NXT :: descendant of Bitcoin - Updated Information

[Come-from-Beyond]

Hey, looks like I just got robbed, too.
Someone please check this account: 12152013998194592943
They now have 147k+ from me.
Had a 40 char random password, capital, lower, numbers, symbols.
WTF?

Can u prove that ur coins were stolen?
My account passphrase < 40 chars and contains 2M, why did the thief choose ur account instead of mine? Sorry, but ur case looks more like black PR attempt.

[1715254348]

1715254348

[1715254348]

1715254348

[1715254348]

1715254348

[1715254348]

1715254348

[1715254348]

1715254348

[1715254348]

1715254348

[Come-from-Beyond]

can someone asnwer why sometimes ann account forges 2 consecutive blocks??  This happens more frequently that I would think it should

Small stakeholders don't bother with forging. Number of large ones is not very big, so u should see 2-3 blocks in a row.

[opticalcarrier]

"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."

I agree.

OK, just to bubble this to the top again, I officially request that a function be implemented in the NXT client and server that allows an account to publicly declare in the blockchain that it is closed to withdrawals until further notice.  Until this notice is given and verified, all attempts to withdraw from this account are to be deemed invalid by whoever is processing the block with the withdrawal request.

This function would be implemented by accessing a special lock page in the client software where a fee would be assessed for utilizing this option.  Clicking on the "accept fee" key on this page does two things: (1) sends out a colored coin or equivalent containing the account number, the lock notification, and the public half of an unlock code (2) displays for the user the private half of an unlock code that is to be copied down manually.

During the account lockdown period, all pending transactions on the blockchain are compared against a list of locked accounts as part of the verification process.  If the withdrawal is against a locked account, it is rejected as invalid.

To unlock the account, a user goes to a special unlock page in the client, enters the previously copied private key half generated during the original account locking, pays a fee, and sends a colored coin or equivalent containing the account number, the unlock notification, and the private half of the unlock code.  A server processing a block containing a colored account unlock code verifies the public / private keys unlock the account correctly and removes the specified account from the unlock list.  There may be a time delay while this information is propogated throughout the system and this delay would be accepted as part of the unlocking process.  

This effectively would implement two factor authentication for sending NXT from a high-value account because the sender would need both the unlock code and the original account passphrase.

This scheme is NOT the same as transferring large sums to a new and seldom used NXT account for safekeeping.  Such an account still has an extremely small but non-zero probability of being opened via a brute force or lucky hit of its password, or of being keylogged or trojaned.  Publically announced frozen accounts have a zero chance of being drained.  This difference between extremely small chance and zero is huge in the public mind and will go a long way in making the general public accept the NXT always-online brainwallet concept.

Question one:  is this technically possible, yes or no.

I proposed this a few days ago.  I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire.

[jl777]

CfB

Why can't the client deal with email verification, google authenticator or even cellphone SMS
Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?

Granted, to fully support it properly i would imagine that there would need to be some additional code in the core, but please explain your statement that it is impossible.

Client can send email i know this. Client can wait for confirmation. So if there were api calls that required aditional confirmations and this was made secure cryptographically, then at least the hacker would have to hack the email too instead of just the password. I am not clever enough to figure out how to make a cryptographically secure api call, but i imagine you or BCNext could do it

The way things are now a hacker can brute force search the entire password space and without specifically targeting anybody, targets everybody. The more nxt accounts that get funded, the more likely a hacker will stumble upon an acct.

This needs to be fixed for mass market adoption. Without it nxt value will not increase much from what it is now. There needs to be some additional layer of security that the person who creates the account can optionally enable. As it is now there is basically one nxt account and a hacker just has to be patiently mining passwords until he finds a funded account. How long does it take to see if an account exists?

If that can be done locslly on a computer, then some sort of massively parallel setup or server farm could search through trillions of accounts per second. What is the density of nxt accounts if there are one million nxt accts?

James

P.S. I am hoping this is one of the planted security flaws that was talked about. Otherwise it turns out there is mining of nxt after alll, randomly try passwords till you find a funded acct. do we really think petahashes of computing will not be aimed at all the juicy nxt accts? It doesn't matter if you never use your acct after funding it. It doesn't matter if you never use the password online if nxt accts can be mined with a brrute force search. Please tell me we can fix this

[nadrimajstor]

In that case you will need a hardware firewall in front from your VPS which  are very expensive ( ~$30k ) or you could move to some host that provides anti-ddos firewall protection ( which is also too expensive).

For a DoS attack you don't need those pricey HW firewalls... DoS should be resolved in nxt's code-base and if needed ad-hoc mitigated with simple greping/parsing server logs and applying appropriate iptables rules.
For DDoS attacks the bottleneck is the uplink... In case of DDoS having eg. 10 servers on same uplink (same data-center/rack) won't help whatever you place in front of them.
I could elaborate on poor's-man/wealthy's-man/our's-way of mitigating DDoS if anyone interested.

[Come-from-Beyond]

Pooled Forging details

A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.

Comment plz.

---
* - Effective balance == balance that used for forging

[rickyjames]

CfB

The way things are now a hacker can brute force search the entire password space and without specifically targeting anybody, targets everybody. The more nxt accounts that get funded, the more likely a hacker will stumble upon an acct.

