[ANN][XEL] Elastic Project - The Decentralized Supercomputer

[HunterMinerCrafter]

I have just sent you 4 BTC.

Great, thanks!

[1714773177]

1714773177

[1714773177]

1714773177

[1714773177]

1714773177

[HunterMinerCrafter]

Actually, the workId is derived from the transaction (not the block) in which it was published so I guess yes .. your attack would work.
While not interesting for the PoW certificates (you can very well charge back using the work cancellation button)

You would't necessarily take back the whole pool...

it might become interesting when precalculating bounties, submitting them prior to the closure of a work to get most of the bounty fund payout for one-self (remember, the fund is always distributed among all bounty submissions after the work has been closed).

Well, you could "dilute" either pool, that way, with various implications for each.

On the PoW side (again as a consequence of keeping "global" PoW chain statistics, meaning a single embedded PoW chain instead of a distinct chain for each job) you could manipulate difficulty, choke out the tx limit, etc.

On the PoB side, one could do "Trapdoor Verification" as well.  It seems that the publisher of work could give a verification expression which accepts either the solution that he is seeking, or any other input values that he PKI signs in a "distinguished" and otherwise-just-nonce input.  This would allow him to submit, at will, his own PoB certificates which are not solutions and which no-one else can submit without his key. 

This is particularly useful if your work job only seeks 1 solution - as soon as you see such a tx on the network you claim the rest of the bounties for yourself.  (Or you claim "the rest + 1" bounties for yourself and try the race.)

I am starting to fix that right away!

I think an effective solution to both cases should be pretty straightforward, though the latter "trapdoor" scenario is a bit tricky, and might resurface in various forms, shortly. 

Actually, I am right now filling the entire 12 integers of "possible input entropy" but not the entire memory space. If required to do so, we could go this way, even though this would increase the overhead noticably. Right now it's pretty handy to have large parts of the memory "nulled".

I am really eager to hear about this attack  

As I said, I intend to go in "order of interesting-ness" and that one is awfully interesting.

I hope (and I really believe) that with your help we can get rid of most (all?) these problems  

Arguably you could make my list into 3 lists.  In decreasing order of size these would be: problems that I can already give solutions for, problems for which I do not have solutions for but for which I suspect practical solutions might exist, and problems that I do not think will have practical solutions in the contemporary state of the art.

Also, I am really excited to hear about your next discoveries and start brainstorming about ways to conquer them.
After all, you have my sincere appreciation for your help!!

I should be ready to throw another round of (both uninteresting and interesting) problems at you soon.

[wpalczynski]

Hi,

Great job guys. I see dedication and skill that can't be found in most of projects.
If I may ask, is there a way to buy more XEL now, after ICO? Is there some kind of mechanism (not platform but a safe process) for sell/buy between participants of ICO?

Thanks,
Yossi

You could make a deal with someone who participated in the ICO.  If you post how much you are looking to pay per XEL you might get a response and make a transaction.

[wpalczynski]

P.S.

BTC address: 1EVnmWVjTWWEbHrWenoyJ3k7wroyAD1K1r

I have just sent you 4 BTC. At this point I have to mention that you are solely responsible for ensuring that your federal income taxes are paid at the right time.

https://blockchain.info/tx/d6694f56b875f517d7aa8c1c58a7ec42d0c7169ed94a5645b1f6f6bc82bf3de5

Whats with the tax disclaimer?

[FreemanIT]

Hey guys. Is Elastic project have own slack, twitter, telegram, wechat or etc? I need help to get my XEL from ICO.

[ImI]

Hey guys. Is Elastic project have own slack, twitter, telegram, wechat or etc? I need help to get my XEL from ICO.

Someone should update the OP and write in big fat letters that "Mainnet hasn't launched yet and no XEL to get at the moment."

[wpalczynski]

Hey guys. Is Elastic project have own slack, twitter, telegram, wechat or etc? I need help to get my XEL from ICO.

Someone should update the OP and write in big fat letters that "Mainnet hasn't launched yet and no XEL to get at the moment."

OP needs to be updated, looks like project isnt active judging by it.

[Bgjjj2016]

Hey guys. Is Elastic project have own slack, twitter, telegram, wechat or etc? I need help to get my XEL from ICO.

Wechat will bring the attention of lots of Chinese .

PS : When do you think the roadmap will be ready ? Thanks in advance !

[HunterMinerCrafter]

Here is a new uninteresting bug: ArithExceptions are not being caught, so div/mod by zero trivially crash the interp.

