Bitcoin Forum
December 12, 2024, 04:54:39 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 [2388] 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 ... 2557 »
  Print  
Author Topic: NXT :: descendant of Bitcoin - Updated Information  (Read 2761621 times)
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 23, 2014, 09:09:57 PM
 #47741

How can I get a trusted list of transaction hashes to know what to lookup?

Scanning each block for all transactions to find asset transfers is the only way I know of to get a list of asset transfers for an asset (or acct). For buy/sells, getTrades gets the list, but again I think it is a list of txids...

To go to an unmalleable hash based tx wouldnt there need to be a method to get all the transactions without ever using txid?
http://localhost:7876/test for a listing of all available APIs and their parameters.

getAccountTransactions supports filtering by type and subtype, you can get asset transfer transactions for a given account. But this still returns transaction id's only, not the full transaction json. The API needs improvement.

Are you sure you need to use the hash and not just the transaction id? IDs are still guaranteed to be unique and continue to be used as the unique identifier internally. Hashes are used to make sure no new transactions are accepted that are duplicates (in all fields other than the signature) of an existing transaction even though they may have a different id.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
EvilDave
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1001



View Profile
March 23, 2014, 09:15:31 PM
 #47742

cos i feel so loved here Grin

hey pinarello, alles goed met je ? Smiley
Gotverdomme...een stealth-Nederlander!

Nulli Dei, nulli Reges, solum NXT
Love your money: www.nxt.org  www.ardorplatform.org
www.nxter.org  www.nxtfoundation.org
jl777
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 23, 2014, 09:16:20 PM
 #47743

How can I get a trusted list of transaction hashes to know what to lookup?

Scanning each block for all transactions to find asset transfers is the only way I know of to get a list of asset transfers for an asset (or acct). For buy/sells, getTrades gets the list, but again I think it is a list of txids...

To go to an unmalleable hash based tx wouldnt there need to be a method to get all the transactions without ever using txid?
http://localhost:7876/test for a listing of all available APIs and their parameters.

getAccountTransactions supports filtering by type and subtype, you can get asset transfer transactions for a given account. But this still returns transaction id's only, not the full transaction json. The API needs improvement.

Are you sure you need to use the hash and not just the transaction id? IDs are still guaranteed to be unique and continue to be used as the unique identifier internally. Hashes are used to make sure no new transactions are accepted that are duplicates (in all fields other than the signature) of an existing transaction even though they may have a different id.

Fantastic page! I missed it.

I am not sure of anything about this hash stuff. It sounds like I can continue to index everything by txid, but put in a check to make sure that there is no other txid with the same hash?!

Sorry if I am asking silly stuff. It sounded like people could fiddle with txid and that I couldnt trust txids to be valid. From what you are saying, it sounds like this is not the case. The attack the hash is addressing is people submitting the same transaction and making it look like a totally new one. So if I make sure that there is no conflict at the transaction hash level, we will know this didnt happen.

If there is a collision of the transaction hash, which one is the imposter? I guess safer to invalidate both?

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
lyynx
Sr. Member
****
Offline Offline

Activity: 380
Merit: 275



View Profile
March 23, 2014, 09:19:08 PM
 #47744


Just bumping this, we cannot allow disinformation to run unchecked.

mr_random
Legendary
*
Offline Offline

Activity: 1344
Merit: 1001



View Profile
March 23, 2014, 09:20:58 PM
 #47745

nxt is for geeks, not for average joe.


What do you think Bitcoin started off as?  Roll Eyes

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
mikesbmw
Sr. Member
****
Offline Offline

Activity: 338
Merit: 250


View Profile
March 23, 2014, 09:23:09 PM
 #47746

cos i feel so loved here Grin

hey pinarello, alles goed met je ? Smiley
Gotverdomme...een stealth-Nederlander!

godverdomme* Hè jakkiebah* Smiley

FIFY

NXT: Next Generation of Cryptocurrency http://nxtcrypto.org
NEM:New Economy Movement http://www.ournem.com/
opticalcarrier
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
March 23, 2014, 09:26:57 PM
 #47747


Can I summarise the SSL situation as:

 No SSL on nodes. Not needed.

 SSL on forums/wiki may be useful, if only as security theater.

 Wesleys client must have SSL in order to function securely. http://nxtra.org/nxt-client/

Correct me if i'm wrong.



My client doesn't need SSL to function securely (No passwords are sent to the server). Jean-luc talks about privacy. Not sure what he means by that though. However if you want to forge, the API requires that you send your password so that does needs SSL.


