NXT :: descendant of Bitcoin - Updated Information

[jl777]

There was another exchange hacking incident today. Poor Poloniex seems to be involved in all these, but that is probably because it has all the hot coins. Last week a hacker withdrew a large amount of BTC from c-cex, bought ALL the DRK on the orderbook quadrupling the price to .007 and deposited it in Poloniex crashing the price of DRK by 90% to .0002!

https://bitcointalk.org/index.php?topic=485029


Today, a hacker exploited a weakness in Poloniex's withdraw system. It was actually the first time Poloniex was responsible for its involvement in an incident.

https://bitcointalk.org/index.php?topic=499580

For those concerned about how the gateway would have done, I do not have the balance checking in, but I am pretty sure I would have checked for positive balances. Also, I serialize ALL withdrawals from all customers. This actually could create a performance bottleneck, but I went the safer path. It is much safer to have just one withdrawal going at a time, especially if you have only one acct being withdrawn from.


In a separate incident, XCP protocol itself was hacked!

https://poloniex.com/correspondence.pdf

The fact that the hack used 2 of 3 multisig is kind of a spooky coincidence, but the vulnerability was due to how XCP credited and debited accounts, apparently hardcoding the withdrawal from the first input. Rest assured, that I validate each txout used as an input with the associated account. Plus what I am doing is MUCH simpler than what XCP is doing.

Now these events make me reiterate that before we go live with my gateway code, we must have it reviewed by an expert. I think it is in the community's interest to hire "Guy Fawkes" for this review!

Kudos to busoni who keeps weathering these attacks and does as good as anybody could expected to.

James

P.S. I have never been in Brazil!

[Damelon]

Hey... Poloniex just got hacked..... panic https://bitcointalk.org/index.php?topic=499580

I see no panic. I see an exchange owner communicating in an open manner with his users and trying to do the right thing.

Which is a rare thing these days... 

[Fatih87SK]

Idea:

After the release of AE. Making a video with a client of ours to demonstrate all features of NXT would be supercool and would attract many many new users.

Video like this; https://www.youtube.com/watch?v=sZRj7bL7ROs

I think the creator of this video should/can make this; https://www.youtube.com/watch?v=_qi5r9kajDI&feature=youtu.be
With the same voice over.

+1

Step 1: Finishing Asset Exchange
Step 2: Set up a deadline when it will be in production. Don't bring it online immediatly.
Step 3: Let the countdown begin at www.nxtcountdown.com
Step 4: Create Buzz / Make the video what I described above (We need a bounty) (It's important to tell how to create an account at the beginning)
Step 5: Spam everyone after finishing the marketing materials.
Step 6: Enjoy the fireworks.

[Jean Bax]

Hi,

I'm pretty new in NXT but I'm looking it since a while.

I bought some of them 1 month ago (50k) in order to forge more.

What I notice after 1 month of forging is:
 - I have a chance to forge only once per week
 - I forged nothing

I did something wrong maybe ?

edit:
checking my node:
"you can generate the next block in 39 days".

:-/

[ChuckOne]

Hey guys,

great work regarding the testnet. This is what I call a community!

Cheers.

[sepehr]

Guys, here needs help:

http://cryptocrimson.com/poll-which-alt-coin-will-see-the-most-growth-in-2014.html

[Fatih87SK]

Guys, here needs help:

http://cryptocrimson.com/poll-which-alt-coin-will-see-the-most-growth-in-2014.html

Voted

[ChuckOne]

Hi,

I'm pretty new in NXT but I'm looking it since a while.

I bought some of them 1 month ago (50k) in order to forge more.

What I notice after 1 month of forging is:
 - I have a chance to forge only once per week
 - I forged nothing

I did something wrong maybe ?

edit:
checking my node:
"you can generate the next block in 39 days".

:-/

You are fine. Did you set up a Raspberry Pi for that?
If you believe in NXT the best think you can do (besides setting up a VPS) is to run a low-power node like the Raspi and do not think so much of it.

