Bitcoin Forum
April 04, 2020, 09:56:42 AM *
News: Latest Bitcoin Core release: 0.19.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 [2058] 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 ... 2565 »
  Print  
Author Topic: NXT :: descendant of Bitcoin - Updated Information  (Read 2756461 times)
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:10:08 AM
 #41141

Is there an open source software with an online interface which we could use for logging testcases and bugs?
Something like JIRA?

For just keeping track of bugs, now we all should use the issue tracker on bitbucket, where the public source it.

There are tools like Jenkins and Hudson, to do continuous integration, but we don't have automated tests yet so it is a bit early to look into those.

For manual testing, writing test plans and keeping track of test results, somebody with more QA experience should speak up, I don't know what is out there.

We need an organized QA team and testing more urgently than we need java devs. The QA people can start contributing productively much faster than a new java dev can get familiar with the code, so we would see real results from getting a QA immediately.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
1585994202
Hero Member
*
Offline Offline

Posts: 1585994202

View Profile Personal Message (Offline)

Ignore
1585994202
Reply with quote  #2

1585994202
Report to moderator
1585994202
Hero Member
*
Offline Offline

Posts: 1585994202

View Profile Personal Message (Offline)

Ignore
1585994202
Reply with quote  #2

1585994202
Report to moderator
Best ratesfor crypto
EXCHANGE
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
VanBreuk
Sr. Member
****
Offline Offline

Activity: 460
Merit: 250



View Profile
March 06, 2014, 10:11:38 AM
 #41142

any date set for launch of AE yet?? or still to be decided?
I proposed the 13th march, and asked if not some one should step up and take ownership for the launch of AE.
March 13th is not possible. I posted my plan some time ago:
https://bitcointalk.org/index.php?topic=345619.msg5449690#msg5449690

The test network is ready, the known asset exchange bug looks fixed, but more testing is needed to make sure there are no others.

Now I need to start working on increasing the divisibility of amounts and fees, to allow for fractional amounts in the future, and I want to have this ready and tested before Asset Exchange is enabled on main net, because this type of transition would be really more difficult after AE is live. There is no time to do that before March 13th, end of March is more likely.


If that is realistic, it deserves full support. Let us grease the machines for the next 3 weeks then. I am testing.

In the meantime, looks like a great time to place an official client distribution for the average windows user on the table. NRS+wesleyh+mistafreeze installer. What's the status of this?

Do we need a name redux for the package?
jl777
Legendary
*
Offline Offline

Activity: 1176
Merit: 1090


View Profile WWW
March 06, 2014, 10:12:54 AM
 #41143

Nxt :: Asset Exchange Testing
Let´s get things organized!

I´ve created a project for Nxt AE on TestPad.

https://nxt.ontestpad.com

Anyone willing to test AE please join the site so I can add you to the project.

What is TestPad for and why to join?

We can

- write test cases
- run tests step-by-step
- track tests step-by-step
- track bugs
- track bugfixing progress


Please PM me your username after registration.
Fantastic!
Everybody can help with this as long as you can use wesley's web GUI

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
igmaca
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
March 06, 2014, 10:13:08 AM
 #41144

antanst, aka Evil Bob impersonator, has raised a security weak spot in the current gateway design.
Each gateway currently generates a custom deposit address and when a deposit comes in, it immediately sweeps it to the main multisig acct. The duration of exposure is less than a second (could be set to 50 milliseconds), but it is exposure.

So, I am changing things so that there is no sweeping into a main account. All custom deposit addresses will be 2 of 3 multisig. This will require a fair amount of internal changes, but it eliminates the in transit deposit exposure. Now, all deposits will go directly into a multisig account and stay there until a withdraw request needs the funds.

The multigateway isnt perfect, but I will do everything possible to make sure it is as safe as I can make it.

