NXT :: descendant of Bitcoin - Updated Information

[ChuckOne]

Did you want some TestNxt ?

Can I have some TestNxt too? 

Accountnr. 5678029137156573042

And you have over 1 million. Does anyone actually need testnxt? I was going to spread 15,000 around as I got two donations.

It is telling me you now have over 2.5 million...

"This account has a balance of 23'086 NXT."

[rdanneskjoldr]

Can I please get some Test NXT in account 16248676195570366253 ?

I will forward some to a couple friends and offer a little giveaway in twitter so people can try the latest wesleyh client including password generator.

Wesley's client tells me that account has a balance of 500,000. How many friends do you have?

Um... my current balance in testnet reads 5,000.

It is now telling me you have a balance of 2million...

Wesley?

Hhm... I appear to be in private mode again. Let me try it the other way.

I think it shows it correctly to me :

Account 16248676195570366253 Info
This account has a balance of 17'497 NXT.

10/03/2014 21:11:32   Ordinary payment      2'500           3   17238779241348084924
10/03/2014 21:06:20   Ordinary payment      15'000   1   4940924250576724047
10/03/2014 20:45:44   Ordinary payment      5'000            5   You

[wesleyh]

Can I please get some Test NXT in account 16248676195570366253 ?

I will forward some to a couple friends and offer a little giveaway in twitter so people can try the latest wesleyh client including password generator.

Wesley's client tells me that account has a balance of 500,000. How many friends do you have?

Um... my current balance in testnet reads 5,000.

It is now telling me you have a balance of 2million...

Wesley?

Hhm... I appear to be in private mode again. Let me try it the other way.

I think it shows it correctly to me :

Account 16248676195570366253 Info
This account has a balance of 17'497 NXT.

10/03/2014 21:11:32   Ordinary payment      2'500           3   17238779241348084924
10/03/2014 21:06:20   Ordinary payment      15'000   1   4940924250576724047
10/03/2014 20:45:44   Ordinary payment      5'000            5   You

Hmm can you show me a screenshot of that? Weird.. It's 23'086 Nxt  for account 5678029137156573042  , edit never mind i see you're using another account nr

[ChuckOne]

The difference between what? A secret phrase consists of multiple words, a password is typically one long word.

Why making this difference? It will be another burden for the most people.

[wesleyh]

If you type a space character it assumes you are going to type a secret phrase. Not sure what other way around I can do.

OK...  I got the other message too...   

Secret phrase must be at least 35 characters long.

Good?

[wesleyh]

The difference between what? A secret phrase consists of multiple words, a password is typically one long word.

Why making this difference?

Because if you type a password it must be 35 characters in length AND have numbers AND uppercase AND special character. A 12 word phrase does not require this.

[redsn0w]

Did you want some TestNxt ?

Can I have some TestNxt too? 

Accountnr. 5678029137156573042

And you have over 1 million. Does anyone actually need testnxt? I was going to spread 15,000 around as I got two donations.

It is telling me you now have over 2.5 million...

"This account has a balance of 23'086 NXT."

Yep .

[Daedelus]

Can I please get some Test NXT in account 16248676195570366253 ?

I will forward some to a couple friends and offer a little giveaway in twitter so people can try the latest wesleyh client including password generator.

Wesley's client tells me that account has a balance of 500,000. How many friends do you have?

Um... my current balance in testnet reads 5,000.

It is now telling me you have a balance of 2million...

Wesley?

Hhm... I appear to be in private mode again. Let me try it the other way.

I think it shows it correctly to me :

Account 16248676195570366253 Info
This account has a balance of 17'497 NXT.

10/03/2014 21:11:32   Ordinary payment      2'500           3   17238779241348084924
10/03/2014 21:06:20   Ordinary payment      15'000   1   4940924250576724047
10/03/2014 20:45:44   Ordinary payment      5'000            5   You

Try private mode in firefox and go to the 'send money' dialogue box in Wesley's client. In the recipient put 2299216276842660095 (this is me). edit: at the bottom of the dialogue box it tells you info about the account you are sending to. It should read 13'089.

What do you get?

Maybe it is just me...  

[wesleyh]

Can I please get some Test NXT in account 16248676195570366253 ?

I will forward some to a couple friends and offer a little giveaway in twitter so people can try the latest wesleyh client including password generator.

Wesley's client tells me that account has a balance of 500,000. How many friends do you have?

Um... my current balance in testnet reads 5,000.

It is now telling me you have a balance of 2million...

Wesley?