Start creating services on top of NXT. This is where the profit lies.

[Jean Bax]

Hi, thank for your help

I'm just hosting my node on a vps to also support the network while forging.

So the forging is pretty slow if I understand right.
Well, i think i'll just be patient

Any idea about the % you earn when you get a block ? can't really find any formula.

Hi,

I'm pretty new in NXT but I'm looking it since a while.

I bought some of them 1 month ago (50k) in order to forge more.

What I notice after 1 month of forging is:
 - I have a chance to forge only once per week
 - I forged nothing

I did something wrong maybe ?

edit:
checking my node:
"you can generate the next block in 39 days".

:-/

You are fine. Did you set up a Raspberry Pi for that?
If you believe in NXT the best think you can do (besides setting up a VPS) is to run a low-power node like the Raspi and do not think so much of it.

Start creating services on top of NXT. This is where the profit lies.

[ChuckOne]

Guys, here needs help:

http://cryptocrimson.com/poll-which-alt-coin-will-see-the-most-growth-in-2014.html

Done.

[ChuckOne]

Hi, thank for your help

I'm just hosting my node on a vps to also support the network while forging.

So the forging is pretty slow if I understand right.
Well, i think i'll just be patient

Any idea about the % you earn when you get a block ? can't really find any formula.

100% of the transactions fees.

[bananahunter67]

Downloaded 0.8.3 on Ubuntu, started the run.sh.
Now when I go to https://127.0.0.1:7875/ I see nothing.
What is going on??

[w4llace]

Guys

We've finally got NXT up and running over at Bittrex.com!  Come check it out.

https://www.bittrex.com/Market/Index?MarketName=BTC-NXT

A big thanks to opticalcarrier for helping us with getting the wallets up and answering our questions; also to Randall for getting us hooked up with the right people.

Thanks
Richie

Great! 
But can you please not refer to "NextCoin" at "Active Markets"? It is just "Nxt".

[wesleyh]

Downloaded 0.8.3 on Ubuntu, started the run.sh.
Now when I go to https://127.0.0.1:7875/ I see nothing.
What is going on??

http://

[wesleyh]

Can someone who has a test server enable API cors and api access? (two settings in nxt-default.properties)

And tell me the server name so I can use that. The bug.airdns.org doesn't accept API access...

So that my online nxt client will work again.

[bananahunter67]

Downloaded 0.8.3 on Ubuntu, started the run.sh.
Now when I go to https://127.0.0.1:7875/ I see nothing.
What is going on??

http://

10x, m8!

[allwelder]

BTCChina added LTC.

[schnidl]

Guys, here needs help:

http://cryptocrimson.com/poll-which-alt-coin-will-see-the-most-growth-in-2014.html

Done.

Done.

[jl777]

Can someone who has a test server enable API cors and api access? (two settings in nxt-default.properties)

And tell me the server name so I can use that. The bug.airdns.org doesn't accept API access...

So that my online nxt client will work again.

Not sure I got all the settings right, here is the nxt.log output

Server IP is 209.126.73.160

James

Code:

