online and we can do the deal: green.stox
No results for when I search it. Its "green.stox" without quotes, with the dot in the middle. Or give me your skype ID and i`ll add you. |
|
|
|
The offer still stands, and will stand indefinitely, so go ahead and sell my stuff!
add these software in play store then its proftware for you try to post in different forums The point is that I don't want to sell it, because i dont deal in cash anymore only bitcoin, and there is no major bitcoin vendor site. I want others to sell it, and keep all profits, because i get a little revenue from the banner ads that are embedded in the apps. I require 0% from their profits, they can keep it all.As simple as that. +I don't have time to sell stuff and advertise it, i`m sure more experienced guys on amazon already sold hundreds of stuff, so why not sell mine too. |
|
|
|
|
Sure, thats a fair price.
Here is my skype, come online and we can do the deal: green.stox
|
|
|
|
Not sure if trolling, but just in case... Well its inconvenient to manage 2000 addresses dont you think? Unless you design a script of somekind to manage it for you, but thats also complicating the thing more.
What do you mean by "manage" them? You create an address, tell your customer or whoever to send money to it, check that you've received said money, and then forget about it. I myself have hundreds of addresses (I don't even know the exact number, nor do I need to) and I haven't been inconvenienced by it. It would be much simpler if the bitcoin developers would fix this issue once and for all, and then everybody can use 1 address forever, or if they want to account for their cash and organize it, then use addresses for categories of income/expenditure (faucet address, sales address, income address, etc).
Everyone can do that; it's just not a good idea. Imagine being born now and by the time the kid gets to age 13 or whatever when he is able to use bitcoin,by the time he gets 70, he would have wasted millions of addresses.
I have a hard time imagining that, since generating a million addresses in 57 years would mean 48 new addresses per day. Who do you know who makes that many transactions per day? And what's the problem with having a million addresses in the first place? And the addresses numbers is also limited, so it would help people not to waste addresses.
I don't think the word "limit" means what you think it means. Nope, according to bitcoin wiki (updated feb 1 2015) https://en.bitcoin.it/wiki/Address_reuseKnown attacks
Same K in multiple signatures, see Recovering Bitcoin private keys using weak signatures from the blockchain.
Timing sidechannel
Now we can disregard the same K attack, because probably Armory,Electrum, Latest Core, Multibit and others have updated their signing mechanism. But the Timing channel attack is possible, + who knows how many more exploits are available that the developers dont know about. I think these issues need to be fixed asap. A timing sidechannel attack requires that the attacker have access to your computer's memory, in which case you're generally already screwed. Ok, thanks for clarification, I got what I needed . I think you've all done a great job of explaining things to this troll. At this point he just keeps repeating himself and ignoring anything any of you say. Perhaps it's time to abandon this thread and stop feeding the troll. He's managed to make it on to my ignore list.
Where are your manners man? I wasnt trolling, I was very concerned about the vulnerabilities that could arise in this case, given that bitcoin is new and there could be many bugs that have not been discussed yet, or observed yet. In either case i got what i was looking for, so i close the thread before anyone else calls me a "troll" because he has manners like a 5 year old.  |
|
|
|
|
50% off promo, only for the first customer, who buys an indicator for me, so BUY NOW!
Also if you are interested and serious about FX trading ,i could code an indicator for you,so PM me if you want to hire me!
|
|
|
|
|
The offer still stands, and will stand indefinitely, so go ahead and sell my stuff!
|
|
|
|
I`m saying that the devs need to fix all security issues related to using an address more than once, otherwise it can become risky if you hold alot of bitcoins, and very inconvenient to use.
Otherwise bitcoin will have a security flaw that could ruin its reputation in the longterm and people could turn to safer altcoins later.
AFAIK THERE IS NO SECURITY ISSUE, JUST A PRIVACY ISSUE!!! -MZ Nope, according to bitcoin wiki (updated feb 1 2015) https://en.bitcoin.it/wiki/Address_reuseKnown attacks
Same K in multiple signatures, see Recovering Bitcoin private keys using weak signatures from the blockchain.
Timing sidechannel
Now we can disregard the same K attack, because probably Armory,Electrum, Latest Core, Multibit and others have updated their signing mechanism. But the Timing channel attack is possible, + who knows how many more exploits are available that the developers dont know about. I think these issues need to be fixed asap. |
|
|
|
[...]It would be much simpler if the bitcoin developers would fix this issue once and for all, [...]
WHAT ISSUE? There is nothing stopping anyone from using same address multiple times.What Are you talking about? I`m saying that the devs need to fix all security issues related to using an address more than once, otherwise it can become risky if you hold alot of bitcoins, and very inconvenient to use. Otherwise bitcoin will have a security flaw that could ruin its reputation in the longterm and people could turn to safer altcoins later. |
|
|
|
|
Show Posts
