Bitcoin Forum
March 28, 2024, 06:18:35 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 [1589] 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 ... 2557 »
  Print  
Author Topic: NXT :: descendant of Bitcoin - Updated Information  (Read 2761518 times)
xyzzyx
Sr. Member
****
Offline Offline

Activity: 490
Merit: 250


I don't really come from outer space.


View Profile
February 10, 2014, 08:39:35 PM
 #31761

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)

"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
1711649915
Hero Member
*
Offline Offline

Posts: 1711649915

View Profile Personal Message (Offline)

Ignore
1711649915
Reply with quote  #2

1711649915
Report to moderator
1711649915
Hero Member
*
Offline Offline

Posts: 1711649915

View Profile Personal Message (Offline)

Ignore
1711649915
Reply with quote  #2

1711649915
Report to moderator
There are several different types of Bitcoin clients. The most secure are full nodes like Bitcoin Core, which will follow the rules of the network no matter what miners do. Even if every miner decided to create 1000 bitcoins per block, full nodes would stick to the rules and reject those blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711649915
Hero Member
*
Offline Offline

Posts: 1711649915

View Profile Personal Message (Offline)

Ignore
1711649915
Reply with quote  #2

1711649915
Report to moderator
1711649915
Hero Member
*
Offline Offline

Posts: 1711649915

View Profile Personal Message (Offline)

Ignore
1711649915
Reply with quote  #2

1711649915
Report to moderator
1711649915
Hero Member
*
Offline Offline

Posts: 1711649915

View Profile Personal Message (Offline)

Ignore
1711649915
Reply with quote  #2

1711649915
Report to moderator
fmiboy
Full Member
***
Offline Offline

Activity: 189
Merit: 100


View Profile
February 10, 2014, 08:43:41 PM
 #31762

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


no, you got me wrong... i meant design looks like bitcoin wallet application, but everything is still kept in nxt blockchain, No offline data is saved!
^[GS]^
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
February 10, 2014, 08:43:58 PM
 #31763

as I can edit and change the value of an alias already registered? that option still exists or not?
xyzzyx
Sr. Member
****
Offline Offline

Activity: 490
Merit: 250


I don't really come from outer space.


View Profile
February 10, 2014, 08:49:15 PM
 #31764

no, you got me wrong... i meant design looks like bitcoin wallet application, but everything is still kept in nxt blockchain, No offline data is saved!

Ah, I see.  I would like you to consider implementing a bitcoin-like wallet for passwords.  

jefdiesel's idea above is a good one: https://bitcointalk.org/index.php?topic=345619.msg5063223#msg5063223

Thanks.

"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
tylerbrad85
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 10, 2014, 08:51:30 PM
Last edit: February 10, 2014, 09:40:53 PM by tylerbrad85
 #31765

there is place for an app there, NXT password option

it lets you choose a password, and a login name, even use 2FA, and then it spits out a LONG RANDOM number, and enters it for you, seamlessly, like a BTC privatekey

So if you use this feature, you can log in and out with the app, and never have to know the brainwallet password, and all us Beta geeks can keep on remembering our
Sup33r#{a55w0r'dz}+UZEca#'tKr2@ckd33z+!Cmon/#8*)
+1

I like this idea!

1.) User is given a "Login" account screen, where they enter a username and password.
2.) User then is required(unless they choose the "original" passphase route) to enter a username and password to login
3.) The username and password is then entered into the client where the client spits out something random like "FSFD#@$#@D32ewd326546$FDR$$#@EsaDAasafgryhtddDS<l;lkL" to the NXT system to access the NXT account, which will be unknown to the user(unless requested) as they just need to remember the username and password to enter the client/account and not their real account passphrase to enter the NXT system.

 Smiley

In order for somewhat to break into the account, the hacker must know the user's password and username they use for the account.


l8orre
Legendary
*
Offline Offline

Activity: 1181
Merit: 1018


View Profile
February 10, 2014, 09:03:52 PM
 #31766



Hey CfB - I get an error when I try to transferAsset on the AE. This has worked before , so maybe i'm just tired,

NRS seems to not like the 'deadline', and I have tried both string and int from my gui client.


This comes for 'int' and 'str' as deadline ?!?! wtf?