[2014-03-04 03:37:37.244] Debug logging disabled
[2014-03-04 03:37:37.244] Exception stack traces enabled
[2014-03-04 03:37:37.244] nxt.isTestnet = "true"
[2014-03-04 03:37:37.247] logging enabled
[2014-03-04 03:37:37.248] nxt.debugJetty = "false"
[2014-03-04 03:37:37.249] nxt.dbCacheKB = "0"
[2014-03-04 03:37:37.249] nxt.testDbUrl = "jdbc:h2:nxt_test_db/nxt;DB_CLOSE_ON_EXIT=FALSE"
[2014-03-04 03:37:37.277] nxt.maxDbConnections = "10"
[2014-03-04 03:37:37.278] nxt.dbLoginTimeout = "70"
[2014-03-04 03:37:37.969] Database is at level 15
[2014-03-04 03:37:37.973] Updated database is at level 15
[2014-03-04 03:37:38.007] nxt.myPlatform = "PC"
[2014-03-04 03:37:38.008] nxt.myAddress not defined, assuming null
[2014-03-04 03:37:38.008] nxt.peerServerPort = "7874"
[2014-03-04 03:37:38.008] nxt.shareMyAddress = "true"
[2014-03-04 03:37:38.008] nxt.myHallmark not defined, assuming null
[2014-03-04 03:37:38.009] nxt.testnetPeers = "bug.airdns.org"
[2014-03-04 03:37:38.009] nxt.knownBlacklistedPeers not defined, assuming null
[2014-03-04 03:37:38.010] nxt.maxNumberOfConnectedPublicPeers = "20"
[2014-03-04 03:37:38.010] nxt.connectTimeout = "2000"
[2014-03-04 03:37:38.010] nxt.readTimeout = "5000"
[2014-03-04 03:37:38.010] nxt.enableHallmarkProtection = "true"
[2014-03-04 03:37:38.010] nxt.pushThreshold = "0"
[2014-03-04 03:37:38.011] nxt.pullThreshold = "0"
[2014-03-04 03:37:38.011] nxt.blacklistingPeriod = "300000"
[2014-03-04 03:37:38.011] nxt.communicationLoggingMask = "0"
[2014-03-04 03:37:38.011] nxt.sendToPeersLimit = "10"
[2014-03-04 03:37:38.157] nxt.peerServerHost = "0.0.0.0"
[2014-03-04 03:37:38.157] nxt.peerServerIdleTimeout = "5000"
[2014-03-04 03:37:38.290] nxt.enablePeerServerDoSFilter = "true"
[2014-03-04 03:37:38.299] nxt.peerServerDoSFilter.maxRequestsPerSec = "30"
[2014-03-04 03:37:38.299] nxt.peerServerDoSFilter.delayMs = "1000"
[2014-03-04 03:37:38.300] nxt.peerServerDoSFilter.maxRequestMs = "300000"
[2014-03-04 03:37:38.303] nxt.allowedBotHosts = "127.0.0.1; localhost; 0:0:0:0:0:0:0:1;"
[2014-03-04 03:37:38.304] nxt.enableAPIServer = "true"
[2014-03-04 03:37:38.304] nxt.apiServerHost = "127.0.0.1"
[2014-03-04 03:37:38.304] nxt.apiSSL = "false"
[2014-03-04 03:37:38.305] nxt.apiServerIdleTimeout = "30000"
[2014-03-04 03:37:38.307] nxt.apiResourceBase = "html/tools"
[2014-03-04 03:37:38.343] nxt.javadocResourceBase = "html/doc"
[2014-03-04 03:37:38.354] nxt.apiServerCORS = "true"
[2014-03-04 03:37:38.367] nxt.allowedUserHosts = "127.0.0.1; localhost; 0:0:0:0:0:0:0:1;"
[2014-03-04 03:37:38.367] nxt.enableUIServer = "true"
[2014-03-04 03:37:38.367] nxt.uiServerHost = "127.0.0.1"
[2014-03-04 03:37:38.367] nxt.uiSSL = "false"
[2014-03-04 03:37:38.368] nxt.uiServerIdleTimeout = "30000"
[2014-03-04 03:37:38.368] nxt.uiResourceBase = "html/nrs"
[2014-03-04 03:37:38.369] nxt.javadocResourceBase = "html/doc"
[2014-03-04 03:37:38.370] nxt.uiServerCORS = "false"
[2014-03-04 03:37:38.394] Genesis block already in database
[2014-03-04 03:37:38.394] Scanning blockchain...

[allwelder]

Guys, here needs help:

http://cryptocrimson.com/poll-which-alt-coin-will-see-the-most-growth-in-2014.html

voted.