NXT :: descendant of Bitcoin - Updated Information

[zakorus]

thanks!! how do i mine now lol =)

[eid]

is anyone else missing blocks 3602-3613?

[Jcsarokin]

Hey Guys,

Have a question about the secret passphrase - I have a feeling it's genius, but I feel like I'm missing some critical piece of the logic.

The secret phrase is the only thing you need to gain access to an account. Basically the secret phrase either creates a new account, or logs you into an existing one if that phrase has already been used.

With a brute force attack, couldn't someone just try passphrases, check if it has any balance, and if not, it locks the account and goes to create / login to another one? It keeps going with phrases until it hits one that someone else has already used.

I love the login system and how the coins are stored and accessable from any computer / web browser, but the security I don't fully understand.

P.S - Well done on the exchange! Going to start testing ASAP

[gradis]

is anyone else missing blocks 3602-3613?

ye 3601 to 3613 and 3616 to 3620 & 3623 & 3625

getting these errors in command prompt as well

11/49 java.lang.nullpoinnterexception & 15/13 java.lang.nullpoinnterexception

still saving blocks though

[zakorus]

ok figured it out now. so im always mining? thats alot easier than other coins lol:)

[ParmaBTC]

Hey Guys,

Have a question about the secret passphrase - I have a feeling it's genius, but I feel like I'm missing some critical piece of the logic.

The secret phrase is the only thing you need to gain access to an account. Basically the secret phrase either creates a new account, or logs you into an existing one if that phrase has already been used.

With a brute force attack, couldn't someone just try passphrases, check if it has any balance, and if not, it locks the account and goes to create / login to another one? It keeps going with phrases until it hits one that someone else has already used.

I love the login system and how the coins are stored and accessable from any computer / web browser, but the security I don't fully understand.

P.S - Well done on the exchange! Going to start testing ASAP

What do you think about  the double confirmation of the pass phrase? 

[feomat]

Could anybody back me up and send me some coins.. i want to start with mining

1916324889791307245

[zakorus]

10706123595765255981
me too=D

[xibeijan]

Version 0.2.15 - https://dl.dropboxusercontent.com/u/67242472/Nxt.zip

Two API requests were added, so if u don't use API u don't need this update.

very good, which ones where added?

I'm waiting for the description and then I'll post in Nxt API thread.

great, very usefull!

just one thing, i have noticed that high frequent api access can freeze the node.
i am using libcurl to interface the api, setting e.g. the noKeepAlive tag works better
but this could be coincidence. does the client tcp-stack cleaning up the connection
pool correctly?  have seen many exceptions from worker threads.
as said, not sure about this but perhaps you could have a look at this.

SHA256 SUM for the 0.2.15 download?

[inkadnb]

Why is my client blacklisting so many clients? Even well known ips.

It failed to connect to them. Remove them from the blacklist time to time.

I've got 7874 open so I don't see why that's an issue. Also since I'm running it through a headless Linux shell I have no way of deleting the blacklist from the UI. Can you have it clear the blacklist periodically?

[nnn]

Why is my client blacklisting so many clients? Even well known ips.

It failed to connect to them. Remove them from the blacklist time to time.

I've got 7874 open so I don't see why that's an issue. Also since I'm running it through a headless Linux shell I have no way of deleting the blacklist from the UI. Can you have it clear the blacklist periodically?

Can't you connect via http?

[Jean-Luc]

Edit: This is now hosted at https://bitbucket.org/JeanLucPicard/vanity

I decided to clean up and improve the vanity account number generator mentioned before:
https://bitcointalk.org/index.php?topic=303898.msg3691750#msg3691750

This is the updated version:

Source code: https://dl.dropboxusercontent.com/s/gtq6vm1f346oqyy/Vanity.java

Compiled jar file: https://dl.dropboxusercontent.com/s/f9xdycfu3w73q09/Vanity.jar

sha256sums:
4d2e1e182637c564f95fea1e8864fa2364769f42e28ed4135b99b5514a7f4f1f  Vanity.jar
3d98075c9e51c99b78f0794fc402dfbfd984f609308b53a234d1efb0f024737f  Vanity.java

To run it:

Code:

java -jar Vanity.jar

In addition to searching for accounts starting with a given prefix, now it can also search for accounts containing sequences of repeating digits. So there are three modes of operation.