Hhm... I appear to be in private mode again. Let me try it the other way.

I think it shows it correctly to me :

Account 16248676195570366253 Info
This account has a balance of 17'497 NXT.

10/03/2014 21:11:32   Ordinary payment      2'500           3   17238779241348084924
10/03/2014 21:06:20   Ordinary payment      15'000   1   4940924250576724047
10/03/2014 20:45:44   Ordinary payment      5'000            5   You

Try private mode in firefox and go to the 'send money' dialogue box in Wesley's client. In the recipient put 2299216276842660095 (this is me). edit: at the bottom of the dialogue box it tells you info about the account you are sending to. It should read 13'089.

What do you get?

Maybe it is just me...  

it says the account has a public key. and after i sent a message and check it in my transactions, it's 13089.

[chanc3r]

I think something like this could solve the passphrase problem,adapted to Nxt,keeping its essence of brain wallet,and no wallet.dat file.People could generate their passphrases with no need of knowing them in a super easy way,and would follow BCNext's first idea.

http://braincontrol.me/
http://betanomics.asia/blog/store-and-send-bitcoin-directly-from-your-brain-using-braincontrol

BrainControl ultimately uses the following function to determenistically generate the necessary keys at the precise time required to perform any sensitive functionality such as send or backing-up:

Code:

<script>
var keys = btc.keys(Crypto.SHA256(salt+url+Crypto.SHA256(username+password+pin)));
</script>

Someone will need to explain this in a little more detail. Won't URL always be the same? (in case of a desktop client there's even no URL).

Im not a programmer,but i guess URL could be excluded.This is just how this site works.I found it in a tweet from Antonopoulos, supporting this.What i think is useful is the idea.

Just try it and take the idea.It will even show you the bitcoin private key the wallet generated if you want to save it somewhere.
It could let people use 2 or 3 easy passwords,and a PIN,easy to remember,and create the NXT passphrase from there

For example,putting
account name : nxttrial
passphrase: nxtsecondgeneration
extra salt: nxt
pin : 123456

This gives access to the publid bitcoin ID 1Ax7FXk9Q8oneRpkPv9GzMyi6gjf4y6Sg5
If you click backup, it gives you the QR code and the private key : 5KACFTu5aESZQ7THmSpgkFkew9J8EJRhSeuNWuBmEkcGhE28yGk

So you are not saving it anywhere.It is only that in 5 years,you come back and put the same login details,it will give you access to she same account.I think this system could work for Nxt and be user friendly.I cant say how safe it is,but i guess it is.

What's the difference between this and simply having the brain password:

nxttrialnxtsecondgenerationnxt123456?

Thats why im not a programmer,and maybe its just stupid,hahah. But at least it made you create a more than 30 characters long easy to remember passphrase with numbers and letters,and symbols could be mandatory.

The idea is that nxttrialnxtsecondgenerationnxt123456 --> 5KACFTu5aESZQ7THmSpgkFkew9J8EJRhSeuNWuBmEkcGhE28yGk , which would be the Nxt passphrase,but maybe it is useless for security reasons

Well, if this is the default method, a "hacker" would simply use the same encryption method on the brain password to get the "real" passphrase. Or am I wrong, anyone?

Gulp - this is a dangerous place to tread but I think I should have a go... I was thinking along these lines when I saw this post..

Wesley - logically you are correct but from a user perspective putting in the information in a structured way would help the user to remember, and recover their passphrase. Other people are also right - we have a problem if this is lost if we don't have robust back up mechanisms.

I would go even further.... Ask a series of questions - things it would be difficult for an attacker to know; e.g.

What is your favourite place: barcelona
What is your lucky number: 88
What religion are you: jedi
What was your mothers middle name: leslie
Please enter a memorable 4 digit pin: 1234

I would combine this into a phrase - hash it <lucky number>*<pin> times and save it as a passphrase in a wallet.dat which is password protected. Hashing it lots of times just makes it a bit more computationally expensive for a brute force attacker....

If the user loses their wallet.dat or forgets their password, they can regenerate the 'brain wallet passphrase by re-entering the structured information which should be memorable for them and they won't have to write down.

Is it secure, its more secure than a sha256 password that no one can remember, its more secure than just a wallet.dat that can become lost of corrupted and its more secure than a short brainwallet password that people use so they don't have to write it down.

You could have this option, the alternative to use a pure sha256 random pass or enter your own brain wallet password.

[ChuckOne]

The difference between what? A secret phrase consists of multiple words, a password is typically one long word.

Why making this difference?