{'errorDescription': 'Incorrect "deadline"java.lang.NumberFormatException: Zero length BigInteger', 'errorCode': 4}


{'deadline': '10', 'asset': '14269709746849295412', 'fee': '1', 'secretPhrase': 'xxxxxxxxxxxxxxx', 'referencedTransaction': '', 'requestType': 'transferAsset', 'quantity': 1000000, 'recipient': '1738404304940813414'}
 
{'secretPhrase': 'xxxxxxxxxxxxxxxxx', 'requestType': 'transferAsset', 'quantity': 1000000, 'asset': '14269709746849295412', 'referencedTransaction': '', 'deadline': 10, 'recipient': '1738404304940813414', 'fee': '1'}



Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1009

Newbie


View Profile
February 10, 2014, 09:09:52 PM
 #31767



Hey CfB - I get an error when I try to transferAsset on the AE. This has worked before , so maybe i'm just tired,

NRS seems to not like the 'deadline', and I have tried both string and int from my gui client.


This comes for 'int' and 'str' as deadline ?!?! wtf?

{'errorDescription': 'Incorrect "deadline"java.lang.NumberFormatException: Zero length BigInteger', 'errorCode': 4}


{'deadline': '10', 'asset': '14269709746849295412', 'fee': '1', 'secretPhrase': 'xxxxxxxxxxxxxxx', 'referencedTransaction': '', 'requestType': 'transferAsset', 'quantity': 1000000, 'recipient': '1738404304940813414'}
 
{'secretPhrase': 'xxxxxxxxxxxxxxxxx', 'requestType': 'transferAsset', 'quantity': 1000000, 'asset': '14269709746849295412', 'referencedTransaction': '', 'deadline': 10, 'recipient': '1738404304940813414', 'fee': '1'}

What is the request?
drsnuggles
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
February 10, 2014, 09:16:55 PM
 #31768

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.
Hmm, what if we keep the brainwallet, but help the user choose a long password? So make the minimum length 30 characters and have some numbers and letters, plus short explanation why.

Now we have the opposite system: choose less than 10 characters and lose your coins in a minute. A bit of a harsh way of learning if you ask me.
wesleyh
Sr. Member
****
Offline Offline

Activity: 308
Merit: 250


View Profile
February 10, 2014, 09:17:49 PM
 #31769

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.
Hmm, what if we keep the brainwallet, but help the user choose a long password? So make the minimum length 30 characters and have some numbers and letters, plus short explanation why.

Now we have the opposite system: choose less than 10 characters and loose your coins in a minute. A bit of a harsh way of learning if you ask me.

that's what i do in my client ;-) (coming soon)
ChuckOne
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250

☕ NXT-4BTE-8Y4K-CDS2-6TB82


View Profile
February 10, 2014, 09:20:07 PM
 #31770

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


Could somebody explain the concept of the brainwallet to me? How can the average joe remember 50 letters or even more when having more than one account?
drsnuggles
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
February 10, 2014, 09:21:55 PM
 #31771

that's what i do in my client ;-) (coming soon)
Ooh, I like it already Smiley
pandaisftw
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
February 10, 2014, 09:24:11 PM
 #31772

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


Could somebody explain the concept of the brainwallet to me? How can the average joe remember 50 letters or even more when having more than one account?

Usually you string a bunch of random words together (with salting that makes sense to you).

The problem is that most people are not too good at placing random words together in a way that is memorable yet resistant to dictionary attacks.

NXT: 13095091276527367030
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
February 10, 2014, 09:27:54 PM
 #31773

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


Could somebody explain the concept of the brainwallet to me? How can the average joe remember 50 letters or even more when having more than one account?

User Password managers. I use https://lastpass.com/
It's been around for years (maybe 10?).  it's pretty safe as all encryptions are done on local computer. You just need one very strong master password

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
ChuckOne
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250

☕ NXT-4BTE-8Y4K-CDS2-6TB82


View Profile
February 10, 2014, 09:28:56 PM
 #31774

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


Could somebody explain the concept of the brainwallet to me? How can the average joe remember 50 letters or even more when having more than one account?

Usually you string a bunch of random words together (with salting that makes sense to you).

The problem is that most people are not too good at placing random words together in a way that is memorable yet resistant to dictionary attacks.