SSL is needed to ensure that javascript client is not manipulated during transmission

 

depending on the client and how "light" it is, this may/not be the case (assuming a not-so-light-client does verify the returned bytes before signing).  But it always IS the case that its possible to tie an account ID to IP address if not using SSL.  But the infrastructure committee deems tor to be the solution.  Im about to upgrade all my VPSs to 0.8.12 and will remove SSL.  So everyone prepare for the howls of "ahhhh, now we dont have to use the java client, but we have to figure out TOR???"

Wesley, can your client be configured to also handle its own DNS, and route DNS requests through tor or does it hand DNS off to the OS?  if the latter then this setup will leak DNS even if tor is used.
^[GS]^
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
March 23, 2014, 09:28:44 PM
 #47748

I have a bug report!

This is happening, since I can remember.

If I unlock an account at the node, the blocks are always kept updated. (0.7.x+)
But if I unlock more than one account, the blocks are retarded and need to restart every 24 hours to be updated.  Angry

I'll make logs, so they can see if something special happens.  Wink

Greetings!
Sebastien256
Hero Member
*****
Offline Offline

Activity: 715
Merit: 500



View Profile
March 23, 2014, 09:30:47 PM
 #47749

I have a bug report!

This is happening, since I can remember.

If I unlock an account at the node, the blocks are always kept updated. (0.7.x+)
But if I unlock more than one account, the blocks are retarded and need to restart every 24 hours to be updated.  Angry

I'll make logs, so they can see if something special happens.  Wink

Greetings!

I'll would create a topic on the new official forum to avoid lost track of your bug. It is messy here and not the place to post bug:
http://107.170.117.237/index.php

Nxt official forum at: https://nxtforum.org/
Jean-Luc
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile WWW
March 23, 2014, 09:34:36 PM
 #47750

SSL is needed to ensure that javascript client is not manipulated during transmission
Right. But the user is getting the javascript from nxtra.org, which I presume is under Wesley's control. If so, user has to trust him (and still use SSL so it is not modified in transit), but he already is trusting him that the client he maintains is not malicious.

Now, if there is a copy of Wesley's javascript available for example at https://wallet.nxtcrypto.org, which is not under Wesley's control, we are back to where we started, the user has to absolutely trust the owner of nxtcrypto.org, as indeed even the javascript could have been modified.

lead Nxt developer, gpg key id: 0x811D6940E1E4240C
Nxt blockchain platform | Ardor blockchain platform | Ignis ICO
rickyjames
Full Member
***
Offline Offline

Activity: 196
Merit: 100


View Profile
March 23, 2014, 09:38:18 PM
 #47751

OK, everybody, your favorite dictator rickyjames here, flapping my gums wildly once more.

We've coming up on 2500 pages on this Bitcointalk thread.  What an accomplishment!!!  Woo Hoo!!!

We have a new forum that is Our Very Own at nxtforum.org .   Go ahead, enter it into your address bar of your browser, it works and it's a Simple Machine forum just like this one at Bitcointalk.  You'll feel right at home.

I've created a thread there called NXT Pub Thread - 2500 More Pages Here Or Bust

http://107.170.117.237/index.php/topic,91.0.html

I propose that 2Kool lock this thread at page 2500 and we do a mass migration over there.

It would be nice, neat, poetic closure.  And a new beginning.

Like this:

https://www.youtube.com/watch?v=gUQbLz7AoYc

C'mon, everybody.  Think Nike.  Just do it.



Conurtrol
Sr. Member
****
Offline Offline

Activity: 478
Merit: 250


View Profile
March 23, 2014, 09:39:14 PM
 #47752


Some guy from Mastercoin says about Nxt "Their proof of stake algorithm for consensus depends on developer checkpoints so without the developers it doesn't work"

Any comments from developers?
Passion_ltc
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


Crypti Community Manager


View Profile
March 23, 2014, 09:41:36 PM
 #47753

OK, everybody, your favorite dictator rickyjames here, flapping my gums wildly once more.

We've coming up on 2500 pages on this Bitcointalk thread.  What an accomplishment!!!  Woo Hoo!!!

We have a new forum that is Our Very Own at nxtforum.org .   Go ahead, enter it into your address bar of your browser, it works and it's a Simple Machine forum just like this one at Bitcointalk.  You'll feel right at home.

I've created a thread there called NXT Pub Thread - 2500 More Pages Here Or Bust

http://107.170.117.237/index.php/topic,91.0.html

I propose that 2Kewl lock this thread at page 2500 and we do a mass migration over there.