Because if you type a password it must be 35 characters in length AND have numbers AND uppercase AND special character. A 12 word phrase does not require this.

Uff. That's complicated.

Having 2 2 2 2 2 2 2 2 2 2 2 2 is okay, right? But that's only 24 characters.

[wesleyh]

The difference between what? A secret phrase consists of multiple words, a password is typically one long word.

Why making this difference?

Because if you type a password it must be 35 characters in length AND have numbers AND uppercase AND special character. A 12 word phrase does not require this.

Uff. That's complicated.

Having 2 2 2 2 2 2 2 2 2 2 2 2 is okay, right? But that's only 24 characters.

No, it must always be at least 35 characters.

[wesleyh]

I think something like this could solve the passphrase problem,adapted to Nxt,keeping its essence of brain wallet,and no wallet.dat file.People could generate their passphrases with no need of knowing them in a super easy way,and would follow BCNext's first idea.

http://braincontrol.me/
http://betanomics.asia/blog/store-and-send-bitcoin-directly-from-your-brain-using-braincontrol

BrainControl ultimately uses the following function to determenistically generate the necessary keys at the precise time required to perform any sensitive functionality such as send or backing-up:

Code:

<script>
var keys = btc.keys(Crypto.SHA256(salt+url+Crypto.SHA256(username+password+pin)));
</script>

Someone will need to explain this in a little more detail. Won't URL always be the same? (in case of a desktop client there's even no URL).

Im not a programmer,but i guess URL could be excluded.This is just how this site works.I found it in a tweet from Antonopoulos, supporting this.What i think is useful is the idea.

Just try it and take the idea.It will even show you the bitcoin private key the wallet generated if you want to save it somewhere.
It could let people use 2 or 3 easy passwords,and a PIN,easy to remember,and create the NXT passphrase from there

For example,putting
account name : nxttrial
passphrase: nxtsecondgeneration
extra salt: nxt
pin : 123456

This gives access to the publid bitcoin ID 1Ax7FXk9Q8oneRpkPv9GzMyi6gjf4y6Sg5
If you click backup, it gives you the QR code and the private key : 5KACFTu5aESZQ7THmSpgkFkew9J8EJRhSeuNWuBmEkcGhE28yGk

So you are not saving it anywhere.It is only that in 5 years,you come back and put the same login details,it will give you access to she same account.I think this system could work for Nxt and be user friendly.I cant say how safe it is,but i guess it is.

What's the difference between this and simply having the brain password:

nxttrialnxtsecondgenerationnxt123456?

Thats why im not a programmer,and maybe its just stupid,hahah. But at least it made you create a more than 30 characters long easy to remember passphrase with numbers and letters,and symbols could be mandatory.

The idea is that nxttrialnxtsecondgenerationnxt123456 --> 5KACFTu5aESZQ7THmSpgkFkew9J8EJRhSeuNWuBmEkcGhE28yGk , which would be the Nxt passphrase,but maybe it is useless for security reasons

Well, if this is the default method, a "hacker" would simply use the same encryption method on the brain password to get the "real" passphrase. Or am I wrong, anyone?

Gulp - this is a dangerous place to tread but I think I should have a go... I was thinking along these lines when I saw this post..

Wesley - logically you are correct but from a user perspective putting in the information in a structured way would help the user to remember, and recover their passphrase. Other people are also right - we have a problem if this is lost if we don't have robust back up mechanisms.

I would go even further.... Ask a series of questions - things it would be difficult for an attacker to know; e.g.

What is your favourite place: barcelona
What is your lucky number: 88
What religion are you: jedi
What was your mothers middle name: leslie
Please enter a memorable 4 digit pin: 1234

I would combine this into a phrase - hash it <lucky number>*<pin> times and save it as a passphrase in a wallet.dat which is password protected. Hashing it lots of times just makes it a bit more computationally expensive for a brute force attacker....

If the user loses their wallet.dat or forgets their password, they can regenerate the 'brain wallet passphrase by re-entering the structured information which should be memorable for them and they won't have to write down.

Is it secure, its more secure than a sha256 password that no one can remember, its more secure than just a wallet.dat that can become lost of corrupted and its more secure than a short brainwallet password that people use so they don't have to write it down.

You could have this option, the alternative to use a pure sha256 random pass or enter your own brain wallet password.

That may be a possibility but for this we need other client developers to agree on the same standard and the same questions. We can't have all developers making their own implementation.

