NXT :: descendant of Bitcoin - Updated Information

[BrianNowhere]

Okay, I'll admit it...  I'm confused.

Why is there a big push to steer away from some of the original goals for Transparent Forging, Instant Transactions, and Leasing Forge Power?

What other risks or drawbacks might I be missing?

This is the big disadvantage to the infinite thread. These kinds of things have to keep getting rehashed whenever someone comes in fresh after a long day. It would be nice if we could be compiling some kind of repository as we go.

It's such a difficult thing to answer this question because so many ideas, suggestions and brain storms are being thrown around.

Anyone want to take this?

[BrianNowhere]

I'd pronounce NXG "next-gee" - 'that hotdog will be 10 next-gee'

That could work. Kinda sounds like X-G when coupled with the ten.

In fact you could tie in a picture of a little horse (a "gee-gee") and you've got a "meme coin" as well!

What out DOGE - a little horse is going to trot all over you.

You could have that little dog riding the horse. Makes sense considering the AE.

[Eadeqa]

If your password is halfway decent maybe it takes them a couple of years to break it

If your password is random 128-bit (around 22 characters with A-Z, a-z and --0-9 characters), it can't be brute forced, not in 2 years, not in 2 billion years

what about a 30 character memorizable brain wallet with some randomness and weirdness thrown in?

Example:

this sentence i am using for an example of a kickass password

thiSsentenceIaMusingforAnexampleOfaKickAsspAssword

thiSsent44enceIaMusingforAnexa-))mpleOfaKickAsspAssword!

How secure is something like the above?

That's fine.

If the phrase is not "googlable" (i.e not a  quote from a book /song etc) and it has 128-bit entropy, it can't be brute forced -- even if you don't misspell the words or do anything  weird to it.

If you have a dictionary with only 1626 words, and you randomly pick 12 words from the dictionary, it should be fine even if the words are correctly spelled with no caps or special characters. like this:

"study build beard problem praise keep horrible mark nice month day student"

If these 12 words were randomly picked from 1626 word dictionary, that is 128-bit entropy.

1626^12 = 3.4154387002817342781797097590636e+38
2^128 = 3.4028236692093846346337460743177e+38

By the way, Curve25519 only offers 128-bit security, so choosing a password stronger than 128-bit doesn't really do anything. If the attacker can break 128-bit password, he might just as well break Curve25519

[barbierir]

I imagine a passphrase generator integrated in Nxt clients, similar to the one used in Electrum client for Bitcoin, with state of the art random generator and possibly a larger dictionary (Electrum uses 1600 words).
Passphrases are as strong as random alphanumeric passwords but are much easier to write and to learn by memory.

It could work in 3 steps:

[chanc3r]

I'd pronounce NXG "next-gee" - 'that hotdog will be 10 next-gee'

That could work. Kinda sounds like X-G when coupled with the ten.

You could make it simpler...

That hotdog will be 10 G's

If the smallest unit is 0.0001 then 1 G is 1000 milli Gs or a Grand

If course a 1000 G would then be a  1 Gee-Gee which could also be referred to as a Pony!

[CryptKeeper]

By the way, Curve25519 only offers 128-bit security, so choosing a password stronger than 128-bit doesn't really do anything. If the attacker can break 128-bit password, he might just as well break Curve25519

The secret key of Curve25519 has 32 byte = 256 bit: http://cr.yp.to/ecdh.html

[sepehr]

I've got a lot of catching up to do in this thread, also.  For now, I will say a few things off the top of my head.  

First, we have got to pay more attention to NXT as a 1st generation coin, and call it a coin, without "quotation marks" or apologies.  We need vendors to accept it and people to want it.  NXT cannot be mined and the ability to forge it requires one to buy it on an exchange first.  We have to give people a reason to buy NXT.  That reason cannot be as a stake to forge more NXT because without exception newcomers are dramatically disappointed when they figure out the true numbers that underlie NXT forging. Doge has a fun factor.  NXT has zero fun factor.  It is a frustrating experience all the way thru - getting a client set up and running, dealing with a super long password or losing all your NXT if you don't, realizing you're not going to make anything of true value by forging with small stake quantities, asking yourself what can you do with this coin you just bought....  Repeat:  NXT is frustrating, Doge is fun.  WE MUST LEARN FROM DOGE AND BE FUN.

