NXT :: descendant of Bitcoin - Updated Information

[mcjavar]

Version 0.3.13 - https://dl.dropboxusercontent.com/u/67242472/nxt.zip

Added warning for secret phrases < 30 symbols.
Added extra transaction validation (@hacker: attempt ur trick again)

How about adding OTP Auth for sending coins? (should be optional)

[Kyune]

Added warning for secret phrases < 30 symbols.

This may help some, but it is worth noting that human brains are notoriously poor at generating enough entropy for a good brainwallet passphrase.   Bitcoin lore already has too many stories of brainwallets drained by attackers running dictionary attacks.  I've seen discussions here, on reddit, on on blogs that provide proof-of-concept code showing how attackers can maintain a local copy of a blockchain and execute a dictionary attack while entirely offline.  The operating assumption (for Bitcoin) is that these attacks are underway and increasingly sophisticated.  

Presumably, the same kind of attack could be tailored to the Nxt Java client here, particularly once the source code is released.  If the value of Nxt rises, Nxt brainwallets would become a more tempting target for any attackers that have already honed their skills on cracking bitcoin brainwallets in the past.

Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.

[bizz]

Added warning for secret phrases < 30 symbols.

Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.

I just disconnected from Internet, started the client & generated offline cold storage address (wallet).

[nexern]

So anybody who has a suggestion or offer for Nxt project, please post it here or preferably open a new thread and let people comment, discuss and decide about your idea there.

Not intending to intrude, but we may have quite a bunch of active folks lurking / setting up here in the Bounty requests & assignments at nextcoin.org. Soonish we will have a built in facility to send bounty NXT to each other WITHIN the forum.

nice, you have a ticker.
can i use this tickerdata on blockchain explorer?
showing the actual nxt quote there would be nice.

[Drexme]

So anybody who has a suggestion or offer for Nxt project, please post it here or preferably open a new thread and let people comment, discuss and decide about your idea there.

Not intending to intrude, but we may have quite a bunch of active folks lurking / setting up here in the Bounty requests & assignments at nextcoin.org. Soonish we will have a built in facility to send bounty NXT to each other WITHIN the forum.

If you want to donate to the cause here's my address: 8333778433828768082

We need translators for:
Español (Spanish)
Türkçe (Turkish)
Magyar (Hungarian)
Lietuviai (Lithuania)
Polski (Polish)
Pyccкий (Russian)

For topics:
What is NXT?:               http://nextcoin.org/index.php/topic,104.0.html
Windows Install Guide:    http://nextcoin.org/index.php/topic,4.0.html
Mac OS X Installation:    http://nextcoin.org/index.php/topic,101.0.html
NXT Info:                     http://nextcoin.org/index.php/topic,14.0.html

I'm personally paying 250 per translations that are not already in the boards. Do not use Google Translate!

Just message PM me the link of the translated topic
with your NXT address.

Thanks in advance  

[starik69]

There is no "cold storage" alternative offered.

You are wrong. The code that transforms passphrase into account number is open. Moreover, on this forum were presented two offline programs to generate "nice" account numbers like vanitygen for bitcoin. You can ever make an analog of directory.io with all passphrases and corresponding account numbers.
It is cryptogtaphy, baby 

[nexern]

So anybody who has a suggestion or offer for Nxt project, please post it here or preferably open a new thread and let people comment, discuss and decide about your idea there.

Not intending to intrude, but we may have quite a bunch of active folks lurking / setting up here in the Bounty requests & assignments at nextcoin.org. Soonish we will have a built in facility to send bounty NXT to each other WITHIN the forum.

btw, the output is a valid json standard or is there a missing comma after each array?
one more thing, if you add a unix timestamp to each array, time math and aggregations
for data visualisations are much easier and faster. could you add this to your cgi output?

[GCInc.]

btw, the output is a valid json standard or is there a missing comma after each array?
one more thing, if you add a unix timestamp to each array, time math and aggregations
for data visualisations are much easier and faster. could you add this to your cgi output?

Yes, feel free to use the ticker. Timestamp added, please use a less resource intensive version at

http://dgex.com/API/trades.json

It updates on the server once every minute.

[nexern]

btw, the output is a valid json standard or is there a missing comma after each array?
one more thing, if you add a unix timestamp to each array, time math and aggregations
for data visualisations are much easier and faster. could you add this to your cgi output?