It would be nice, neat, poetic closure.  And a new beginning.

Like this:

https://www.youtube.com/watch?v=gUQbLz7AoYc

C'mon, everybody.  Think Nike.  Just do it.

+1

www.nxtforum.org

btler420
Full Member
***
Offline Offline

Activity: 128
Merit: 100


View Profile
March 23, 2014, 09:42:02 PM
 #47754


Some guy from Mastercoin says about Nxt "Their proof of stake algorithm for consensus depends on developer checkpoints so without the developers it doesn't work"

Any comments from developers?

Do you wanna say the developers are not working on Nxt? Wow Cheesy

y1.
instacalm
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
March 23, 2014, 09:42:47 PM
 #47755

can you lock this thread so only mods can comment? i think this thread is important for advertising to people on btt.. perhaps the mods could just post links to new threads on nxtcointalk? that way anyone that mainly uses btt can keep this thread in there watch list to keep up to date with new nxtcointalk threads?

If the thread here is locked, it's locked for good.
Emule
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
March 23, 2014, 09:45:04 PM
 #47756


Some guy from Mastercoin says about Nxt "Their proof of stake algorithm for consensus depends on developer checkpoints so without the developers it doesn't work"

Any comments from developers?

+1
marcus03
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
March 23, 2014, 09:45:32 PM
 #47757

If you use SSL, at least you are protecting the client privacy from the ISP and anyone who can spy along the route.

This is very easy to attack. A simple correlation between a SSL encyrpted HTTP package of matching size and the timestamp of the transaction will let a third party correlate a transaction with the originator IP. You also have to trust the node operator, since he owns the SSL certificate.

For forums and wiki SSL is indeed essential, unless we all start signing each of our posts and PMs with GPG.

+1

It does make sense to protect the Wiki and forum with SSL (I previously missed that you have to login into the Wiki) and as such, I think InfCom should fund the SSL certificate. The NRS nodes should however not use SSL.


Users of Wesley's client that sign transactions client-side will have their privacy compromised without SSL, even though the transactions and their password will be secure (assuming he is verifying the bytes before signing). I do see the value of SSL in this use case, because it is much simpler for the end user than setting up tor, and we are targeting users who presumably are not sophisticated enough to be running the Java server themselves.

I beg to differ:

  • Their privacy is easily compromised to 3rd parties even with SSL (see above).
  • Their privacy is always compromised to the node operator since he owns the SSL certificate, thus this is still not a trustless solution.
  • If privacy is needed, Tor can deliver.
  • I've added support for Tor in my client in like 2 hours (version not yet released). It will come with the tor.exe client and my NXT client simply starts the Tor client if Tor is not running already and shuts it down again on exit if it was started by my client.
    All the end user has to do is set the checkbox to use Tor. I also have proposed a bounty for client developers who implement support for Tor (https://bitbucket.org/nxtinfrastructure/committee/issue/33/tor-enabled-capable-nxt-clients) since this would solve the privacy issue very efficiently.

....and we are targeting users who presumably are not sophisticated enough to be running the Java server themselves.

Well, then we exclude these users from forging, since we can't really encourage them to send account secrets to public NRS nodes (even with Tor and SSL used).

I fear that the secretPhrase parameter for forging will backfire on us some day. IMHO, forging (and anything else that needs a secretPhrase parameter) should only be possible when the request comes from localhost.

salsacz
Hero Member
*****
Offline Offline

Activity: 490
Merit: 504


View Profile
March 23, 2014, 09:47:43 PM
 #47758


I propose that 2Kool lock this thread at page 2500 and we do a mass migration over there.


-1. This thread on Bitcointalk is a massive free advertisement of Nxt
salsacz
Hero Member
*****
Offline Offline

Activity: 490
Merit: 504


View Profile
March 23, 2014, 09:49:19 PM
 #47759


Some guy from Mastercoin says about Nxt "Their proof of stake algorithm for consensus depends on developer checkpoints so without the developers it doesn't work"

Any comments from developers?

PoS checkpoints are used in Peercoin etc. Nxt solved this problem, it doesn't use checkpoints...
farl4web
Legendary
*
Offline Offline

Activity: 1205
Merit: 1000



View Profile
March 23, 2014, 09:50:01 PM
 #47760

cos i feel so loved here Grin

hey pinarello, alles goed met je ? Smiley
Gotverdomme...een stealth-Nederlander!

godverdomme* Smiley
Ga jullie mond wassen, goDverdomme!  Grin
Pages: « 1 ... 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 [2388] 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 ... 2557 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!