NXT :: descendant of Bitcoin - Updated Information

[nxtuser]

How would you suggest targeting a single acct, vs mining against all accts in parallel?

Parallel of course. System is designed in a way that all 'darkNXT' accounts can be recovered with a single 2^64 'pass', there's no need to target accounts individually.

[Come-from-Beyond]

CfB (or anybody that knows)

I remember somewhere there was a way to forge using API, just from running the java server.

1. How exactly can you start forging for an account from API.
2. How can you verify that it is indeed forging

James

There is no API for that yet.

[Come-from-Beyond]

@cfb

how can i find the Blocks detail which one i just Generated

If it was empty - u can't (without API calls).

[Come-from-Beyond]

Yes, but you have to explicitly handle the json since it doesn't return a proper content type for JSON ('application/json'):

It used to return "application/json" but Unicode symbols didn't work properly in browsers.

[Come-from-Beyond]

Bounty announcement

100'000 NXT will be paid for working JavaScript code that signs and verifies signatures using NRS algo.

- The licence must allow to use the code in any application
- Sign/verify speed must be not lower than 100 signatures per second on a 1 GHz CPU (1 core)
- All the code must be in a single non-obfuscated well-formatted .js file
- Input/output values must be strings like "8302504e4e57c6c65335289879c6915a273d3aae7bd086058e403fcd2bc18341"

The bounty is valid till the 20th of January, 2014 12:00:00 UTC. The complete code must be published in this thread.

There are already a bunch of JS crypto libraries: http://jsperf.com/nacl-vs-sjcl-sha256-hash/3

None of the existing ones satisfy your needs? There are already SHA256 and curve25519 implementations...

Just compose something working and get 100K.

[Come-from-Beyond]

Does transparent forging link your IP address to your Nxt balance?

No

[gradis]

I don't think that is a huge issues. The 250m are most likely from people that don't even know that you have to make a transaction to create a public key.
Hell i didn't know until 7 days ago and i have 6 digits of them...

It is not clear to me (and possible to others). What is the difference between accounts with pubkey and without? My digits are also worried.

Accounts without a pubkey are only protected by 64bits. It is a first used, first gets basis. Basically even if you created the account by funding it, if you never associate a pubkey to the acct, ANYBODY who stumbles onto the 64bit key will control the account with their 256bit key.

The risk of keys being intercepted online is the usual reason people have for sending funds to an acct, but never using that acct. This backfires. Best to do one transaction. Any transaction and get 256 bit protection which is not projected to be cracked for at least another 8.957 years. Just kidding, 256 bit passwords with high entropy that new clients will enforce (hopefully) will be safe until further notice. Need some giant breakthroughs in crypto busting algorithms or hardware (quantum computers from the future) to even have a chance at breaking 256 bit keys. 64 bit keys, not so strong. Dedicated banks of ASICS could probably become a threat in as little as 5 years.

For significant holdings I recommend a fragmented wallet, eg. 10% in 10 different wallets each with different keys.

James

Im quoting you James as you have laid out a post that has the most elements for my questions. Thanks.

Ok been reading about this 'darknxt' in a few posts. Read some rather agitated post's wanting to ban them and others saying its accounts that have not sent nxt at all. Righteo got that when I tried to get my public key (local get public key)- didn't have one, but sent a nxt got a public key wonderful. I feel so secure.  

Enough background im curious. pubkey, the one I log in and out with I take it yes? I mean if I fly over to any one else running nxt say hi and bash my password in I would get my account? Is this correct? I am going to assume this the case and ask why it is insecure until I send a nxt so making a public key?

I am totally un-technical so im going to take a stab at trying to understand this. All accounts are in the blockchain. Unless you're account has a public id in the blockchain it has a vastly inferior encryption method (ie need to make a alias, transaction or mine a block to get this public id). This in beginning or middle even was never explained and im only hearing this recently (well as far as posts keep expanding rapidly). So was this a bug or a fault found, because it sounds like it. I am going to assume this is an attempt to stop people trying to mine/crack the blockchain (which is d/l by anybody) and was added in after the release? Because this sudden need for this makes it seem so. But..

As i say, I am not technical so if anyone could explain it in simple, start, why, because, manner I would be grateful, as to a layman when I read posts about people wanting to ban accounts that have made no transactions and not reading about any valid reasons to do so makes me question even more this concept.    

 

[wesleyh]

Bounty announcement

100'000 NXT will be paid for working JavaScript code that signs and verifies signatures using NRS algo.

- The licence must allow to use the code in any application
- Sign/verify speed must be not lower than 100 signatures per second on a 1 GHz CPU (1 core)
- All the code must be in a single non-obfuscated well-formatted .js file
- Input/output values must be strings like "8302504e4e57c6c65335289879c6915a273d3aae7bd086058e403fcd2bc18341"

The bounty is valid till the 20th of January, 2014 12:00:00 UTC. The complete code must be published in this thread.