Without any parameters, it will start from a random 16-character secret phrase and keep appending characters to it trying to find vanity-looking accounts:

Code:

$ java -jar Vanity.jar
Using a randomly generated secret prefix: )trT-&Ubyp+d]p`k
Generating vanity accounts...
)trT-&Ubyp+d]p`kE$[ gives account number 3333335333097075555
)trT-&Ubyp+d]p`k!)o4 gives account number 8888377001144420555
)trT-&Ubyp+d]p`k!%Bw gives account number 10713333338888888154

With a single parameter, it will use this as the secret prefix instead of a randomly generated one.

Code:

$ java -jar Vanity.jar my_secret_password
WARNING: For a given secret prefix, the passwords this program generates
are always the same. Therefore, using a strong secret prefix is crucial.
Anyone who can guess your secret prefix can use this program to also
discover your password. You have been warned.
Using a user-supplied secret prefix: my_secret_password
Generating vanity accounts...
my_secret_password861 gives account number 9999679005505533333
my_secret_password!(k^ gives account number 2111114455001119991
my_secret_password"!uE gives account number 13220066661444888887

With two parameters, it defaults to the original behavior, i.e. looking for shortest account number using the first parameter as secret prefix and the second as the account prefix.

Code:

$ java -jar Vanity.jar my_secret_password 888
WARNING: For a given secret prefix, the passwords this program generates
are always the same. Therefore, using a strong secret prefix is crucial.
Anyone who can guess your secret prefix can use this program to also
discover your password. You have been warned.
Using a user-supplied secret prefix: my_secret_password
Looking for the shortest account numbers beginning with 888
Generating vanity accounts...
my_secret_password#$ gives account number 8880281789351433347
my_secret_password^7 gives account number 888082872862915443
my_secret_passwordB`O gives account number 88888386812508853

To repeat the above warning once again:
For a given user-supplied secret prefix, the sequence of generated account numbers is always the same. This is in order to keep the number of characters appended to the secret prefix small. So it is extremely important that you pick up a strong secret prefix. Anybody who can guess your secret prefix can just run this program with it to arrive at your full secret phrase. This obviously doesn't apply when you let the program generate the secret phrase randomly (i.e., running it without any parameters).

[xibeijan]

Version 0.2.15 - https://dl.dropboxusercontent.com/u/67242472/Nxt.zip

Two API requests were added, so if u don't use API u don't need this update.

What was added?

[Jcsarokin]

Hey Guys,

Have a question about the secret passphrase - I have a feeling it's genius, but I feel like I'm missing some critical piece of the logic.

The secret phrase is the only thing you need to gain access to an account. Basically the secret phrase either creates a new account, or logs you into an existing one if that phrase has already been used.

With a brute force attack, couldn't someone just try passphrases, check if it has any balance, and if not, it locks the account and goes to create / login to another one? It keeps going with phrases until it hits one that someone else has already used.

I love the login system and how the coins are stored and accessable from any computer / web browser, but the security I don't fully understand.

P.S - Well done on the exchange! Going to start testing ASAP

What do you think about  the double confirmation of the pass phrase? 

I'm not sure I've seen that anywhere - can you explain how it works?

[idev]

Can i buy Nxt on any exchange right now?

http://dgex.com

[Drexme]

Can I get some NXT to get started mining please. 8333778433828768082

I made a post https://cryptocointalk.com/topic/1692-nxt-descendant-of-bitcoin/
and put the source.

Thankyou! 

-Drexme

[inkadnb]

Why is my client blacklisting so many clients? Even well known ips.

It failed to connect to them. Remove them from the blacklist time to time.

I've got 7874 open so I don't see why that's an issue. Also since I'm running it through a headless Linux shell I have no way of deleting the blacklist from the UI. Can you have it clear the blacklist periodically?

Can't you connect via http?

It's a headless node, therefore no local UI. I can access the UI remotely but it doesn't let you delete from the blacklist because I'm not accessing locally.

Does that make sense?

[Jean-Luc]

It's a headless node, therefore no local UI. I can access the UI remotely but it doesn't let you delete from the blacklist because I'm not accessing locally.

Use an ssh tunnel to forward port 7875.
https://bitcointalk.org/index.php?topic=303898.msg3714051#msg3714051

[inkadnb]

It's a headless node, therefore no local UI. I can access the UI remotely but it doesn't let you delete from the blacklist because I'm not accessing locally.

Use an ssh tunnel to forward port 7875.
https://bitcointalk.org/index.php?topic=303898.msg3714051#msg3714051

They could connect, but please be aware passwords are submitted in clear text - better use accounts holding only small amounts.

This and no HTTPS should be fixed ASAP.

[zakorus]

so i still cant mine... wishing i had some nxt so i could start
hows everyone else faring?

10706123595765255981