This needs to be fixed for mass market adoption. Without it nxt value will not increase much from what it is now. There needs to be some additional layer of security that the person who creates the account can optionally enable. As it is now there is basically one nxt account and a hacker just has to be patiently mining passwords until he finds a funded account.

Amen brother, preach on.  When the public realizes that a hacker attacking NXT isn't trying to break into a specific big account but is going after ALL ACCOUNTS SIMULTANEOUSLY INCLUDING THEIRS - I'm telling you, the psychology outweighs the math.  You've got to give them some way to do something that makes them feel more secure - and actually BE more secure - than the current brainwallet scheme that requires Faith In Math.

The public ain't got no stinkin' Faith In Math.

[Come-from-Beyond]

CfB

Why can't the client deal with email verification, google authenticator or even cellphone SMS
Aren't all verifications just software that runs somewhere? Why can't that somewhere be the client?

Nxt is decentralized. Email verification, google authenticator and even cellphone SMS require centralization.

[Alias]

Pooled Forging details

A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.

Comment plz.

---
* - Effective balance == balance that used for forging

Fantastic! I was hoping this would be implemented! I have big ideas for applications of this. Will keep you guys posted.

Thanks,
Al

[jl777]

 Hackers cannot easily target specific accts, but they automatically target all accounts at once
It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.

The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all

This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!

James

[rickyjames]

"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."


OK, just to bubble this to the top again, I officially request ...BLAH BLAH BLAH.

Question one:  is this technically possible, yes or no.

I proposed this a few days ago.  I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire.

Dude, it's time to roll out the Nike slogan:  Just Do It.

[utopianfuture]

"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."


OK, just to bubble this to the top again, I officially request ...BLAH BLAH BLAH.

Question one:  is this technically possible, yes or no.

I proposed this a few days ago.  I believe it is possible, but would require extensive rewrite, as different pairs/keys would have to be implemented, and I dont believe the current curve/sha256 implementation of the hashing is compatible with what we desire.

Dude, it's time to roll out the Nike slogan:  Just Do It.

Who want the Nike justdoit alias ? just contact me

[Come-from-Beyond]

Hackers cannot easily target specific accts, but they automatically target all accounts at once
It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.

The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all

This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!

James

This is client issue. U should ask Nxt client devs to use wallet.dat approach.

[Anon136]

Pooled Forging details

A special type of transactions will be used to lease part or all forging power to one or several accounts. These accounts will sign blocks and decide what transactions to include into them. Fees will go to leasee accounts, not to leasors. This may lead to centralization (similar to Bitcoin) so leasor accounts r not advised to lease more than 50% of their effective* balance. Splitting 100% effective balance among different leasee accounts won't work coz of Sybil attack.

Comment plz.

---
* - Effective balance == balance that used for forging

I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.

[timmyd]

Hackers cannot easily target specific accts, but they automatically target all accounts at once
It is like parallel mining of btc and nmc at the same time, but it is parallel mining of all nxt accts, so the more nxt accts the higher the probability of getting a hit.

The only defense against this i can see, other than additional security in the client and or core, is to split up your funds into tiny amounts across many accts. of course this just increases the hackers chances that much more, but at least you only lose a small percentage of what you have instead of all

This is a SERIOUS issue and responses like get a stronger password are not responsive. We need an actial solution to this problem, BCNext you are our only hope!

James

This is client issue. U should ask Nxt client devs to use wallet.dat approach.

Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security?
Will nrs always be able to connect u to ur account even if a new client comes out

[EpicThomas]

Both bitcoin and nxt generate your address from a 256bit key.
The only problem is that bitcoin generates your private key while nxt uses sha256(pass) to get your private key.

I think a lot of people would feel safer letting nxt itself generate the private keys.

[Come-from-Beyond]

I think this is the wrong way. what we need are clients that fore seamlessly, so even though the chance of winning will be minuscule, there will no no cost to forging, no barrier to entry so people will do it anyway. People pay to play the lottery now don't they? This lottery would be free to play, i think there is definitely some appeal there for users.

BCNext was forced to offer such the way coz small stakeholders won't bother with forging due to very high variation. Less coins forge - cheaper attacks.

[Come-from-Beyond]

Even if it is a client issue. Wouldnt the hacker just continue to use nrs? Instead of targeting accounts thru a new client with extra security?
Will nrs always be able to connect u to ur account even if a new client comes out

New clients r supposed to generate keys with higher entropy (all 256 bits). All successful attacks were on low-entropy keys only.

[jl777]

CfB

If the client runs all the authentication software, where is the centralization?
Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible.

Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds?

James

[Come-from-Beyond]

CfB

If the client runs all the authentication software, where is the centralization?
Nxt is java running on each node, if that node ran all the authentication software, how is that centralized? Pop3 and smtp are not so much to add into client is it? I cant imagine adding support for google authenticator in the client is impossible. The part i can't figure out is how to have an api that enforces the additional security, at worst all the nodes would have to run google authenticator verification on all transactions. Difficult, but not impossible.

Ok, sms probably not good to have a zillion verification texts senta to your cellphone, but google authenticator has a dynamically changing code for each acct, if there was a authenticator alias for an acct could that be used by all nodes to enable validation before sending of funds?

James

Who will store the seed that used for Google auth?