|
wesleyh
|
 |
December 30, 2013, 07:41:22 AM |
|
How are aliases verified?
Say I want to send to an account alias (presuming this is implemented in the future), if a rogue node tells me that nxt:name links to acct:000000001 (attacker account) instead of acct:3209075099254042753 then I could loose my money by sending it. How is this prevented?
|
|
|
|
|
|
|
Come-from-Beyond
Legendary
 Offline
Activity: 2142
Merit: 1010
Newbie
|
|
December 30, 2013, 07:51:10 AM |
|
How are aliases verified?
Say I want to send to an account alias (presuming this is implemented in the future), if a rogue node tells me that nxt:name links to acct:000000001 (attacker account) instead of acct:3209075099254042753 then I could loose my money by sending it. How is this prevented?
U should trust only to hallmarked nodes that signed their response. If one of them sent u incorrect data u can prove that and stakeholders can vote on destroying all the stake of the rogue node. Also u can ask 2-3 nodes before sending big amounts. Edit: BCNext said that pay-to-alias would be implemented later. |
|
|
|
|
|
MyZhre
|
|
December 30, 2013, 07:52:22 AM
Last edit: April 01, 2014, 04:14:57 PM by MyZhre |
|
NXT Assets currently are issued with all of them created at once. Kind of in the spirit of NXT. However, for creating a 1:1 correspondence between the NXT AE Asset and something tangible, this issue all at once model is not quite right.
For example, in the gateway I have to exchange deposited DOGE with NXT AE DOGE. Since there are 100 billion DOGE and only 1 billion NXT AE DOGE possible, that would create a problem if more than 1% of all DOGE is deposited. For a NXTcoins that are mined at a rate of 100,000 per day it is quite important that the number of NXT assets in circulation match the number that was mined.
In order to make it easy for people to deal with these type of cases, I am creating a NXTcoins development kit where you will be able to specify (within reason) the properties of the coin, especially as it pertains to total authorized, total in circulation, creation criteria, etc.
|
NXT: 13997163105778396158
|
|
|
|
chanc3r
|
|
December 30, 2013, 07:56:10 AM |
|
Cool, tyvm will see what I can do with that.. |
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
December 30, 2013, 07:58:26 AM |
|
I'm still suffer from catching up problem,
I was stuck at some point this morning, so i restore the *.nxt files to height 23522, unfortunately i stuck 23522 for more than 5 hours;
I restart nxt several times, no help;
Show us ur well-known peers list plz. |
|
|
|
|
dzarmush
Legendary
Offline
Activity: 1806
Merit: 1001
|
|
December 30, 2013, 08:03:52 AM |
|
Question from a new nxt/btc exchange (nxtchg.com) founder: "Guys, what's the best way to check a NXT address for incoming transactions without installing the client? Block explorer? Is there an API for this sort of thing? It's needed for automated NXT deposits.".
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
December 30, 2013, 08:05:48 AM |
|
Question from a new nxt/btc exchange (nxtchg.com) founder: "Guys, what's the best way to check a NXT address for incoming transactions without installing the client? Block explorer? Is there an API for this sort of thing? It's needed for automated NXT deposits.".
An exchange must host its own client. Any other way is insecure (at least now, when hallmark protection is not used for everything). |
|
|
|
|
|
MyZhre
|
|
December 30, 2013, 08:14:00 AM |
|
I'm still suffer from catching up problem,
I was stuck at some point this morning, so i restore the *.nxt files to height 23522, unfortunately i stuck 23522 for more than 5 hours;
I restart nxt several times, no help;
Show us ur well-known peers list plz. ^M <init-param>^M <param-name>wellKnownPeers</param-name>^M <param-value>162.243.214.68; 95.85.46.164; 162.243.216.55; 162.243.143.15; 95.85.46.249; 93.190.92.74; 37.209.120.192; 93.190.92.75; 85.25.134.59; 93.190.92.76; vps1.nxtcrypto.org; vps2.nxtcrypto.org; vps3.nxtc rypto.org; vps4.nxtcrypto.org; vps5.nxtcrypto.org; nxtwallet.com; 31.220.50.208; nxt.ddos.me; 203.174.12.25; 88.198.142.92; 66.197.138.90; 64.120.180.106; 109.230.224.65; 80.86.92.50; node1.nextcoin.it; node2.nextcoin.it; node3.nextco in.it; node4.nextcoin.it; node5.nextcoin.it; nxt.homer.ru; 31.204.130.123; 209.222.0.194; 209.222.16.10; node1.nxtbase.com; node11.nxtbase.com; node21.nxtbase.com; node27.nxtbase.com; node31.nxtbase.com; node41.nxtbase.com; node51.nxtba se.com; node61.nxtbase.com; node71.nxtbase.com; node81.nxtbase.com; node84.nxtbase.com node91.nxtbase.com; node95.nxtbase.com; node98.nxtbase.com; 85.214.222.82; 78.46.95.28;</param-value>^M </init-param>^M There are more than 40 active peers listed, communication seems good. |
NXT: 13997163105778396158
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
December 30, 2013, 08:17:25 AM |
|
There are more than 40 active peers listed, communication seems good.