Second, we have got to identify just what is 2nd generation about this coin that we really truly are going to support.  Mixing/Zerocash anonymity?  Peer to peer AE?  Multisig gateways to other coins?  Transparent forging TF to get high transaction speed?  Multiple blockchains?  Pruning the main blockchain?  BCNext's latest out-of-left-field proposal for instant transactions based on some kind of multiple account?  Jesus, even the guy with the secret plan is proposing new ideas before completely revealing his old ideas.  This gives me a headache and a stomach ache at the same time.  

TF and 1000TPS is what sold me on this coin and is the ONLY feature we have that is above and beyond all Bitcoin clones and even Etherium on the horizon.  I get that 1000TPS would take dev work, but I thought TF was a done deal.  Now it's not?

Third, we have got to pull together as a team and FOCUS.  FOCUS.  FOCUS.  Maybe the funding committees are the start of this.  I hope so.   I would go so far to say that there needs to be yet another committee election, for a leadership committee, one with no money or unspent NXT behind it at all, just the raw power to say "NXT IS GOING TO DO THIS."  and whose members then can stand up on a stage, virtual or real, in front of people and tell them that NXT is on a course to SOMEWHERE.

Maybe I'm just in dictator withdrawal from pushing the election over the goal line.   Maybe sleep will help.  G'nite.

 

I'm totally agree with Ricky James! We need a Leadership Committee for sure this Leadership Committee should consider many conditions and study many opportunities and consult all committees and at last judge which project is more important than the others.

We have dictatorship and Anarchy! But we have Leadership as well.

In my humble opinion as a newbie to Nxt this community is very good and one of the bests but lack a good leadership.

If you agree for such Leadership Committee I'm ready to have my full time for it. to be a member of it or just to help the members to manage it.

IMHO this committee needs some elders but sharp guys just like Ricky James himself.

Please decide.

[chanc3r]

Okay, I'll admit it...  I'm confused.

Why is there a big push to steer away from some of the original goals for Transparent Forging, Instant Transactions, and Leasing Forge Power?

What other risks or drawbacks might I be missing?

This is the big disadvantage to the infinite thread. These kinds of things have to keep getting rehashed whenever someone comes in fresh after a long day. It would be nice if we could be compiling some kind of repository as we go.

It's such a difficult thing to answer this question because so many ideas, suggestions and brain storms are being thrown around.

Anyone want to take this?

I disagree with the "big push away" I think there is a "big push to get it right".

From what I know the implementation of TF and Leased Forging is continuing, no one has said it hasn't, but no solution is ever perfect, there are always compromises and this thread is a good way for people to talk about what they see as consequences, if discussed they either are not material or they are and perhaps the solution can improve to address them.

In some cases like Instant Transactions, CFB started this process by asking for feedback on the proposed implementation before it was done...

I agree with Smaragda we have key things to complete like the AE, TF, Leased Forging and Instant Transactions + the Clients... This will allow NXT to evolve and gain some traction, more funky stuff can then be developed but there is no harm talking about it now as long as it doesn't distract us from delivering those core things.

There is a newsletter to help people understand current thinking, opinions, progress etc and I thought Apenzl always put in updates on key topics like AE, TF although I might be wrong.

[oldnbold]

I think NXT's best chance of achieving fast transactions is to offload them onto a parallel blockchain which is secured selectively by large stakeholders using high end hardware.

I would like to offer up a suggestion as to how the Nxt project could move forward in a way that can please both those wanting high performance and those wanting forging on low-grade hardware whilst at the same time solving the initial distribution *problem*.

The suggestion is NXG (Nxt Green or Nxt Gen if you prefer) which would be a separate currency to NXT but still based on NxtCore. It would use a different blockchain to NXT and also a different port for its comms. When AT is implemented a use case would be added for atomic cross-chain transfers between NXT and NXG.

In order to obtain NXG an "exit account" would be created (in much the same way that Mastercoin did) and all funds sent to that account would be used to pay for the development of NXG. The distribution of NXG would be up to its supporters to work out but presumably it would be such that those who have been so far unhappy with the distribution of NXT will be happier.

I would suggest the fees for NXG would be kept much higher than those for NXT making it appealing to those with low-grade hardware to forge (assuming NXG is going to still push the forging angle).

If the community decided to go down this path then I think TF *as originally planned* (i.e. with the "penalty") should proceed for the NXT blockchain and the major focus for the NXT blockchain would be to lower fees and achieve extremely high TPM figures that will appeal to "big business".

Yes - a very good  idea.

NXT and what's built on top of it could then truly become all things to all people.

As regards the name, how about NXTINT?

[BrianNowhere]

If you have a dictionary with only 1626 words, and you randomly pick 12 words from the dictionary, it should be fine even if the words are correctly spelled with no caps or special characters. like this:

"study build beard problem praise keep horrible mark nice month day student"

If these 12 words were randomly picked from 1626 word dictionary, that is 128-bit entropy.

