Bitcoin Forum
April 14, 2021, 02:13:17 PM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 [2112] 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 ... 2560 »
  Print  
Author Topic: NXT :: descendant of Bitcoin - Updated Information  (Read 2760179 times)
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 09, 2014, 11:00:03 AM
 #42221

What does your implementation of words.getDiceWd look like?

It picks directly from an array of words. Why?

How do you map the integer type parameter down to the range of items in the dictionary?

int & 0X1fff returns a value between 0 (inclusive) and 8191 (inclusive)


This is like a modulo operation right? Like "(int mod 8192)". If so, it puts a (very) slight preference on the first entries in the dictionary.

I don't have a cryptographic background, but it seems like one of these tiny things cryptographic people look for. Or it's just me being paranoid..

I think the simplest way to do it is to just generate  a 128-bit random number, then represent ('convert") it to to base 1626 (1626 word dictionary).

NXT-GZYP-FMRT-FQ9K-3YQGS
https://nxtforum.org
1618409597
Hero Member
*
Offline Offline

Posts: 1618409597

View Profile Personal Message (Offline)

Ignore
1618409597
Reply with quote  #2

1618409597
Report to moderator
1618409597
Hero Member
*
Offline Offline

Posts: 1618409597

View Profile Personal Message (Offline)

Ignore
1618409597
Reply with quote  #2

1618409597
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
bitcoinpaul
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
March 09, 2014, 11:05:34 AM
 #42222

Hmm, anyone else's input on this? I believe relying on system cryptography is always better than having the user doing something (mouse movement). It will be available though, for older browsers.

I'm just speaking from a user standpoint. If it is technically not good, don't use it. Didn't thought though that mouse movement is insecure?!
marcus03
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
March 09, 2014, 11:08:04 AM
 #42223

I have not heard that before, please do point at any references if you know of any. If it is true it should not be used, you are right.
In that case rand.nextInt(ARRAY.length) would be the safer bet.

I don't have a reference, but say you want to map a random value R between 0 and 15 to a value P between 0 and 9 and use P=(R modulo 10):

Code:
R   P
0   0
1   1
2   2
3   3
4   4
5   5
6   6
7   7
8   8
9   9
10  0
11  1   
12  2
13  3
14  4
15  5

As you see, having the input value R completely random, doesn't mean that P is as random, since you will get values 0 to 5 twice as often as values 6 to 9.

I picked the example to show the problem. With the very large ranges for R (e.g. integer) and very small ranges for P (e.g. 0 to 8191), the problem might just be a very theoretical one.
rriky92
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250



View Profile WWW
March 09, 2014, 11:09:48 AM
 #42224

New iNxt version 1.0.8 in AppStore

Changelog:
New exchange:Cryptsy, Poloniex
Now exchange are sorted for Volume (03/03/14)
App now uses POST instead of GET (more secure)
New API to know if account is forging
Bug fix


Download link:
https://itunes.apple.com/us/app/inxt/id802351888?l=it&ls=1&mt=8


Donations:
4894174904569783391
Great.
no price of Cryptsy?
There is cryptsy
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 09, 2014, 11:13:08 AM
 #42225

Parallel blockchains, same NXT tokens?

No - different tokens (NXT and NXG in my illustration).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
verymuchso
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


HEAT Ledger


View Profile
March 09, 2014, 11:17:35 AM
 #42226

the problem might just be a very theoretical one.

Maybe. But you proved your point. Thanks.

redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1042


#Free market


View Profile
March 09, 2014, 11:22:25 AM
 #42227

Did you want some TestNxt ?
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 09, 2014, 11:23:04 AM
 #42228

I think entropy from mouse is needed for javascript (like wesley client) -- not for Java's SecureRandom

As for words, as I said, don't use cryptic words from diceware. 1626 simple words dictionary will just work fine for 128-bit entropy.


Actually, newest browsers have crypto.getRandomValues - so no mouse movement needed in those cases. Of course still necessary for older browsers.

