Feathercoin Advanced Checkpointing released today

[1PFYcabWEwZFm2Ez5LGTx3ftz]

Checkpoint master key can be established by using the 'makekeypair' command. The public key in source code should then be updated and private key kept in a safe place.

Any node can be turned into checkpoint master by setting the 'checkpointkey' configuration parameter with the private key of the checkpoint master key.

What if an attacker (instead of DDoS'ing the masternode) steals the private key? Could he then become a masternode himself and generate fake checkpoints?

[Balthazar]

Yes, he can. But his checkpoints will cause conflict, all clients will switch into safe mode and "Invalid checkpoint found!" or "Invalid chain found!" warning message will be displayed. Stolen key becomes useless immediately after this and checkpoints chain reset would be required to resolve this situation. That's why he must DDoS existing node before, to prevent it from sending checkpoints.

[1PFYcabWEwZFm2Ez5LGTx3ftz]

Yes, he can. But his checkpoints will cause conflict, all clients will switch into safe mode and "Invalid checkpoint found!" or "Invalid chain found!" warning message will be displayed. Stolen key becomes useless immediately after this and checkpoints chain reset would be required to resolve this situation. That's why he must DDoS existing node before, to prevent it from sending checkpoints.

Something does add up here...

Why would the attackers' checkpoint cause conflict? How would the network know that they were created by the attacker, if he used the same private key and/or same physical machine as the "real" masternode?

If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?

Where could I read technical information about how exactly this "advanced checkpointing" works?

[Simran]

Hmmmmm......

[digitalindustry]

Yawn, i hope you kids spend lots of energy on this ...

[Balthazar]

If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?

There is a checkpoints chain. All checkpoints MUST follow this chain without exceptions, and even key owner can't violate this rule.

P.S. How much times can you ask the same questions? Read the topic and commit description.

https://bitcointalk.org/index.php?topic=282314.msg3042252#msg3042252
https://bitcointalk.org/index.php?topic=282314.msg3022480#msg3022480

[atomicchaos]

If the network had a way of knowing this, then this masternode would not be necessary at all. The masternode serves as a "trusted party" - the network trusts the masternode, so if the attacker gained control of the masternode, then how would the network know that the control of the masternode was overtaken?

There is a checkpoints chain. All checkpoints MUST follow this chain without exceptions, and even key owner can't violate this rule.

P.S. How much times can you ask the same questions? Read the topic and commit description.

https://bitcointalk.org/index.php?topic=282314.msg3042252#msg3042252
https://bitcointalk.org/index.php?topic=282314.msg3022480#msg3022480

I've seen read some of your other posts, and they seem pretty well stated. Can you let me know what affiliation you have in FTC (if any)? I do appreciate your posts on the topic, and would love to believe they are not biased in any way, which I think might be the case.

[Balthazar]

Can you let me know what affiliation you have in FTC (if any)?

No, I have no relations with FTC project.

[z0rr0]

Can you let me know what affiliation you have in FTC (if any)?

No, I have no relations with FTC project.

Actually, I think he just care of the world of cryptocurrencies, and shares some part of his wisdom with those who needs help.
May be he has nervous relationships with trolls, and bad reputation in some people's mind, but you can see by yourself that he is helping many coin creators/developers, even if their coins are just copypasted modified NVC and actually compete with his own creation.
(P.S. I don't mean FTC itself, but many new pow/pos coins) 

[atomicchaos]

He may be the only credible person that I've seen that thinks this move isn't bad.

I like hearing intelligent non-biased other points of view, however I still don't think this should have been implemented.

[smoothie]

I still don't think this should have been implemented.

+1

[YipYip]

There was no shortage of people (including me) asking for ways to prevent the repeated attacks.

If that is true, then why it is not even mentioned in feedback.feathercoin.com? Who were these people "asking for it"? Why did they not ask for it publicly, that is in feedback.feathercoin.com ?

From a merchant/trade perspective their needs to be confidence that a ORPHANed transaction can NEVER happen

Also FTC had a fork issue a while back ....so maybe that was a close call

This helps with that idea ....it is a mainstream approach but it does add centralization to a coin ...this is a dangerous slippery slope they are entering 

[atomicchaos]

From a merchant/trade perspective their needs to be confidence that a ORPHANed transaction can NEVER happen

Also FTC had a fork issue a while back ....so maybe that was a close call

This helps with that idea ....it is a mainstream approach but it does add centralization to a coin ...this is a dangerous slippery slope they are entering 

Let's see if this helps their rep with the exchanges and confirmations are decreased.

[viboracecata]

Congrats.