I think there is a big possibility in quickly pay or tip via a smartphone/tablet.
I think there is a big possibility in rainbow unicorn, so what? Nxt is better that Bitcoin because paying via web is built-in feature. Just host your node and connect to it. I don't understand your issue with this, its another feature that adds value to Nxt. Is it personally affecting you in some way? Try to be more constructive, Passion_ltc is a valued member of the community and he's built some great products so far.
|
|
|
Sounds like a lot of great projects in the works!
I believe we should start to limit bounties of unclaimed Nxt to finished open source projects. Website are still eligible, but receive a smaller amount. That way if the developer wants to take their Nxt and run, the community can take over development. We could elect someone to review the code and then release funds. Thoughts?
I agree with you on that. Just my 2 cents on current state of the development progress. We are going the wrong way in terms of the NXT development as a whole. The simple example is Messaging over AM: - We do have like 5(?) different implementations
- We do not have any documents describing the Messaging system as a whole
- We do not have any documents describing the protocol used for Messaging over AM
- We do have the software fragmentation in 1 particular feature (there is no client which supports all of the messages created)
So actually we are shooting our own leg this way. It is important to have not only the source code open and uptodate but to have easy readable description of the processes. I think that document should be reviewed by someone, edited, discussed by community in terms of functionality. Should be discussed at least some way by client devs. Cfb mentioned that there will be some voting system functionality implemented soon. We need to get the details on that no to reinvent the wheel in our clients. Cause we already do have one implementation ... Also Cfb mentioned some time ago about the bips like process. I think that's really good idea. Anyway i think it makes sense to start with SOME documentation at least. What do you think about that? Totally agree with you.
|
|
|
Apologize, I'll keep it civil. Thanks for posting AMA
|
|
|
James, has anyone been successful in contacting anyone from the zerocoin/cash team?
rickyjames has had no luck. I think we need to show them a working NXTcash testnet. talk is cheap, actions speak louder than words I've reached out to several Zerocoin members; Matthew Green, Ian Miers and Christina Garman. All of which were personally referred to me by other Professors. I did receive a response from Matthew about our initial algo review, but nothing more. I'm not holding high hopes for getting help with Zerocoin from any of their core group. We need to explore other options. The option I chose was to push forward on our own as fast as we can! We need to get someone on it asap. Maybe we should have a bounty list somewhere, we need to post link to all open bounties easily. The mixing solution will get at least 2Mil Nxt, that should be attractive to someone.
|
|
|
Sounds like a lot of great projects in the works!
I believe we should start to limit bounties of unclaimed Nxt to finished open source projects. Website are still eligible, but receive a smaller amount. That way if the developer wants to take their Nxt and run, the community can take over development. We could elect someone to review the code and then release funds. Thoughts?
|
|
|
James, has anyone been successful in contacting anyone from the zerocoin/cash team?
rickyjames has had no luck. I think we need to show them a working NXTcash testnet. talk is cheap, actions speak louder than words I've reached out to several Zerocoin members; Matthew Green, Ian Miers and Christina Garman. All of which were personally referred to me by other Professors. I did receive a response from Matthew about our initial algo review, but nothing more. I'm not holding high hopes for getting help with Zerocoin from any of their core group. We need to explore other options.
|
|
|
But that is one in the same ... it's really a turn-off for investors when you're asking money from them and then immediately diluting their shares with the premine.