1626^12 = 3.4154387002817342781797097590636e+38
2^128 = 3.4028236692093846346337460743177e+38

By the way, Curve25519 only offers 128-bit security, so choosing a password stronger than 128-bit doesn't really do anything. If the attacker can break 128-bit password, he might just as well break Curve25519

Thanks!

[^[GS]^]

NXTio.org... waiting confirmations...

Last Forged Blocks

Block 13850722686913980333 (1.00 NXT) - Remaining 1025 confirmations.
Block 17798388046016202810 (1.00 NXT) - Remaining 1031 confirmations.

Peer forging with 0.8.8

______________

There is a new project launched NXTio will grow!

[verymuchso]

I imagine a passphrase generator integrated in Nxt clients, similar to the one used in Electrum client for Bitcoin, with state of the art random generator and possibly a larger dictionary (Electrum uses 1600 words).

Hi, I really like your idea and wan't to implement that in Offspring (actually already did that with the Eglish list). It seems there are lists of words for most languages http://world.std.com/~reinhold/diceware.html available.

I would like some input on the algorithm to combine the words and if and how to generate entropy with the mouse. It does for sure look really interesting to the average user (moving your mouse around to generate a password) but does it make a difference in the case of Curve25519 between doing that and using SecureRandom?

Also great care is put into correctly providing a seed to the PRNG in SecureRandom and you are warned against providing your own seed (which is basically what you do when you move your mouse around and call SecureRendom.setSeed([MOUSE MOVEMENT ENTROPY]) ), so what is more secure? Default (and optimized) SecureRandom or SecureRandom with mouse movement as seed?

Code:

DiceWords words = new DiceWords();
SecureRandom rand = SecureRandom.getInstance("SHA1PRNG", "SUN");
    
byte[] bytes = new byte[8];
rand.nextBytes(bytes); // initialize seed
    
StringBuilder sb = new StringBuilder();
for (int i = 0; i < 12; i++) {
  String word = words.getDiceWd(rand.nextInt());
  sb.append(word).append(' ');
}
sb.deleteCharAt(sb.length() - 1);
String passphrase = sb.toString();

Edit: changed the algorithm to explicitly use SHA1PRNG instead of the platform default, call to nextBytes is to force PRNG to seed itself securely

[bitcoinpaul]

Play nice, kids, we are all on roughly the same side.

+1

 Get the White Paper and Audit done.

Any new on the ongoing audit?

Make a simple payment module for the Web. Get merchants on board, sell/buy stuff with NXT as a first gen currency.

Any news on that?

Think more about marketing. The crypto market is maturing, we need branding to succeed and achieve mass adoption. (I hate to say it....but I think it's true)

+1

I was going to suggest that we invite one/both of the Cointropolis guys to act as extra members on the Marketing committee.....but that seems to have ended in tears. Pity, I hated SoL, but they did seem to have some really good input otherwise, loved the Star Trek convention currency idea. Is that still happening ?

It is really sad that the decision to leave was based on one statement of another guy. Especially, since not getting elected for the committee (unclaimed coins!) doesn't mean the community doesn't want or need one to work on Nxt. I think this is the biggest fucked up misunderstatement. Think about it for a moment and your head will explode.

[eightspaces]

are you guys still buying more nxt or just waiting for it to finally go up?

im thinking of buying more but there is no buy support? why? seems like lots of good development

[barbierir]

Hi, I really like your idea and wan't to implement that in Offspring (actually already did that with the Eglish list). It seems there are lists of words for most languages http://world.std.com/~reinhold/diceware.html available.

thanks, I can't offer suggestions because I don't know programming. There are some online generator that use the diceware dictionary, like this one: https://entima.net/diceware/
The first client who uses such feature, I'll recommend it to all friends and newbies

[bitcoinpaul]

I imagine a passphrase generator integrated in Nxt clients, similar to the one used in Electrum client for Bitcoin, with state of the art random generator and possibly a larger dictionary (Electrum uses 1600 words).
Passphrases are as strong as random alphanumeric passwords but are much easier to write and to learn by memory.

It could work in 3 steps:

Ok, I want exactly THIS in the NRS Client with wesleys user interface. Maybe an optional encrypted wallet file. Who's with me? Raise your +1s.

[bitcoinpaul]

Random thought on my previous musings...

Could it be that BCNext original plan plus something as simple as capping 'effectiveBalance' would prevent centralization of pools?