Ah wait. Couldn't we use the following algo?

http://en.wikipedia.org/wiki/Key_stretching

The user gives a seed + the number of iterations * 10.000

So e.g.:
input from user = "I love my mum." + 234
input for key stretching = "I love my mum." + 2.340.000
output of algo = real password

The * 10.000 is necessary to prevent brutefore.
pandaisftw
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
February 10, 2014, 09:39:38 PM
 #31775

Unfortunately, I've come to the conclusion that the brainwallet feature is not meant for average users.  I think we should keep it as an advanced option, but by default a client should implement a bitcoin-like wallet, for the safety of our users.


well that's one reason, why clienxt's design made it look/feel like like bitcoin wallet... Smiley

You've implemented a bitcoin-like wallet for Nxt?  Cool!

Do you still allow the user to use a brainwallet if he so chooses?  BCNext wanted the brainwallet feature to keep governments from forcing the disclosure of private keys -- with a brainwallet the private key is generated on-the-fly so there is no key to give up.  (In practice, however, I think this is easily defeated by rubber-hose cryptanalysis.)


Could somebody explain the concept of the brainwallet to me? How can the average joe remember 50 letters or even more when having more than one account?

Usually you string a bunch of random words together (with salting that makes sense to you).

The problem is that most people are not too good at placing random words together in a way that is memorable yet resistant to dictionary attacks.

Ah wait. Couldn't we use the following algo?

http://en.wikipedia.org/wiki/Key_stretching

The user gives a seed + the number of iterations * 10.000

So e.g.:
input from user = "I love my mum." + 234
input for key stretching = "I love my mum." + 2.340.000
output of algo = real password

The * 10.000 is necessary to prevent brutefore.

I believe some of the clients that are coming out in the near future will have 1) RS addresses and 2) password generators. I'm not sure if they are using key stretching or a different method.

NXT: 13095091276527367030
brooklynbtc
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250

AKA jefdiesel


View Profile
February 10, 2014, 09:45:00 PM
 #31776

why is the forum getting DDos'd now? Maxcoin?

also, blocks are popping off all over the place this week, dunno if its 7.02 is more efficient or something, but I'm hitting a block every 8 hours or so with 330k coins. Payments are up too, over half are empty still but 110 paid in fees this week!

even though blockchain doesn't show all the blocks forged, it is showing the proper amount.. is it still on 5.11?


SN
S   U   P   E   R    N   E   T
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   
Uniting cryptocurrencies, Rewarding talent, Sharing benefits..

Blockchain Technology.

klee
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000



View Profile
February 10, 2014, 09:47:19 PM
 #31777

why is the forum getting DDos'd now? Maxcoin?

also, blocks are popping off all over the place this week, dunno if its 7.02 is more efficient or something, but I'm hitting a block every 8 hours or so with 330k coins. Payments are up too, over half are empty still but 110 paid in fees this week!

even though blockchain doesn't show all the blocks forged, it is showing the proper amount.. is it still on 5.11?


Dopecoin
tylerbrad85
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 10, 2014, 09:51:00 PM
 #31778

why is the forum getting DDos'd now? Maxcoin?

also, blocks are popping off all over the place this week, dunno if its 7.02 is more efficient or something, but I'm hitting a block every 8 hours or so with 330k coins. Payments are up too, over half are empty still but 110 paid in fees this week!

even though blockchain doesn't show all the blocks forged, it is showing the proper amount.. is it still on 5.11?


Dopecoin

or MacroCoin  Grin
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
February 10, 2014, 10:11:00 PM
 #31779


I emailed Dmitry Skiba and actually got a response

Quote
Hi,

Actually I don't know nothing about cryptography, I just ported that code from C to Java many years ago. So I can't really answer your question.

Regards,
Dmitry

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
msin
Legendary
*
Offline Offline

Activity: 1470
Merit: 1004


View Profile
February 10, 2014, 10:14:26 PM
 #31780


I emailed Dmitry Skiba and actually got a response

Quote
Hi,

Actually I don't know nothing about cryptography
, I just ported that code from C to Java many years ago. So I can't really answer your question.

Regards,
Dmitry

So he knows something.......
Pages: « 1 ... 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 [1589] 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 ... 2557 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!