I don't see why so many people think of it that way. When you're getting VC funding for a startup, it's common practice to hand out something like 10-20% in the first round. Nobody ever thinks of that as some kind of evil plot where you sell the company and then pull the rug out from under the hapless venture capitalists and dilute them 80-90%; people think of it as, well, you creating X shares and only handling out 0.1X-0.2X to the VCs. It's the same here; we're taking preorders for 67% of the initial issuance instead of 100% of the initial issuance. What a naive thing to say. Do you think VC's are spending their own money when investing? They have zero risk when investing other than a diminished return.. We are talking about spending our hard earned cash on this project, not spending other people's money. Don't compare the community here to VC investing, such bullshit.
|
|
|
No, I would be very cautious in dealing with them.
|
|
|
Yes, we should add more to the list if needs be. I think we should give QBTC 100k now for Nxtcrytp site and to keep everything up and running. Passion when Nxtvote is fully operational. l8orre when the asset exchange is released (should be soon).
|
|
|
Do we have a thread for those who deserve Dev Bounties from unclaimed Nxt? I recommend the following allocation for dev:
l8oore (asset exchange) - 200k
We can add to these amounts in the future for ongoing projects.
I would like to see an asset exchange in action... cause i was going to implement it. Since it is already done not sure if i will have to do so. Yes, to be clear, these are for finished product, in the case of QBTC, it's more of a maintenance fee.
|
|
|
Do we have a thread for those who deserve Dev Bounties from unclaimed Nxt? I recommend the following allocation for dev:
QBTC (nxtcrypto) - 100k Passion_LTC (Nxtvote, Nxtion, etc) - 150k l8oore (asset exchange) - 200k
We can add to these amounts in the future for ongoing projects.
Also, should I even bother with the crypto algo review? Sounds like Jesse James can help us with that. On that note I recommend a 250k bounty for Jesse James from unclaimed dev Nxt. If we still want a crypto review, I can use 10 BTC from my own wallet, but I need a very clear and concise response on what we specifically need from someone reviewing the algo.
very generous thank you msin! Pin, can you start a poll for sending unclaimed Nxt to the people above?
|
|
|
Do we have a thread for those who deserve Dev Bounties from unclaimed Nxt? I recommend the following allocation for dev:
QBTC (nxtcrypto) - 100k Passion_LTC (Nxtvote, Nxtion, etc) - 150k l8oore (asset exchange) - 200k
We can add to these amounts in the future for ongoing projects.
Also, should I even bother with the crypto algo review? Sounds like Jesse James can help us with that. On that note I recommend a 250k bounty for Jesse James from unclaimed dev Nxt. If we still want a crypto review, I can use 10 BTC from my own wallet, but I need a very clear and concise response on what we specifically need from someone reviewing the algo.
|
|
|
Critical bug disclosureFew days ago the guy who found a vulnerability in Blockchain.Info and picked the secret phrase of Nxt genesis account found a security flaw in NRS cryptographic algorithm. The flaw allowed to replay transactions that would lead to double-triple-etc amounts sent. In fact, by finding this flaw he conducted an audit of Crypto class and won the bounty that we collected specially for such a case. I can't explain details of the flaw, coz it's out of my area of expertise. U can contact him directly via nextcoin.org forum. The flaw has been fixed and all who updated to 0.6.0+ are safe now. Users of older versions are safe too as long as they are connected to nodes with 0.6.0+. PS: The community should collect 10 BTC again coz we still need to do the audit of the code. so next is broken al ready and they have to paid ransom to a guy for stopping attacks. Why r people still buying this broken piece of shitcoin and main dev don't know nothing about if you have to ask the attacker self. 0.000003 Emule, please PM me is you are selling your Nxt. I'm buying.
|
|
|
Critical bug disclosureFew days ago the guy who found a vulnerability in Blockchain.Info and picked the secret phrase of Nxt genesis account found a security flaw in NRS cryptographic algorithm. ... I can't explain details of the flaw, coz it's out of my area of expertise. U can contact him directly via nextcoin.org forum. I'm the guy. I just created a thread providing more technical details https://nextcoin.org/index.php/topic,3884.0.html and to answer questions. I don't really check this forum/thread so posting there is the best way to reach me. Let's get this guy on board, Klee is in charge of the infrastructure team, so perhaps Klee can get him on board and a good chunk of Nxt from unclaimed.
|
|
|
Weekend project, let's build a DNS system guys!