Here is a new, more interesting bug: The following passes the parser but creates an unusual cast exception in interp... I call this "weird.spl":

Code:

input 3;

repeat(500);{
m[0] = m[0] + m[1];
m[1] = m[1] / m[2];
m[2] = m[1] - m[0];
};

verify m[0] == (0-m[2]);

Weird.

[Evil-Knievel]

Here is a new uninteresting bug: ArithExceptions are not being caught, so div/mod by zero trivially crash the interp.

Here is a new, more interesting bug: The following passes the parser but creates an unusual cast exception in interp... I call this "weird.spl":

Code:

input 3;

repeat(500);{
m[0] = m[0] + m[1];
m[1] = m[1] / m[2];
m[2] = m[1] - m[0];
};

verify m[0] == (0-m[2]);

Weird.

Thanks for these two catches!
The first one was trivial.
The second one was a bit trickier. In your example code you have a repeat statement without a block as its terminated with a semicolon before the actual block begins. The grammar allowed this as it required the repeat statement to be followed by a "Statement()" which can be very well an empty statement.
So effectively, the repeat statement requires two elements on the stack -> the repeat number and the child node to interpret x times. Since only one element was pushed to the stack in your case, the interpreter tried to parse the one before - the InputSpecificationStatement - to an IntConstNode, as he expected the repeat times integer at that particular stack position.

I fixed the error now, by only allowing repeat statements with "Block()" as the second parameter. An empty block should be safe here.

EDIT: dropped the input statement, as we always fill the maximum allowed amount of "input entropy".

[Evil-Knievel]

On the PoW side (again as a consequence of keeping "global" PoW chain statistics, meaning a single embedded PoW chain instead of a distinct chain for each job) you could manipulate difficulty, choke out the tx limit, etc.

On the PoB side, one could do "Trapdoor Verification" as well.  It seems that the publisher of work could give a verification expression which accepts either the solution that he is seeking, or any other input values that he PKI signs in a "distinguished" and otherwise-just-nonce input.  This would allow him to submit, at will, his own PoB certificates which are not solutions and which no-one else can submit without his key.  

This is particularly useful if your work job only seeks 1 solution - as soon as you see such a tx on the network you claim the rest of the bounties for yourself.  (Or you claim "the rest + 1" bounties for yourself and try the race.)

I am starting to fix that right away!

I think an effective solution to both cases should be pretty straightforward, though the latter "trapdoor" scenario is a bit tricky, and might resurface in various forms, shortly.  

I have pushed a fix here: https://github.com/OrdinaryDude/elastic-core/commit/5b4b5fdaaaea586a13e50b59bb70d90102304c87

So now, the blockid is also used to derive the stream of random integers which is then passed to the elasticPL program.
A precomputation of POW/Bounty certificates should no longer be possible.

However, I am at the moment a bit unsure how one would model such trapdoor verification.
Surely, I may add a verification routine that verifies true in many different ways (that also includes asymetric crypto so that I would be the only one - as the private key holder - who is able to calculate a solution that would evaluate to true). But then, again, I cannot chose the input to the ElasticPL program freely. It's more a cryptographically strong, unpredictable stream of input numbers that I have no way of tampering with (be it precalculation, or adjusting the seed in a way so that the random number generator gives back exactly what I want).

So, imho, the only way to verify my "trapdoor" to true is to be "lucky" and "accidently shuffle" the correct input numbers using the cryptographically strong pseudo-random number generator.

However, you are right, the same computation power does not correspond to the same chance to "shuffle" the correct solution.
When I know which input numbers constitute a correct solution *before*, I can screen the entire random number stream without actually evaluating a single line of the program allowing a speedup by a factor of at most WCET. That would be a variant of the "Faster Algorithm Attack" outlined earlier. This is one problem, that would be great to eliminate (somehow) ... I think noone has come up with a solution to the FAA so far   But after all, this attack is just a "race" where the the "attacker" can merely increase his chances to find Bounty certificates.

[unvoid]

If you want to try XEL ( Elastic ):

Download testnet client https://github.com/OrdinaryDude/elastic-core.
Best if you download it trough git for future easy updates. Install git on your machine and:

git clone https://github.com/OrdinaryDude/elastic-core.git

Watch this video for instructions how to run it https://player.vimeo.com/video/178616474?quality=1080p and paste your address here to receive some XEL for testing and fun.

For Windows you have to run compile.bat to compile and run.bat to start XEL.