There are already a bunch of JS crypto libraries: http://jsperf.com/nacl-vs-sjcl-sha256-hash/3

None of the existing ones satisfy your needs? There are already SHA256 and curve25519 implementations...

Just compose something working and get 100K.

I see no available curve25519 verify() method, only signing (via js).

[wesleyh]

How do you associate a pubkey with an account and what is the API call to check if I have one?

[Come-from-Beyond]

How do you associate a pubkey with an account and what is the API call to check if I have one?

Send any transaction from that account or forge a block.

http://localhost:7874/nxt?requestType=getAccountPublicKey&account=6483973064837388393

[marcus03]

How do you associate a pubkey with an account and what is the API call to check if I have one?

1.) It's done by the core when a transaction is done.
2.) You need to go through the transactions and and check for senderPublicKey.

[pinarello]

CLOSING TODAY!

poll is up go vote !

https://bitcointalk.org/index.php?topic=401123.0


BCNext offers a fun game to the community.

Rules:

1. Community decides what 3 questions they want to ask
2. Community posts these questions in this thread (in ~24 hours starting from now)
3. BCNext answers this questions (will be signed by the genesis account)
4. BCNext has the right to refuse to answer any (or all) of the questions (so don't ask his real name)

This is a win-win game. Community will get answers to some questions (like why the fund raising was cancelled so suddenly). BCNext will see how the community comes to a consensus without strict rules (like "the longest chain wins").

If u accept this offer u could start choosing the most important questions...

[gradis]

Im quoting you James as you have laid out a post that has the most elements for my questions. Thanks.

Ok been reading about this 'darknxt' in a few posts. Read some rather agitated post's wanting to ban them and others saying its accounts that have not sent nxt at all. Righteo got that when I tried to get my public key (local get public key)- didn't have one, but sent a nxt got a public key wonderful. I feel so secure.  

Enough background im curious. pubkey, the one I log in and out with I take it yes? I mean if I fly over to any one else running nxt say hi and bash my password in I would get my account? Is this correct? I am going to assume this the case and ask why it is insecure until I send a nxt so making a public key?

I am totally un-technical so im going to take a stab at trying to understand this. All accounts are in the blockchain. Unless you're account has a public id in the blockchain it has a vastly inferior encryption method (ie need to make a alias, transaction or mine a block to get this public id). This in beginning or middle even was never explained and im only hearing this recently (well as far as posts keep expanding rapidly). So was this a bug or a fault found, because it sounds like it. I am going to assume this is an attempt to stop people trying to mine/crack the blockchain (which is d/l by anybody) and was added in after the release? Because this sudden need for this makes it seem so. But..

As i say, I am not technical so if anyone could explain it in simple, start, why, because, manner I would be grateful, as to a layman when I read posts about people wanting to ban accounts that have made no transactions and not reading about any valid reasons to do so makes me question even more this concept.    

I would read couple of pages following the post below:

https://bitcointalk.org/index.php?topic=366105.msg3910365#msg3910365


For more recent posts look at:

https://bitcointalk.org/index.php?topic=397183.msg4360195#msg4360195

https://bitcointalk.org/index.php?topic=397183.msg4360315#msg4360315

Well I thank you for your time to take to answer this but this does not answer my questions

Yes I am aware what a brain wallet is in regards to nxt. But how does my super long password become stronger with a public key? I can only think it has to do with the blockchain and the information it contains. So is this assumption correct? When was this implemented, and when was it made a necessity to have a public key as this seems to be only after new year I read about this.  

As to the last 2 post's you posted I did specify im non technical as stated.

regards

ps 'When was this implemented' I mean with regards having a long password not good enough and having to have a public key as well. clarification.

[Come-from-Beyond]

ps 'When was this implemented' I mean with regards having a long password not good enough and having to have a public key as well. clarification.

This was implemented in NRS 0.0.0

[NxtChg]

BTC deposits are temporary closed, seems like there is a bit of a problem with blockchain.info.

[lophie]

First question, Have you considered demmurage for nxt? if so why did you decide not to?

[landomata]

First question, Have you considered demmurage for nxt? if so why did you decide not to?

 

pls clarify demurrage?

[gradis]

ps 'When was this implemented' I mean with regards having a long password not good enough and having to have a public key as well. clarification.

This was implemented in NRS 0.0.0

ok. so why wasn't every account active given a public key rather than having to make a transaction.  

[halkah]

I withdrew Nxt from Dgex.com over a week ago and I have still not recieved it in my wallet. When I mailed dgex they told me that the Nxt were sent within 24hours..
Why are they not showing up in my wallet? Or is dgex lying?

[landomata]

I withdrew Nxt from Dgex.com over a week ago and I have still not recieved it in my wallet. When I mailed dgex they told me that the Nxt were sent within 24hours..
Why are they not showing up in my wallet? Or is dgex lying?

whats ur account No...we can check in blockchain.