Here is what I propose, we encode HTML webpages in base64, the base64 is then truncated and sent. the transaction ID's are retrieved and a master file with the locations (and format) of the truncated html is formed. The masterfile is returned and can be used to access the data.
Multiple master files can be formed (due to 1k data limit) and put into one, etc... unlimited amounts of data could be stored this way.
If a dynamic webpage is needed an account could be created and reserved for "hosting" the latest message sent by this account could be the updated website data. Accounts could be used as domain names in a customized browser.
I already have the truncation programs written, but who wants to join me and make this work?
I have a 100k nxt budget for this project (can be increased).
PM me if you are interested.
+1, this would be great if we can get a few people helping.
|
|
|
I received this response from a Crypto expert after reviewing code, here was the response, need some clarification from CFB or devs:
"Thanks very much for sending me the code. I took a quick look and understood that it is an implementation of two well known crypto algorithms -- elliptic curve based key agreement scheme (ecdh) and digital signature scheme (ec-kcdsa). The code itself was ported from C to Java back in 2008, and so it has been around for quite a while.
I am wondering what you are looking for in the code review. If it is mainly the correctness of the implementation, then I would take a pass. I feel that what would be most helpful for Nxt is to review how the above crypto algorithms are utilized within the Nxt currency system to achieve the intended security goals. "
If anyone has an appropriate response, let me know.
It seems to me that his two categorizations are really the same thing and are what we are looking for Okay, is there something else I can send, perhaps more clarification to exactly what we are looking for? Also, it's a she, Lisa Yin, PHD in Cryptography from MIT. It is that C port to java that we are concerned with. I believe our issue is that we can not yet fully trust that this code we do have is in fact the authors original, and cannot get hold of him to ask questions. Its in lines 1414 - 2315 in the source that JLP posted early Jan. I think the proper language is "to audit the implementation of Curve25519 classes and EC-KCDSA classes and their implementation in transaction/block signing as used in NXT" to look for vulnerabilities. But dont commit the funds right now - I believe we may have found someone to take the funds for an audit. We'll need to figure out what is what. please get your source this info and see what she says. Okay, will do.
|
|
|
I received this response from a Crypto expert after reviewing code, here was the response, need some clarification from CFB or devs:
"Thanks very much for sending me the code. I took a quick look and understood that it is an implementation of two well known crypto algorithms -- elliptic curve based key agreement scheme (ecdh) and digital signature scheme (ec-kcdsa). The code itself was ported from C to Java back in 2008, and so it has been around for quite a while.
I am wondering what you are looking for in the code review. If it is mainly the correctness of the implementation, then I would take a pass. I feel that what would be most helpful for Nxt is to review how the above crypto algorithms are utilized within the Nxt currency system to achieve the intended security goals. "
If anyone has an appropriate response, let me know.
It seems to me that his two categorizations are really the same thing and are what we are looking for Okay, is there something else I can send, perhaps more clarification to exactly what we are looking for? Also, it's a she, Lisa Yin, PHD in Cryptography from MIT.
|
|
|
I received this response from a Crypto expert after reviewing code, here was the response, need some clarification from CFB or devs:
"Thanks very much for sending me the code. I took a quick look and understood that it is an implementation of two well known crypto algorithms -- elliptic curve based key agreement scheme (ecdh) and digital signature scheme (ec-kcdsa). The code itself was ported from C to Java back in 2008, and so it has been around for quite a while.
I am wondering what you are looking for in the code review. If it is mainly the correctness of the implementation, then I would take a pass. I feel that what would be most helpful for Nxt is to review how the above crypto algorithms are utilized within the Nxt currency system to achieve the intended security goals. "
If anyone has an appropriate response, let me know.
|
|
|
Change log:
There are no changes in the web.xml file compared to 0.6.1. I will add parameters to tweak database settings later, if needed.
Thanks JL
|
|
|
|