Well, even if it is not technically necessary for most of the browsers, we should use the mouse movement because

1. With this, we make sure every user (no matter which browser) has a secure account (using mouse movement only on older browsers gives no common picture of the client on every computer. looks insecure)
2. It gives a secure feeling because the user is part of the process

Hmm, anyone else's input on this? I believe relying on system cryptography is always better than having the user doing something (mouse movement). It will be available though, for older browsers.

Its not really needed if cryptographically secure number generator is available,  but it won't really hurt. It will just add more entropy if you start with crypto gen and the user adds more entropy with mouse movements.






NXT-GZYP-FMRT-FQ9K-3YQGS
https://nxtforum.org
bitcoinpaul
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
March 09, 2014, 11:24:15 AM
 #42229

Parallel blockchains, same NXT tokens?

No - different tokens (NXT and NXG in my illustration).



Then this won't work.


As long as in the client, the user can choose on which blockchain to broadcast his desired transaction (different cost associated to broadcasting depending one the quality of the hardware supporting the blockchain), then high TPS could happen within the nxt network if the user decide to use "fast" premium quality network for specific important transaction.


bitcoinpaul
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
March 09, 2014, 11:24:58 AM
 #42230

Its not really needed if cryptographically secure number generator is available,  but it won't really hurt. It will just add more entropy if you start with crypto gen and the user adds more entropy with mouse movements.


I really like it because it is secure, user friendly & the user feels the security.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 09, 2014, 11:26:49 AM
 #42231

Then this won't work.


As long as in the client, the user can choose on which blockchain to broadcast his desired transaction (different cost associated to broadcasting depending one the quality of the hardware supporting the blockchain), then high TPS could happen within the nxt network if the user decide to use "fast" premium quality network for specific important transaction.

True - you would use atomic cross-chain txs to move between NXT and NXG (something that AT will be able to provide).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
redsn0w
Legendary
*
Offline Offline

Activity: 1778
Merit: 1042


#Free market


View Profile
March 09, 2014, 11:27:41 AM
 #42232

I Found a bug  in the client 0.8.8 (test)

Code:
{
    "balance": 100097400,
    "effectiveBalance": -100,
    "unconfirmedBalance": 100097400
}

Why the effective balance is :


 "effectiveBalance": -100,
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 09, 2014, 11:30:56 AM
Last edit: March 09, 2014, 11:42:22 AM by Eadeqa
 #42233

I have not heard that before, please do point at any references if you know of any. If it is true it should not be used, you are right.
In that case rand.nextInt(ARRAY.length) would be the safer bet.

I don't have a reference, but say you want to map a random value R between 0 and 15 to a value P between 0 and 9 and use P=(R modulo 10):

Code:
R   P
0   0
1   1
2   2
3   3
4   4
5   5
6   6
7   7
8   8
9   9
10  0
11  1  
12  2
13  3
14  4
15  5

As you see, having the input value R completely random, doesn't mean that P is as random, since you will get values 0 to 5 twice as often as values 6 to 9.

I picked the example to show the problem. With the very large ranges for R (e.g. integer) and very small ranges for P (e.g. 0 to 8191), the problem might just be a very theoretical one.


think of  1626 words as numbers (base 1626)

1. word1
2. word2
3. word3
.
.
.
1626 word1626

so number 1627 would be equal to word1626word1

You can generate a 128-bit number (totally secure using secure random) and then convert it into words

I don't see how there can be any flaw in that implementation, as the original 128-bit was generated with secure random and it is only represented as words

This would be same as representing a binary number as hex or decimal.

 The password made with that implementation can't be any weaker than 128-bit just as converting decimal number to hex doesn't make it weaker


This by the way means only 12 words are needed to convert any 128-bit number into words


NXT-GZYP-FMRT-FQ9K-3YQGS
https://nxtforum.org
bitcoinpaul
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
March 09, 2014, 11:35:48 AM
 #42234

Then this won't work.


