msin
Legendary
Offline
Activity: 1470
Merit: 1004
|
|
February 11, 2014, 04:39:08 PM |
|
Given what's happened to btct.co and bitfunder.com, could people issuing these assets end up in trouble later?
A good question - and another reason why I am not overly excited by AE as it stands. You'd be pretty brave not to be "anonymous" and list an Asset IMO. This is why "atomic cross-chain transactions" *are* the holy-grail as you could deal through anonymous AE without needing to trust its owner as basically they would only then exist to set up a trade possibility between two parties (i.e. a means of finding each other and finding an agreed price) but the trade itself would happen in a way that the asset owner would have no control over (the fee in NXT being the only way that the "lister" could make anything at all assuming the system has been set up to allow this). I have a hard time believing that anything makes you overly excited. I do agree with cross-chain transactions, all the more reason why we need to be building coins on top of Nxt blockchain!
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 04:39:38 PM |
|
Nxt transaction has the following format:
64 bytes of the header 64 bytes of the signature X bytes of the attachment
Before signing it looks:
64 bytes of the header 64 zeros X bytes of the attachment
All [64+64+X] bytes r signed and the signature is placed instead of the zeros.
PS: Ordinary payment is the only transaction that doesn't have an attachment.
Then unless the signature can have more than one equivalent representation I don't see why we actually *have* a malleability problem? Care to enlighten me?
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 04:41:40 PM |
|
I have a hard time believing that anything makes you overly excited. Believe me - if I get overly excited by Nxt then I think all of you would have already become very rich.
|
|
|
|
ChuckOne
Sr. Member
Offline
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
|
|
February 11, 2014, 04:42:37 PM |
|
Nxt transaction has the following format:
64 bytes of the header 64 bytes of the signature X bytes of the attachment
Before signing it looks:
64 bytes of the header 64 zeros X bytes of the attachment
All [64+64+X] bytes r signed and the signature is placed instead of the zeros.
PS: Ordinary payment is the only transaction that doesn't have an attachment.
Then unless the signature can have more than one equivalent representation I don't see why we actually *have* a malleability problem? Care to enlighten me? Isn't there a second signature of the issuer? I mean I do not want a node to change my transactions, right?Sorry, was somehow confused by thinking of blocks.
|
|
|
|
^[GS]^
Member
Offline
Activity: 112
Merit: 10
|
|
February 11, 2014, 04:45:03 PM |
|
"G" captain please send test nxt or anybody who has a lot still thanks
6815286805809610855
sent 10k Test NXT _________________ NXTio Now is in Chinese! http://www.nxtio.org/?lang=zhThank you very much to nekokoe for his translation! NXT Donations: 16729052528737221895
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 11, 2014, 04:46:23 PM |
|
Then unless the signature can have more than one equivalent representation I don't see why we actually *have* a malleability problem?
Care to enlighten me?
3rd party could add a number equal to Curve25519 group order to create a valid transaction with another id. That's how DoctorEvil hacked Nxt to replay a transaction. Also the legit owner of a transaction could generate zillions of valid signatures for the same set of data.
|
|
|
|
ImmortAlex
|
|
February 11, 2014, 04:48:57 PM |
|
That was C-f-B itself, who have forged that lucky block. AFAIR, he returned most of fee to alias issuer.
That's how rumors that I'm a SkyNet bot r being created... Being Android device myself, I'm often confuses with human gender identity. Only boobs IRL can help me. Have someone good boobs asset?
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 11, 2014, 04:49:25 PM |
|
Being Android device myself, I'm often confuses with human gender identity. Only boobs IRL can help me. Have someone good boobs asset?
(.)(.)
|
|
|
|
ImmortAlex
|
|
February 11, 2014, 04:50:55 PM |
|
Being Android device myself, I'm often confuses with human gender identity. Only boobs IRL can help me. Have someone good boobs asset?
(.)(.) Gimme two!
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 04:53:00 PM |
|
3rd party could add a number equal to Curve25519 group order to create a valid transaction with another id. That's how DoctorEvil hacked Nxt to replay a transaction.
Also the legit owner of a transaction could generate zillions of valid signatures for the same set of data.
Aha - my math lets me down unfortunately but I do get your point. So is there any way you think that this could be solved?
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 11, 2014, 04:54:44 PM |
|
3rd party could add a number equal to Curve25519 group order to create a valid transaction with another id. That's how DoctorEvil hacked Nxt to replay a transaction.
Also the legit owner of a transaction could generate zillions of valid signatures for the same set of data.
Aha - my math lets me down unfortunately but I do get your point. So is there any way you think that this could be solved? Easily. We just need ID_2 that is calculated like ID but with signature bytes set back to zeros.
|
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
February 11, 2014, 04:55:33 PM |
|
Has anyone started a dedicated thread for discussing general aspects of the asset exchange?
|
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
|
|
|
mcjavar
|
|
February 11, 2014, 04:55:57 PM |
|
Being Android device myself, I'm often confuses with human gender identity. Only boobs IRL can help me. Have someone good boobs asset?
(.)(.) (_)_)|||||||||||||Ð~~~
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 04:57:32 PM |
|
Easily. We just need ID_2 that is calculated like ID but with signature bytes set back to zeros.
Well with all the fuss happening at the moment about this issue I would push for getting this into the next version of the protocol as well as making some guidelines to ensure that the problem won't "creep in" at a later point. Others?
|
|
|
|
mcjavar
|
|
February 11, 2014, 04:57:54 PM |
|
Has anyone started a dedicated thread for discussing general aspects of the asset exchange?
no
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 11, 2014, 04:58:37 PM |
|
Easily. We just need ID_2 that is calculated like ID but with signature bytes set back to zeros.
Well with all the fuss happening at the moment about this issue I would push for getting this into the next version of the protocol as well as making some guidelines to ensure the problem won't "creep in" at a later point. It's a good opportunity to test Nxt Improvement Proposal workflow.
|
|
|
|
intel
Member
Offline
Activity: 98
Merit: 10
|
|
February 11, 2014, 04:59:02 PM |
|
ANNOUNCEMENT:
nxtFreeRider is available at: www.quicknxt.com/FreeRidersha256: 0b04c63911c877ba8dfb88bed1618c63590eeeb82cec42263c0452082f21402d nxtFreeRider01.zip
please note: in terms of User Experience, this is an extremely rough release. However, the implementation of the API backend is complete, robust and multithreaded. The intention is to release a fully open sourced pythonic API, that can be directly inspected and extended by anybody capable of writing python code.
Screenshoots?
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 05:00:49 PM |
|
It's a good opportunity to test Nxt Improvement Proposal workflow.
Agreed - would you mind to be the first to have a go at this (I don't feel I know the code well enough to do this myself)?
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
February 11, 2014, 05:01:42 PM |
|
Being Android device myself, I'm often confuses with human gender identity. Only boobs IRL can help me. Have someone good boobs asset?
(.)(.) (_)_)|||||||||||||Ð~~~
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
February 11, 2014, 05:02:30 PM |
|
Screenshoots?
Please just post links rather than screenshots - it makes my head dizzy with the web page jumping up and down all the time (oh - now my post looks bad after reading the one above).
|
|
|
|
|