If you want to try out a miner:

1. Download it from: https://github.com/OrdinaryDude/elastic-miner
Best if you download it trough git for future easy updates. Install git on your machine and:

git clone https://github.com/OrdinaryDude/elastic-miner.git

2. ./compile.sh
3. ./run.sh
4. Give it your passphrase (after you hit a key make sure visible XEL address is yours)
5. Give it a XEL running daemon IP address (default localhost)
6. Hit enter and submit work to the network in your XEL client UI as shown here https://player.vimeo.com/video/178616474?quality=1080p. If someone else will submit work to the network your miner will automatically start working on it.
7. Example work are here https://github.com/OrdinaryDude/elastic-reference-client/tree/master/elasticpl_examples. no_bounties_found.epl will not found any bounty! Be warned that this is debug job that will just expire after 250 blocks without any submissions.

Suggestions:

run miner with lower cpu priority for optimal experience. Especialy if you running miner on the same machine that you running XEL node.

i. e.

Code:

screen nice -n 20 ./run.sh

20 is lowest possible priority in most linux env.


If you want to update XEL to the newest version:

Stop your node (CTRL + C)
Go to main directory of XEL and:

Code:

git pull
./compile.sh
rm -rf nxt_test_db/
screen ./run.sh

If you want to update miner to the newest version:

Stop your miner (CTRL + C)
Go to main directory of miner and:

Code:

git pull
./compile.sh
screen nice -n 20 ./run.sh

[unvoid]

@Lannister big request from the community to update OP (with new links, information about testnet, information about XEL and how to run it)

After that some things should be much easier for newcomers.

Thanks.

[ttookk]

Ok, I think, we don't need a slack. Everybody is pretty active here.

[unvoid]

Faucet: http://elasticexplorer.org/faucet/

Have fun!

Request to you all to test it, especially test if you can pay out to yourself twice or more. Thanks!

There is only IP validation.

This faucet will be live only in testnet. I don't like to build live faucets because there is lot of abuse. Even with evercookie and blocking TOR there are people that like to waste their time for couple of cents.

[anhpt192]

Faucet: http://elasticexplorer.org/faucet/

Have fun!

Request to you all to test it, especially test if you can pay out to yourself twice or more. Thanks!

done.

[unvoid]

Faucet: http://elasticexplorer.org/faucet/

Have fun!

Request to you all to test it, especially test if you can pay out to yourself twice or more. Thanks!

done.

Thanks! You found a little bug Already fixed.

[anhpt192]

Faucet: http://elasticexplorer.org/faucet/

Have fun!

Request to you all to test it, especially test if you can pay out to yourself twice or more. Thanks!

done.

Thanks! You found a little bug Already fixed.

i could not download blockchain before i submitted my XEL address to the faucet link.
it works well now!

[unvoid]

i could not download blockchain before i submitted my XEL address to the faucet link.
it works well now!

Due to bug (already fixed) you can submit your address again and you should get another 10k.

[anhpt192]

If you want to try out a miner:

1. Download it from: https://github.com/OrdinaryDude/elastic-miner
Best if you download it trough git for future easy updates. Install git on your machine and:

git clone https://github.com/OrdinaryDude/elastic-miner.git

2. ./compile.sh
3. ./run.sh
4. Give it your passphrase (after you hit a key make sure visible XEL address is yours)
5. Give it a XEL running daemon IP address (default localhost)
6. Hit enter and submit work to the network in your XEL client UI as shown here https://player.vimeo.com/video/178616474?quality=1080p. If someone else will submit work to the network your miner will automatically start working on it.
7. Example work are here https://github.com/OrdinaryDude/elastic-reference-client/tree/master/elasticpl_examples. no_bounties_found.epl will not found any bounty! Be warned that this is debug job that will just expire after 250 blocks without any submissions.

Suggestions:

run miner with lower cpu priority for optimal experience. Especialy if you running miner on the same machine that you running XEL node.

i. e.

Code:

screen nice -n 20 ./run.sh

20 is lowest possible priority in most linux env.


If you want to update XEL to the newest version:

Stop your node (CTRL + C)
Go to main directory of XEL and:

Code:

git pull
./compile.sh
rm -rf nxt_test_db/
screen ./run.sh

If you want to update miner to the newest version:

Stop your miner (CTRL + C)
Go to main directory of miner and:

Code:

git pull
./compile.sh
screen nice -n 20 ./run.sh

i updated newest elastic-miner, but when i run ./compile.sh it shows


anhpt192@ta-ubu:~/elastic-miner$ ./compile.sh
javac: file not found: src/evil/ElasticPL/*.java
Usage: javac <options> <source files>
use -help for a list of possible options