Does anybody know how to setup google authenticator? I think it works by having a seed value associated with each user. I can put the encrypted value of this seed in the AM response to the user. Then for people who choose to activate this feature, they would need to go to a webpage, input their NXT acct # and authenticator token

With such a setup, can anybody think of how Evil Bob can attack the gateway? All I can think of it a spite DDos attack that would just slow things down, but no money lost. Any other attack vectors? Can someone forge the NXT acct # in the "sender" field in a confirmed AM transaction?

James

The difficulty arises with the user authenticator Google documentation . One Base32 ( secret ) key is expected . You must set the secret key to Base32 in KeePass and restrict your secret key to the base 32 character set : az, 2-7. KeePass allows "= " but not Google authenticator . Base32 length secret key Apart expressed in multiples of 8 characters.
A configuration that works :
Adjust the settings OTP Lock :
Long: 6
Secret key : abcdefghxz234567 ( Base32 )
Counter : 0 ( Dec)
OTP Number 3
Looking forward 9 (allows 3 failed attempts to unlock using KeePass newly generated OTPs before a recovery is needed because the counters have become too out of sync. )

Set Google Authenticator
secret key : abcdefghxz234567
counter : counter based
The first 6 OTPs are:
442843
724600
994 767
847 513
160505
583 080
Make sure you never lose the secret key or it will be permanently locked out of KeePass if counters lose synchronization. It also recognizes that the real secret is the secret key is not the OTP .

OtpKeyProv
Plugin Author: Dominik Reichl, Plugin Language: English
http://keepass.info/plugins.html#keeotp

OtpKeyProv is a key provider based on one-time passwords. After protecting your database using this plugin, you need to generate and enter one-time passwords in order to open your database.

All generator tokens that follow the OATH HOTP standard (RFC 4226) are supported.

Download plugin: [v2.2 for KeePass 2.20 and higher]
Download source code: [v2.2 for KeePass 2.20 and higher]

If you instead want KeePass to generate one-time passwords, see the {HMACOTP} placeholder. For generating time-based OTPs, see the KeeOtp and Tray TOTP plugins.
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:13:50 AM
 #41145

about Asset Exchange test
everything looks like ok.

found a api error

1. getTrade  OK
{"trades":[{"timestamp":8778667,"price":200,"bidOrderId":"10668185170919619908","askOrderId":"11342895551343357312","quantity":15},{"timestamp":8778667,"price":300,"bidOrderId":"10668185170919619908","askOrderId":"627868227848821830","quantity":10}]}

2.getAskOrder
http://127.0.0.1:6876/nxt?requestType=getAskOrder&order=11342895551343357312 (this api don’t corret)
{"errorCode":5,"errorDescription":"Unknown order"}
askorder or bidorder api cannot return result.

3.getTransaction OK (use this api replace getaskorder api)
http://127.0.0.1:6876/nxt?requestType=getTransaction&transaction=11342895551343357312

btw
i have issued some tulips(quantity=100). Tomorrow i will launch Tulip Bubble TEST, who earned most testNxt will win the match. I will donate 500 true Nxt to the winner.


Was this order completely filled? If so, it has been removed from the system, so it is normal to get an unknown order. Trades are used to keep track of past orders that have been already executed.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
qqNxt
Full Member
***
Offline Offline

Activity: 532
Merit: 100



View Profile
March 06, 2014, 10:14:33 AM
 #41146

BTC38 is asking about which coin to add next on their exchange. Please take a few minutes to let them know about Nxt:

https://bitcointalk.org/index.php?topic=501963.msg5525645#msg5525645



Done

martismartis
Legendary
*
Offline Offline

Activity: 1162
Merit: 1005


View Profile
March 06, 2014, 10:15:25 AM
 #41147

Why my public node seen in active peers window has red flag and shown as disconnected, while it is really live and I can connect to it from outside?
l8orre
Legendary
*
Offline Offline

Activity: 1096
Merit: 1004


View Profile
March 06, 2014, 10:16:07 AM
 #41148



FreeRider AE Client released later today. Stay Tuned.



Nxt :: Asset Exchange Testing
Let´s get things organized!