Set "communicationLoggingMask" to "3", "pullThreshold" to "1" and "readTimeout"/"connectTimeout" to higher values. The log will show what is wrong. |
|
|
|
|
laowai80
Member
Offline
Activity: 98
Merit: 10
|
|
December 30, 2013, 08:18:25 AM |
|
NEWSOn the 3rd of January the source code of basic features will be published for peer review. BCNext decided to make it more interesting to do a review, so the code will contain 3 security flaws - serious, critical and fatal ones. The 1st person who reports one of these flaws in a special thread will get a reward (1'000, 10'000 and 100'000 NXT accordingly). There will be SHA256 hashes of flaw descriptions published, the descriptions will be revealed after the flaws r reported. If some unreported ones left after 3 months, BCNext may decide to reveal them at any time. PS: This has a nice side-effect, copycats have to wait for full disclosure or do their own research.  Is this still the plan? I mean the flaws. |
|
|
|
|
|
lophie
|
|
December 30, 2013, 08:19:01 AM |
|
Question from a new nxt/btc exchange (nxtchg.com) founder: "Guys, what's the best way to check a NXT address for incoming transactions without installing the client? Block explorer? Is there an API for this sort of thing? It's needed for automated NXT deposits.".
An exchange must host its own client. Any other way is insecure (at least now, when hallmark protection is not used for everything). So tiring to code.... The one I am working on is without hot wallet and seek consensus over multiple self hosted highly hallmarked nodes. |
Will take me a while to climb up again, But where is a will, there is a way...
|
|
|
dzarmush
Legendary
Offline
Activity: 1806
Merit: 1001
|
|
December 30, 2013, 08:24:00 AM |
|
I see that the blockchain explorer server is down for 24h.
Does this mean that there will be no transactions between DGEX and our wallets for the next 24h?
Thanks
blockchain explorer is just a website with stats |
|
|
|
|
joefox
|
|
December 30, 2013, 08:24:20 AM |
|
I see that the blockchain explorer server is down for 24h.
Does this mean that there will be no transactions between DGEX and our wallets for the next 24h?
Thanks
No. The two sites are completely unrelated and do not depend on each other. |
|
|
|
|
coolfish
|
|
December 30, 2013, 08:30:16 AM |
|
The account secret Phrase is dangerous! Even setting more than 60 characters and contains special symbols. Imagine, when the future of NXT popular, maybe just one random password combination can open an random account.  |
Nxt:17482068461146780755
|
|
|
dzarmush
Legendary
Offline
Activity: 1806
Merit: 1001
|
|
December 30, 2013, 08:32:38 AM |
|
The account secret Phrase is dangerous! Even setting more than 60 characters and contains special symbols. Imagine, when the future of NXT popular, maybe just one random password combination can open an random account. The sun will blow up sooner ) |
|
|
|
|
MyZhre
|
|
December 30, 2013, 08:34:00 AM |
|
There are more than 40 active peers listed, communication seems good.
Set "communicationLoggingMask" to "3", "pullThreshold" to "1" and "readTimeout"/"connectTimeout" to higher values. The log will show what is wrong. There are lot of logs like this: [2013-12-30 16:28:36.539] "209.222.0.194": {"blockId":"9925845212617437891","requestType":"getNextBlocks"} >>> java.io.IOException: Premature EOF
[2013-12-30 16:29:14.248] "node3.nextcoin.it": {"blockId":"9925845212617437891","requestType":"getNextBlocks"} >>> java.io.IOException: Premature EOF
[2013-12-30 16:29:49.957] "209.222.0.194": {"blockId":"9925845212617437891","requestType":"getNextBlocks"} >>> java.io.IOException: Premature EOF
[2013-12-30 16:30:24.736] "64.237.37.148": {"blockId":"9925845212617437891","requestType":"getNextBlocks"} >>> java.io.IOException: Premature EOF
[2013-12-30 16:30:59.489] "209.222.0.194": {"blockId":"9925845212617437891","requestType":"getNextBlocks"} >>> java.io.IOException: Premature EOF
does this mean my blockchain file corrupted? I always restart nxt by Ctrl+C |
NXT: 13997163105778396158
|
|
|
|
coolfish
|
|
December 30, 2013, 08:40:52 AM |
|
The account secret Phrase is dangerous! Even setting more than 60 characters and contains special symbols. Imagine, when the future of NXT popular, maybe just one random password combination can open an random account. The sun will blow up sooner ) Try traverse password dictionary, login, maybe can successfully enter some people's account..  |
Nxt:17482068461146780755
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
December 30, 2013, 08:54:07 AM |
|
Is this still the plan? I mean the flaws.
Yes. |
|
|
|
|
|
GröBkAz
|
|
December 30, 2013, 08:54:14 AM |
|
This coin needs more advertising.
|
|
|
|
|
|