[farl4web]

@Wesley

A few results after testing your client:

• Settings > Custom choice by header, Sidebar, Page header (nothing happens)
• When I click "send NXT" or "send message" in the upperright, I can't click on the avatar to choose from my Contacts
• Wouldn't it be nice to see the account balance on all the pages, maybe in the header?
• How do I change my assets?
• I can't vote on other polls

[Daedelus]

Can I please get some Test NXT in account 16248676195570366253 ?

I will forward some to a couple friends and offer a little giveaway in twitter so people can try the latest wesleyh client including password generator.

Wesley's client tells me that account has a balance of 500,000. How many friends do you have?

Um... my current balance in testnet reads 5,000.

It is now telling me you have a balance of 2million...

Wesley?

Hhm... I appear to be in private mode again. Let me try it the other way.

I think it shows it correctly to me :

Account 16248676195570366253 Info
This account has a balance of 17'497 NXT.

10/03/2014 21:11:32   Ordinary payment      2'500           3   17238779241348084924
10/03/2014 21:06:20   Ordinary payment      15'000   1   4940924250576724047
10/03/2014 20:45:44   Ordinary payment      5'000            5   You

Try private mode in firefox and go to the 'send money' dialogue box in Wesley's client. In the recipient put 2299216276842660095 (this is me). edit: at the bottom of the dialogue box it tells you info about the account you are sending to. It should read 13'089.

What do you get?

Maybe it is just me...  

it says the account has a public key. and after i sent a message and check it in my transactions, it's 13089.

Then it is probably a bug in my system somewhere I guess? I have a screenshot to show I'm not making it up! 

I'll reboot and try the same steps again.

[Jerical13]

The Mac client I am using first gives you this message before opening an account:
and when you choose a weak passphrase, you will get this message:
The other clients should implement this too.

huh,that is exactly what the official nrs client is ?!

I guess we all do what we think is best for NXT. Personally, I'm going to take a break from this community. Impossible this, impossible that. Whatever.

i have heard that nxt is going nowhere due to no strong joined development

is thatreally true?  i cant and dont want to afford to lose my investment if this goes lower

Just relax and chill. Rome wasn't build in one day. This is one of the best communities for a crypto!

There has been a pretty big step forward as far as becoming more goal oriented in the elections of the three committees. I think this will help to turn ideas into reality in time. It would be a loss to the community to not have people share their thoughts and ideas. Dialog, conversation and critical thinking is important in the creative process, and NXT is and hopefully always will be a creative and evolving process. The dialog here is important, or I guess megalog would be a better term; but it is still important. We have an apparatus in place now to help turn these ideas into real progress. We just have to trust in that apparatus and be patient. Results will come.

Keep posting. Keep reading posts (or at least the ones that you can.) It is part of the process. And remember that this whole thing is new and cutting edge, and there is no blue print for what we are doing. Your posts and others posts are helping to make that blue print. We are ta modern day "Corps of Discovery."

[farl4web]

@Wesley
Is your online client as safe as the NxtMac app? Online seems less secure, and you don't use SSL. Or have I got it wrong?

[wesleyh]

@Wesley

A few results after testing your client:

• Settings > Custom choice by header, Sidebar, Page header (nothing happens)
• When I click "send NXT" or "send message" in the upperright, I can't click on the avatar to choose from my Contacts
• Wouldn't it be nice to see the account balance on all the pages, maybe in the header?
• How do I change my assets?
• I can't vote on other polls

1) First choose one of the colors, not default. Then choose custom. It does not yet work if you go from default to custom.
2) The avatar does nothing yet, will be implemented later on.
3) Maybe.
4) What do you mean by changing assets?
5) Not yet implemented.

[farl4web]

@Wesley

A few results after testing your client:

• Settings > Custom choice by header, Sidebar, Page header (nothing happens)
• When I click "send NXT" or "send message" in the upperright, I can't click on the avatar to choose from my Contacts
• Wouldn't it be nice to see the account balance on all the pages, maybe in the header?
• How do I change my assets?
• I can't vote on other polls

4) What do you mean by changing assets?

I created an asset, but can't I change the description for example?

[wesleyh]

@Wesley
Is your online client as safe as the NxtMac app? Online seems less secure, and you don't use SSL. Or have I got it wrong?

Same HTML/js code is used. My online client is for testnet only. Others can set it up on SSL after it's included in NRS _and_ client side signing is available. That said, I like my client on the desktop, probably the safest because you still need to trust the node servers not to have changed anything of the javascript. However a chrome/firefox extension can be made that checks to see if the node server is indeed using unmodified javascript/HTML and that would make it as secure as a desktop application.