I´ve created a project for Nxt AE on TestPad.

https://nxt.ontestpad.com

Anyone willing to test AE please join the site so I can add you to the project.

What is TestPad for and why to join?

We can

- write test cases
- run tests step-by-step
- track tests step-by-step
- track bugs
- track bugfixing progress


Please PM me your username after registration.

Edit: TestPad is charging $9/month for every new user. I will pay for the subscription from my own pocket, so please, only join if you are serious about testing.
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:16:21 AM
 #41149

jean-luc

If you can get asset trades denominated in other assets implemented, then NXT AE would be able to dominate all other centralized exchanges. Basically all cryptos supported by the gateway could be directly traded against any other crypto. It would be fantastic!

After trading, people could withdraw directly to their wallet whatever crypto they have assets for

I think this is a much bigger change than assets supporting fractions, but maybe its a conditional handling in Order.java for all the trades of an asset denominated in another asset. Even if BTC is the only other asset something can be denominated in, that would get us 90% of the benefit, but I think the way the code is structured, it would be almost the same work to allow arbitrary denominations based in other assets.

James

I will look into that after I am done with the rest of my near term plan. I need to prioritize features, and this is again not a simple change. Supporting fractional amounts is critical because it is needed not only for the AE.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 06, 2014, 10:16:33 AM
 #41150

In this case he is only using java.util.Random to pick up the length of the password, between 70 and 90 chars, so it does not need to be SecureRandom. Of course I hope the apache RandomStringUtils internally uses SecureRandom, this is where it would matter.

Instead of relying on RandomStringUtils, isn't it much simpler to just use SecureRandom to create the password?

char[] allowedCharacters = {'a','b','c','1','2','3','4'};

SecureRandom random = new SecureRandom();
StringBuffer password = new StringBuffer();

for(int i = 0; i < PASSWORD_LENGTH; i++) {
    password.append(allowedCharacters[ random.nextInt(allowedCharacters.length) ]);
}

NXT-GZYP-FMRT-FQ9K-3YQGS
https://nxtforum.org
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:18:01 AM
 #41151

about AE test

1. balance=2864
2. ask order (my asset)
  quantity:15, price=200(2nxt) fee=1
  quantity:10, price=300(3nxt)  fee=1
  balance=2862 Ok
3. bid order (my asset)
  quantity:25, price=300(3nxt)   fee=1
4.balance=2846
  should be 2864-3=2861
  so 2861-2846=15 is lost ( 25*3-15*2-10*3=15 )


test Ok  in .8.6

cancelling a order, there are two results :
e.g.
1. ask order
    quantity:5, price=100(1nxt) fee=1
    wait a minute, confrimed.
2. bid order
    quantity:4, price=100(1nxt) fee=1  
    not confrimed yet
3. cancel the ask order

two results:
2.bid order win ,confirmed before the cancelling ask order
  so order matched, and the left ask order cancelled ( quantity:1, price=100(1nxt))
3. cancel ask order win, confirmed before the bid order
  so bid order don't change, ask order all is cancelled.

test Ok  in .8.6

So you are saying I have managed to fix that bug? Are there any known AE bugs that are still reproducible in 0.8.6?

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:19:09 AM
 #41152

Is JL available for new dev core team consideration post CFB?
My understanding is that he is here long term

JL, can you confirm this? The community is just trying to take stock of who is and isn't on-board for the months to come.

Yes, I will still be here after CfB leaves.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1003


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 06, 2014, 10:19:16 AM
 #41153

Does anybody know how to setup google authenticator? I think it works by having a seed value associated with each user. I can put the encrypted value of this seed in the AM response to the user. Then for people who choose to activate this feature, they would need to go to a webpage, input their NXT acct # and authenticator token

https://github.com/ciyam/ciyam/blob/master/src/crypt_stream.cpp#L173

Although it is of course in C++ (if you search around you should be able to find it in C).

Am back from Hong Kong now (wasn't online at all for two days so have been busy trying catch up all afternoon).

