NXT :: descendant of Bitcoin - Updated Information

[bitcoinpaul]

Why is that symbol still not changed shall I mail to change it to the coin created by hash?

Pin

Done

[1714037831]

1714037831

[BitcoinForumator]

What is going on with coinmarketcap?
Where does it take the price from?

BTW NXT has one less competitor, MSC.
Bitshares is already history and know we will have 2 new entrants: XCP and eMunie!
eMunie is a joke, XCP is great but PoW based (soon to become extinct while Bitcoin is sinking)...

MSC and Bitshares out of the game? Why so?

[pandaisftw]

The 0.5.3 release has extra validation of recipient account numbers. While investigating this, I was able to prove that at least one of the reported incorrect transactions, so far unexplained, was due to an user error:

User account I was sending: 12956190138975700589
Erroneous account: 434692873790144579
Transaction ID: 4799337629054063359
Amount: 14'699

Account number 12956190138975700589 was incorrectly typed with an extra 1 at the end: 129561901389757005891. This is not a valid account number (it exceeds 2^64) and so resulted in overflow and was interpreted as 434692873790144579. I have added code that checks and prevents such overflows, so from now on this would return an "invalid recipient" error message. It is important to note that typo's that result in a different but valid account number will still not be caught, but in those cases it would be more obvious to the user that he has made a typo. So if the user enters the account as 12956190138975700588 for example, it will be accepted because this is a valid account number.

Most importantly, there is no evidence in the above case of a random, memory corruption type of bug, as some have feared. Adding checksums as a way to prevent user errors is a different issue, but there has been no memory corruption at play here.

Nice work!

[bitcoinpaul]

We don't integrate some sort of CRC because of saving a tiny bit of memory in the core code and because sort-of-CRC could be done in a/the client, right?

[Jean-Luc]

Just wondering if you guys are using unit tests now?

I don't use them, looks like a waste of time to me. I've seen a lot of projects that had a lot of specifications, testing and other voodoo magic things and still failed.

It is too early to add unit tests now. I am not a big fan of them, but they do have a value. But there is so much refactoring and re-writing needed now, that adding unit tests to it will only make it more difficult, more stuff to refactor and re-write.

Unit tests are not that useful in algorithm design and in cryptography. You cannot prove the validity of an algorithm using unit test, you can only prove that the test cases that you could think of worked. Just like you cannot prove a mathematical theorem by inspection.

I can write an encryption algorithm based on the assumption that all odd numbers are prime. If I test it for values of 1, 3, 5, 7, 11, 13, it will pass the unit tests with flying colors. Would you trust it though?

[Jean-Luc]

We don't integrate some sort of CRC because of saving a tiny bit of memory in the core code and because sort-of-CRC could be done in a/the client, right?

No, because in the core and when sending across the network the transactions are already signed with the sender public key. Any corruption in the transaction content would automatically invalidate the signature.

[NxtChg]

Account number 12956190138975700589 was incorrectly typed with an extra 1 at the end: 129561901389757005891. This is not a valid account number (it exceeds 2^64) and so resulted in overflow and was interpreted as 434692873790144579. I have added code that checks and prevents such overflows, so from now on this would return an "invalid recipient" error message. It is important to note that typo's that result in a different but valid account number will still not be caught, but in those cases it would be more obvious to the user that he has made a typo. So if the user enters the account as 12956190138975700588 for example, it will be accepted because this is a valid account number.

Most importantly, there is no evidence in the above case of a random, memory corruption type of bug, as some have feared. Adding checksums as a way to prevent user errors is a different issue, but there has been no memory corruption at play here.

Wow, I am ashamed. It indeed looks like my stupid mistake.

Still there is a small possibility that that last 1 was a result of a memory corruption, because I do not type anything, I use the mouse to copy/paste.

And even if that was my error, it doesn't mean that suddenly you can dismiss any possibility of memory corruption!

Your, guys, for some weird reason live in some illusory world, where your code runs on 3 parallel, avionics-grade computers, which then vote on the final result.

In reality your code will run on cheap Chinese memory chips, overheated CPUs and browsers with 24 toolbars installed.

There absolutely must be a way for other nodes to validate the address.

[grex]

BTW I approached again zerocoin team with 1M NXT bounty to investigate whether NXT PoS is compatible with their protocol...