I use 'effectiveBalance' as the amount that may forge, and includes leased plus owned NXT.

For example, set the cap to 1MIL, and you would force minimum of 1,000 pools/supernodes if all NXT were used in forging.

Revisiting an old idea. But yeah, what's up with that?

[igmaca]

Only TL;DR version, coz noone would read a full one.

Okay, I'll admit it...  I'm confused.

Why is there a big push to steer away from some of the original goals for Transparent Forging, Instant Transactions, and Leasing Forge Power?

With all tradeoffs being discussed, I see a lot of genius in the original BCNext plan.

Original plan, as I see it:
* Forging power may be leased to pools by discretion of NXT owners.
* NXT owners may transfer their leased forging power at any time to another pool.
* Pools will exist as 'Supernodes', which are better protected from network attacks, and can achieve high transaction rate.
* Thusly, reliable pools can also be better prepared to authorize Instant Transactions.
* An unreliable pool (or any forger, for that matter) will be temporarily penalized (1 day) if it does not include a valid block when required.

Risks:
* Pool centralization

I personally think the pool centralization risk is overstated, and worth the risk if it otherwise means we cannot achieve 90% secure transparent forging and reliable instant transactions.  I would expect NXT businesses to offer pools as well as community-driven efforts, so should be plenty of choice in where to lease forging power of your NXT.

Final thought:
If leasing rewards are distributed equally by the architecture of Nxt core (and NOT individual pool providers), the incentive to choose one solely on returns would be limited (ie: ghash.io).


What other risks or drawbacks might I be missing?

@ jl777

Quote from: jl777 on March 08, 2014, 01:59:10 PM

We need high TPS and also support lightweight nodes

This proposal would make sense?
what do you think?


ultra hight TPS = 1000 TPS?
How Tps can drive a raspberry pi node?
if we limit the power of forging 1,000,000 nxt accounts then we have 1,000 nodes maximun and we can do the following with this 1.000 especial nodes;

can distribute the fees if a Raspberry pi node gets forge
can exchange fiat currency
can handle 1000 TPS

one Raspberry pi node to forge must be active.
if a raspberry pi node gets forge shares its fee with other nodes Raspberry Pi grouping. (which are grouped in one of the 1,000 nodes ultra hight TPS)

if blocks are forged 1440 per day means that a Raspberry Pi node with 10 nxt who shares his chance to forge receives fees every day since the probability to forge a grouping of 1,000,000 nxt is approximately 1 day.

therefore

Raspberry Pi node belonging whether to a grouping gets forge the grouping node also forging

the grouping node forges a block ultra hight TPS blok
And the Raspberry Pi node forges a lighter block

what happens if you attack one of the 1,000 nodes?

as the power to forge remains in raspberri pi nodes the network security remains unchanged.
it may happen that momentarily not reached 1,000 TPS

note the criteria to limit the power of forging an account 1,000,000 nxt is due to 1440 blocks are generated in a day and therefore the chance is about one day.

if the number of blocks per day for example increase to 14400 per day the criteria to limit the power of forging change to 100,000 nxt account as tantamount to a chance of about one day.

why one day?
because all accounts that they want to forge if they are always active every day receive fees
keeps the interest in forging and maintain the active node

[ChuckOne]

I've got a lot of catching up to do in this thread, also.  For now, I will say a few things off the top of my head.  

First, we have got to pay more attention to NXT as a 1st generation coin, and call it a coin, without "quotation marks" or apologies.  We need vendors to accept it and people to want it.  NXT cannot be mined and the ability to forge it requires one to buy it on an exchange first.  We have to give people a reason to buy NXT.  That reason cannot be as a stake to forge more NXT because without exception newcomers are dramatically disappointed when they figure out the true numbers that underlie NXT forging. Doge has a fun factor.  NXT has zero fun factor.  It is a frustrating experience all the way thru - getting a client set up and running, dealing with a super long password or losing all your NXT if you don't, realizing you're not going to make anything of true value by forging with small stake quantities, asking yourself what can you do with this coin you just bought....  Repeat:  NXT is frustrating, Doge is fun.  WE MUST LEARN FROM DOGE AND BE FUN.
[...]

Well, NXT as well as bitcoin will have a long way to be accepted by groceries.

However, paying servers, webspace etc. is feasible. I would like to see these serivces accepting NYXT first. From that we can expand. (my 2 cents)

[bitcoinpaul]

Only TL;DR version, coz noone would read a full one.

This proposal would make sense?
what do you think?

Sorry dude, I have a feeling not many guys read your long hard to understand posts.