Yes, feel free to use the ticker. Timestamp added, please use a less resource intensive version at

http://dgex.com/API/trades.json

It updates on the server once every minute.

great, this one looks fine. a poll intervall of 3 min. is ok?

[GCInc.]

great, this one looks fine. a poll intervall of 3 min. is ok?

Yea no problem with that, a static file it's hopefully gonna carry some decent load before throttle limiting needs to be considered.

[demols]

Added warning for secret phrases < 30 symbols.

Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.

I just disconnected from Internet, started the client & generated offline cold storage address (wallet).

How to change the secret phrases ?

[nexern]

great, this one looks fine. a poll intervall of 3 min. is ok?

Yea no problem with that, a static file it's hopefully gonna carry some decent load before throttle limiting needs to be considered.

very good, thanks. tomorrow i will process this data and link to your site.
please give me a note if poll frequency need to be lowered to save your
bandwith.

[idev]

Added warning for secret phrases < 30 symbols.

Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.

I just disconnected from Internet, started the client & generated offline cold storage address (wallet).

How to change the secret phrases ?

Passwords can not be changed. You will need to create a new account with a new password.

[Taxidermista]

After 38 hours my NXT deposit at dgex.com is still PENDING.

[mcjavar]

I am reading about NXT a lot, but still can´t understand how the calculation and validation is working?

Is my PC actually doint anything if I am running the client? Wht does it mean if I process a block? What happens in the background? (I would also try to summarize it and add it to the FAQ if I would understand that)

Could someone please answer this?

[Chang Hum]

Added warning for secret phrases < 30 symbols.

Unlike Bitcoin, Nxt presently relies solely on brainwallets as the means of user authentication.  There is no "cold storage" alternative offered.  I see this security model as a vulnerability, and as future PR problem hurting mainstream adoption if Nxt coin heists do start happening.   Brainwallets are surprisingly tough to get right for the unsophisticated user.

I just disconnected from Internet, started the client & generated offline cold storage address (wallet).

How to change the secret phrases ?

Passwords can not be changed. You will need to create a new account with a new password.

Why can't an address be created that you associate a password with like Bitcoin? aside from what's happened to my account which admittedly could have been due to my own failures/recent bitcointalk problems, if you want scale-ability the current set up will surely lead to problems as the user volume gets higher even with long phrases. You'll no doubt have phrases that will have been memorized by more than one user leading to a security floor. Even using Sha256, leads back to the original password or phrase!

[Chang Hum]

I am reading about NXT a lot, but still can´t understand how the calculation and validation is working?

Is my PC actually doint anything if I am running the client? Wht does it mean if I process a block? What happens in the background? (I would also try to summarize it and add it to the FAQ if I would understand that)

Could someone please answer this?

As I understand it running your client helps confirm transactions, confirming transactions rewards you from transaction fees based on how many coins you already have (more coins, higher reward).

[mcjavar]

I am reading about NXT a lot, but still can´t understand how the calculation and validation is working?

Is my PC actually doint anything if I am running the client? Wht does it mean if I process a block? What happens in the background? (I would also try to summarize it and add it to the FAQ if I would understand that)

Could someone please answer this?

As I understand it running your client helps confirm transactions, confirming transactions rewards you from transaction fees based on how many coins you already have (more coins, higher reward).

But hw does the confirmation works? What is my client doing?

[Chang Hum]

I am reading about NXT a lot, but still can´t understand how the calculation and validation is working?

Is my PC actually doint anything if I am running the client? Wht does it mean if I process a block? What happens in the background? (I would also try to summarize it and add it to the FAQ if I would understand that)

Could someone please answer this?

As I understand it running your client helps confirm transactions, confirming transactions rewards you from transaction fees based on how many coins you already have (more coins, higher reward).

But hw does the confirmation works? What is my client doing?

In the client area you'll see strings of numbers constantly flickering and changing in the peers and blocks area. These set's of flickering numbers are like happy mini robots that will work day and night to make the chain successful. Sorry don't know.

[lyynx]

After 38 hours my NXT deposit at dgex.com is still PENDING.

This is not the dgex.com forum, either go to their dedicated forum thread http://nextcoin.org/index.php/topic,3.0.html or send them an email.