brooklynbtc
Sr. Member
Offline
Activity: 336
Merit: 250
AKA jefdiesel
|
|
January 03, 2014, 03:55:59 AM |
|
hey all been lurking for the past 24 hours, was my anniversary, and even though i bored my wife with talk of nxt IPOs, I kept my hands off the keyboard. I did have a 90 second panic when we came home last night. She talked to the baby sitter, and I rechecked my sha256 hash, but all is well on my end. This EpicThomas shit is epic. I'm on the east coast USA, can get to FL if need be Convince my wife its a weekend trip to Disneyland and make a pit stop. Mac messenger screen shots look great. Excited as a kid before christmas for the code reveal tomorrow. Dumping snow here in Brooklyn, RaspPi arrives tomorrow, so I've got that to keep me distracted. Thanks to all you smart people working together to grow this into something nxt!
|
|
|
|
Kaliber1
Member
Offline
Activity: 60
Merit: 10
|
|
January 03, 2014, 03:56:06 AM |
|
Guys, have you seen that we are going to break the 5th place in coinmarketcup?
|
|
|
|
Patel
Legendary
Offline
Activity: 1321
Merit: 1007
|
|
January 03, 2014, 03:56:32 AM |
|
Source still being released tomorrow?
12PM UTC eta 8 hours ftw
|
|
|
|
opticalcarrier
|
|
January 03, 2014, 04:00:04 AM |
|
That being said, if you really want to protect yourself, I have outlined some steps here: http://forums.nxtcrypto.org/viewtopic.php?f=17&t=267 Note that this procedure elects to be online to lock in the account, but via a linux live CD. If you want to go the 2^64 route then keep the linux disconnected and then you also dont have to do the full procedure, but note that to be 100% sure here its probably best to not just disco your PC from the internet and do it, especially if you're running windows. Thanks - although if I am understanding this correctly then your public key has been made public when creating the alias or sending 1 NXT. So if the EC is cracked down the track then your NXT would not be safe - so does this mean that by design you cannot store NXT offline safely (meaning safe from some QC that has cracked EC) without better than 2^64 of entropy? I would consider a linux live CD method a safe method to obtain 2^256. even though you do connect to the internet and do account operations, come on, its safe that way. At least for live CDs that were made before NXT. With that fake client that was floating around, anything is possible. You would need to determine which is more safe, the method of not doing account ops on liveCD where the result is 2^64 or the method of the live CD where you do connect and do account ops where the result is 2^256
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
January 03, 2014, 04:06:06 AM |
|
You would need to determine which is more safe, the method of not doing account ops on liveCD where the result is 2^64 or the method of the live CD where you do connect and do account ops where the result is 2^256
Your missing the point about your public key being "published" - this is one of the reasons why address re-use is considered bad. If someone is able to crack the EC used (with QC I guess) then your funds are gone as they will determine your private key from the public one. Of course this is also a big problem for Bitcoin - but as this is a 2nd generation crypto-currency I would have thought that this would have been taken into consideration.
|
|
|
|
opticalcarrier
|
|
January 03, 2014, 04:11:42 AM |
|
Your missing the point about your public key being "published" - this is one of the reasons why address re-use is considered bad.
If someone is able to crack the EC used (with QC I guess) then your funds are gone as they will determine your private key from the public one.
Of course this is also a big problem for Bitcoin - but as this is a 2nd generation crypto-currency I would have thought that this would have been taken into consideration.
What do you mean by EC/QC? But it does sound like you are saying that also with the 2 choices I laid out, that you are saying we need to consider the 3rd choice of sending out your public key and weighing the risk of the curve/sha256 algorithm being cracked itself? so basically weigh 2^64 against the odds of curve/sha256 being broken?
|
|
|
|
EmoneyRu
|
|
January 03, 2014, 04:13:03 AM |
|
Your missing the point about your public key being "published" - this is one of the reasons why address re-use is considered bad.
If someone is able to crack the EC used (with QC I guess) then your funds are gone as they will determine your private key from the public one.
Of course this is also a big problem for Bitcoin - but as this is a 2nd generation crypto-currency I would have thought that this would have been taken into consideration.
What do you mean by EC/QC? But it does sound like you are saying that also with the 2 choices I laid out, that you are saying we need to consider the 3rd choice of sending out your public key and weighing the risk of the curve/sha256 algorithm being cracked itself? so basically weigh 2^64 against the odds of curve/sha256 being broken? http://en.wikipedia.org/wiki/Elliptic_curve_cryptography http://en.wikipedia.org/wiki/Quantum_computer
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
January 03, 2014, 04:16:14 AM |
|
What do you mean by EC/QC? But it does sound like you are saying that also with the 2 choices I laid out, that you are saying we need to consider the 3rd choice of sending out your public key and weighing the risk of the curve/sha256 algorithm being cracked itself? so basically weigh 2^64 against the odds of curve/sha256 being broken?