You could also contact Artos the dev of StableCoin, he just announced that beta testing of his mixing service will start soon.

Do they use decentralized approach? I tried to get how they do that, looks like someone hosts a special mixing server. Am I right?

A simple explanation can be found in this thread.
Theres a discussion if this approach is decentralized or not, the dev says it is:

"Hazard is correct. Mixing systems require a trusted entity to function. There is no possible way for a client to figure out receiving addresses, while still having them remain anonymous. The protocol we are developing aims to move some of the functions of a mixing system onto the block chain. This addresses several concerns that face mixing services, a few of which were outlined in the original post. The protocol will be in the public domain, of course. People will be able to set up their own mixing services. So it is incorrect to say that it is centralized and that I control it. The protocol can be adapted for many different types of applications. For example, it can easily be adapted for use in anonymous P2P messaging/broadcasting system. We're currently investigating all these different uses for it."

[xchrix]

whats going on with nextcoin.org ?

Sorry you are banned from using this forum!
This ban is not set to expire.

i did nothing just wanted to login to read some news. does anybody have the same problem?

[BitAddict]

whats going on with nextcoin.org ?

Sorry you are banned from using this forum!
This ban is not set to expire.

i did nothing just wanted to login to read some news. does anybody have the same problem?

You were thinking about posting something bad about dgex, and that is not allowed! System read your soul

[LiQio]

whats going on with nextcoin.org ?

Sorry you are banned from using this forum!
This ban is not set to expire.

i did nothing just wanted to login to read some news. does anybody have the same problem?

same for me 

[bitcoinpaul]

We don't integrate some sort of CRC because of saving a tiny bit of memory in the core code and because sort-of-CRC could be done in a/the client, right?

No, because in the core and when sending across the network the transactions are already signed with the sender public key. Any corruption in the transaction content would automatically invalidate the signature.

Sounds reasonable. And what are the options for the client software for user-made input-errors?

Spontanious idea: The client software can handle "#account" and "#account"+"account alias" receiver-adresses. The second could be checked by the client before it is signed. It would be convenient and the user felt kinda save.

Mmhh, other ideas please?

[BitcoinForumator]

I just opened Nextcoin.org to see what's new and got this:

"...you are banned from using this forum!
Mehrere Accounts zu erstellen, bringt Dir gar nichts. Schönen Tag noch!
This ban is not set to expire."


W.T.F.?!?


Yesterday it was working fine, I never tried to open "mehrere accounts", never did anything "suspicious".

[h0pter.nttsh]

I just opened Nextcoin.org to see what's new and got this:

"...you are banned from using this forum!
Mehrere Accounts zu erstellen, bringt Dir gar nichts. Schönen Tag noch!
This ban is not set to expire."


W.T.F.?!?


Yesterday it was working fine, I never tried to open "mehrere accounts", never did anything "suspicious".

The same thing, i dont register any other account.

can some one explain what happend there?

[bitcoinpaul]

I just opened Nextcoin.org to see what's new and got this:

"...you are banned from using this forum!
Mehrere Accounts zu erstellen, bringt Dir gar nichts. Schönen Tag noch!
This ban is not set to expire."


W.T.F.?!?


Yesterday it was working fine, I never tried to open "mehrere accounts", never did anything "suspicious".

Must be a german bug.

[wesleyh]

That's good, now you can all go over to http://forums.nxtcrypto.org instead.

[NxtChg]

Sounds reasonable.

No it's not. It was pointed out here already several times that client checks won't solve anything and will not be widely and universally implemented, unless checksums are mandatory on the protocol level.

[mcjavar]

That's good, now you can all go over to http://forums.nxtcrypto.org instead.

Whenever the price starts to climb back, there is always something happening around dgex, like this "banning" bug

[wesleyh]

That's good, now you can all go over to http://forums.nxtcrypto.org instead.

Whenever the price starts to climb bac, there is always something happening around dgex, like this "banning" bug

Time to be less dependent on graviton. First step is to switch forums. Just stop posting on nextcoin and use nxtcrypto instead.

[mcjavar]

That's good, now you can all go over to http://forums.nxtcrypto.org instead.

Whenever the price starts to climb bac, there is always something happening around dgex, like this "banning" bug

Time to be less dependent on graviton. First step is to switch forums. Just stop posting on nextcoin and use nxtcrypto instead.

btw: It is working for me (although I am always logged in)