As long as in the client, the user can choose on which blockchain to broadcast his desired transaction (different cost associated to broadcasting depending one the quality of the hardware supporting the blockchain), then high TPS could happen within the nxt network if the user decide to use "fast" premium quality network for specific important transaction.

True - you would use atomic cross-chain txs to move between NXT and NXG (something that AT will be able to provide).


But then it is possible, so my statement is false Huh
bitcoinpaul
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000



View Profile
March 09, 2014, 11:37:47 AM
 #42235

I think BCNext talked about different fees for different transaction speeds (and/or security?). What are the implications of our two-blockchain-solution (I keep it simple for now, so only two)?

Maybe: We would have the slow one for the average user (minimal fee) and the high speed one for businesses (more fee).
MadCow
Hero Member
*****
Offline Offline

Activity: 655
Merit: 500



View Profile
March 09, 2014, 11:40:44 AM
 #42236



Unique is being blunt as fuck here, but he does have a point. More big stakeholders opening their wallets would be good, even if only to show that they do give a fuck. But we've down this road before without much results, we can't force people to fund NXT even if it is in their own best interest to do so. So lets put selfish stakeholders on the list of things to ignore, for the moment.



I thought a group of big stakeholders started a fund managed by rickyjames for jl777 to use on all his projects. Correct me if I'm wrong, but I think some of those donations were quite large. I think klee and pouncer (and others?) have funded other projects too (one involving CIYAM?).

Who & what need funding right now who aren't getting it, or aren't just about to get it from the three committees?

From my reading of this thread it sounds like we're still in the planning stage, and we already have funds for the three committees, plus the extra private funds for jl777 etc on the side.

Instead of criticizing the big stakeholders, why not focus on getting agreement on the final plan/direction for NXT, then organise that into a set of projects with a shopping list, then ask for stakeholder donations when they know who and what they're paying for.

I think many fat cats will contribute when the time comes, and I base that on past evidence. There's too much bad blood at the moment IMO, and we don't have a clear road map with a leadership group. Save the stakeholder bashing for if & when the leadership group's pleas for donations for specific projects are being ignored. Try and stay positive on the main task - the NXT roadmap!
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 09, 2014, 11:40:55 AM
 #42237

But then it is possible, so my statement is false Huh

My bad - yes indeed it is possible but it would not be something you could do quickly (it would be a process with a few steps).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 09, 2014, 11:41:13 AM
 #42238

I Found a bug  in the client 0.8.8 (test)

Code:
{
    "balance": 100097400,
    "effectiveBalance": -100,
    "unconfirmedBalance": 100097400
}

Why the effective balance is :


 "effectiveBalance": -100,

Not a bug, effectiveBalance can be negative.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
verymuchso
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


HEAT Ledger


View Profile
March 09, 2014, 11:41:19 AM
 #42239

think of  1626 words as numbers (base 1626)

1. word1
2. word2
3. word3
.
.
.
1626 word1626

so number 1627 would be equal to word1626word1
You can generate a 128-bit number (totally secure using secure random) and then convert it into words
I don't see how there can be any flaw in that implementation, as the original 128-bit was generated with secure random and it is only represented as words
This would be same as representing a binary number as hex or decimal.
The password made with that implementation can't be any weaker than 128-bit just as converting decimal number to hex doesn't make it weaker

Just out of curiosity. Could you give a brief example, I don't immediately see how to implement this.

voldemort628
Full Member
***
Offline Offline

Activity: 155
Merit: 100


View Profile
March 09, 2014, 11:42:38 AM
 #42240

Did you want some TestNxt ?

423539966622014338
please.
cheers Smiley

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
▐ CRYPTI▐
a Node.JS coin built from scratch. With Proof of Time, Purchase and Identity. Custom blockchains and much more!
▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒
Pages: « 1 ... 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 [2112] 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 ... 2560 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!