Yes - (QC = Quantum Computing which is the most likely thing that could break the EC = "elliptical curve") - so a question of just how safe 2^64 is going to be if you are paranoid that the curve will get cracked sometime.
|
|
|
|
opticalcarrier
|
|
January 03, 2014, 04:19:14 AM |
|
Your missing the point about your public key being "published" - this is one of the reasons why address re-use is considered bad.
If someone is able to crack the EC used (with QC I guess) then your funds are gone as they will determine your private key from the public one.
Of course this is also a big problem for Bitcoin - but as this is a 2nd generation crypto-currency I would have thought that this would have been taken into consideration.
What do you mean by EC/QC? But it does sound like you are saying that also with the 2 choices I laid out, that you are saying we need to consider the 3rd choice of sending out your public key and weighing the risk of the curve/sha256 algorithm being cracked itself? so basically weigh 2^64 against the odds of curve/sha256 being broken? http://en.wikipedia.org/wiki/Elliptic_curve_cryptography http://en.wikipedia.org/wiki/Quantum_computerhow do you even go about devising a key scheme that wouldnt be defeated by QC means? Just not base it on any Curve/ED/etc type of algorithm?
|
|
|
|
lr127
Newbie
Offline
Activity: 35
Merit: 0
|
|
January 03, 2014, 04:22:38 AM |
|
that first account has a really short public number. Is this an account with a working private key, or just fake account? Its one in a billion chance It's not fake. It is one hour work of my computer. I wrote a small generator for the searching the shortest or the pretty ID, as example, 7033070170030337101 (only 4 dif digest) or 203027244103. If you run generation for a long time, you can get a more shorter ID.
|
|
|
|
User705
Legendary
Offline
Activity: 896
Merit: 1006
First 100% Liquid Stablecoin Backed by Gold
|
|
January 03, 2014, 04:25:39 AM |
|
If you send NXT to an address and don't open the address after, no private/public key pair is generated for that address. This means the account is only protected by (if I'm remembering correctly what CfB said) the 64 bits of the account number, not fully protected by all 256 bits of the private key.
Yes - this is what I had recalled - so what I was hoping one could do is to generate the address and somehow publish the public key without the private key (or pass phrase) ever being even temporarily on an online computer. Since it's in java does the client still run in offline mode? Wouldn't that generate an address but not be technically exposed online?
|
|
|
|
Voodah
|
|
January 03, 2014, 04:46:24 AM |
|
Is the code release confirmed or is the price gonna tank if they fail to deliver?
I was thinking of buying some but might not be the best time..?
|
|
|
|
rickyjames
|
|
January 03, 2014, 04:46:49 AM |
|
Come on, Epic Thomas, this isn't the kind of world you want Joceyln to grow up in. Do the right thing, be a force for good, return the NXT.
|
|
|
|
pandaisftw
|
|
January 03, 2014, 04:52:45 AM |
|
Is the code release confirmed or is the price gonna tank if they fail to deliver?
I was thinking of buying some but might not be the best time..?
What is your question? You seem to have answered it all by yourself. If the question is was it confirmed, then look like 6 posts up.
|
NXT: 13095091276527367030
|
|
|
Zahlen
Member
Offline
Activity: 98
Merit: 10
|
|
January 03, 2014, 04:54:11 AM |
|
I don't ever want to get on rickyjames' bad side
|
|
|
|
coolfish
|
|
January 03, 2014, 05:06:28 AM |
|
The Block generation have occupied by the large amount account. Although the POS system, the more amount, the faster mining. But this system is not a few people's toys, if it want to use a large-scale users, Should increase the equity of minority shareholders to encourage them mining
|
Nxt:17482068461146780755
|
|
|
2X84
Newbie
Offline
Activity: 28
Merit: 0
|
|
January 03, 2014, 05:11:43 AM |
|
I don't ever want to get on rickyjames' bad side If you think that's bad you should hear some of the conversation I have recorded between me and some of my former clients... Long story short I quit after two weeks working as an (crypto-currency) investment banker for the serbian mafia... Not because I was on their bad side, but I heard about the things they did to those that stole from them. I may have to push the 72 hours out to around 4-5 days, I need to code much more than I initially planned.
|
|
|
|
coolfish
|
|
January 03, 2014, 05:15:35 AM |
|
|
Nxt:17482068461146780755
|
|
|
Zahlen
Member
Offline
Activity: 98
Merit: 10
|
|
January 03, 2014, 05:19:44 AM |
|
two weeks working as an (crypto-currency) investment banker for the serbian mafia
Holy shit! (You guys can probably tell how new I am to all this...)
|
|
|
|
Kaliber1
Member
Offline
Activity: 60
Merit: 10
|
|
January 03, 2014, 05:24:57 AM |
|
Is the code release confirmed or is the price gonna tank if they fail to deliver?
I was thinking of buying some but might not be the best time..?
Actually this is the last moment when you can buy them
|
|
|
|
|