As far as people wanting me to be a "core dev" I don't think it would make much sense as I am a C++ programmer not a Java programmer (and have only even looked at a small amount of the source code) so at this stage I will keep my main involvement to the AT side of things but may get involved with other things down the track.

As far as pools are concerned I think we are going to need them and without them we won't be able to create a "savings account" AT (which I think would be something fairly attractive from a marketing perspective).

I had stated before that my preference for limiting the power of an individual pool account would be to limit the number of accounts that it can use (so that trying to allocate your forging power to a "full" account would actually fail) or to limit the max. amount of forging power to a max. % of total coins (say 1%). Of course there is no reason that both of these limits would not be able to be imposed.

Someone else suggested the leased forging power to be restricted according to the balance of the forging account and I think that it could also be a reasonable way to do it.

The key thing that we are going to want to have is a "lot of small pools" rather then a "few huge ones" so I think we should try and focus on ideas that are going to make it easier for small pools and harder for large pools.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
verymuchso
Sr. Member
****
Offline Offline

Activity: 418
Merit: 250


HEAT Ledger


View Profile
March 06, 2014, 10:21:08 AM
 #41154


I did my research on random string generator libraries, it seems apache RandomStringUtils is not compromised.

Why aren't you using SecureRandom random = new SecureRandom()?

Simpler version from web

char[] allowedCharacters = {'a','b','c','1','2','3','4'};

SecureRandom random = new SecureRandom();
StringBuffer password = new StringBuffer();

for(int i = 0; i < PASSWORD_LENGTH; i++) {
    password.append(allowedCharacters[ random.nextInt(allowedCharacters.length) ]);
}

I don't believe I know better than the people from Apache who made that library.
That library is used in 1000s of production systems. You should not reinvent the wheel.

You are right about the difference between SecureRandom and Random, in the code I posted it does however not make sense to use SercureRandom. If you believe it does please explain why it does make sense in the code I posted.

Forobitcoins
Sr. Member
****
Offline Offline

Activity: 301
Merit: 250


View Profile
March 06, 2014, 10:21:29 AM
 #41155

To increase the benefit of "forging", we can add a commission (eg Nxt 0.01) each time you start the client, this creates more comisones for forging and people are more interested in not close the client, not to return to charge the fee.

Is this possible?

Sorry for my English
----------------------------------------
Para aumentar el beneficio de "forjar", podemos agregar una comision (ejemplo 0,01 Nxt) cada vez que iniciemos el cliente, esto crea mas comisones para los que forjan y la gente esta mas interesada en no cerrar el cliente, para no volver a cobrar la comision.

¿es esto posible?

Perdon por mi ingles

Sorry for my broken English XD
muto
Sr. Member
****
Offline Offline

Activity: 457
Merit: 250


View Profile
March 06, 2014, 10:22:38 AM
 #41156

Are there any plans to publish the complete and actual source code somewhere in the near future?

I only found the source code of v4.6. Is ther something more actual available?
mcjavar
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


View Profile
March 06, 2014, 10:22:48 AM
 #41157


...


I´m glad you are back Wink
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:23:46 AM
 #41158

fractional assets also? If the comment field is not possible, I can work around that, but please let me know so I can plan accordingly.

Possibly, I will see what it takes for fractional assets. The comment field is an easier change, I will do that, but will have to reset the test blockchain again.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
mcjavar
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


View Profile
March 06, 2014, 10:24:01 AM
 #41159

Are there any plans to publish the complete and actual source code somewhere in the near future?

I only found the source code of v4.6. Is ther something more actual available?

https://bitbucket.org/JeanLucPicard/nxt/src/
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 06, 2014, 10:24:44 AM
 #41160

Are there any plans to publish the complete and actual source code somewhere in the near future?

I only found the source code of v4.6. Is ther something more actual available?
We only publish in the near past, this way we control the future Wink

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
Pages: « 1 ... 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 [2058] 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 ... 2565 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!