Bitcoin Forum
June 21, 2024, 11:24:01 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they believe that the creator of this topic displays some red flags which make them high-risk. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 ... 65 »
  Print  
Author Topic: Nxt source code flaw reports  (Read 113310 times)
theKnownUnknown
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
January 03, 2014, 09:35:15 PM
 #121

Perhaps someone would find the flaws if this code would be maintainable (e.g. JavaDoc and modularization) Tongue.
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1009

Newbie


View Profile
January 03, 2014, 09:35:50 PM
 #122

Can you please explain why the code below returns false (only if we are also allowed to ask questions):

boolean verifyBlockSignature() throws Exception {
         
         Account account = accounts.get(Account.getId(generatorPublicKey));
         if (account == null) {
            
            return false;

This piece of code doesn't allow to forge blocks with an empty account.
xibeijan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


View Profile
January 03, 2014, 09:36:23 PM
 #123

NXT is just some code that some junior programmer is trying to cook up one the fly.  

Take it from an expert in these coding matters.

Don't believe me,  well good luck with your NXT investments.


So... how come you 're not spitting out ALL THREE FLAWS then?



Is this not plain and simple B.S.?



"Each flaw has a small description. Here r SHA256 hashes of these descriptions:

bd34c891e9e3df9ea8b8eafc4dc3edc129f81365d42bf204ea58271e320f3ce5 - 1K reward
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530 - 10K reward
f5236644f4306699bb0fa90a905afe2454683c0aad6995e4433d712e2fdb257c - 100K reward
"


If he knews of the flaws,  then why is he asking this forum?

How do you create a hash of something you don't know exists?

Besides,  what the heck are you even hashing?  Some text that describes the flaw?


The B.S. is unbelievable and you folks are just too ignorant to see it.



I normally don't call people trolls, but:

1) It is clear you have not been following anything related to NXT. Injected flaws (in an otherwise working base code) with bounty payouts is meant to encourage people to take a very hard look a the code. Also, read the 1st post again, c-f-b explained this.
2) Bashing how "clean" the code looks. Really? If you're so good at this, why didn't you come up with a better NXT first? It's probably because you can't (hence you have to fork NXT's code... how ironic).

+1

He needs to chill.  His questions will be answered, but not really for this thread.

And, the devs really need to get a whitepaper together.

Notable projects 2019: Semux, Dero, Wagerr, BEAM
klee
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000



View Profile
January 03, 2014, 09:37:30 PM
 #124

Don't worry FreaktionLess I have hired some of the best developers (who happen to be my friends too) to make this brilliant innovative algorithm into a real software project (along of course with Jean-Luc who is the leader dev atm).

See you around I hope to review their code too Wink
jl777
Legendary
*
Offline Offline

Activity: 1176
Merit: 1132


View Profile WWW
January 03, 2014, 09:39:28 PM
 #125

Frictionless

Did you even read the code?
The proof of stake is hard coded in with the founder's acct numbers and the number of NXT they started with. The genesis block is created from scratch and the blockchain starts from there.

By starting with 100% of the NXT issued to the founders in the hardcoded block, as long as every transfer of NXT is accounted for properly the proof of stake is maintained.

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1009

Newbie


View Profile
January 03, 2014, 09:40:12 PM
 #126

Well, we derailed the thread. FrictionlessCoin, let's move to other thread to discuss consensus algo. Create it and post here the link, plz.
FrictionlessCoin
Legendary
*
Offline Offline

Activity: 868
Merit: 1000


Cryptotalk.org - Get paid for every post!


View Profile
January 03, 2014, 09:40:21 PM
 #127


Forging is a distributed consensus system that is used to confirm waiting transactions by including them in the block chain. It enforces a chronological order in the block chain, protects the neutrality of the network, and allows different computers to agree on the state of the system. To be confirmed, transactions must be packed in a block that fits very strict cryptographic rules that will be verified by the network. These rules prevent previous blocks from being modified because doing so would invalidate all following blocks. Forging also creates the equivalent of a competitive lottery that prevents any individual from easily adding new blocks consecutively in the block chain. This way, no individuals can control what is included in the block chain or replace parts of the block chain to roll back their own spends.

I can't explain details in a couple of sentences.

(1) How do you ensure "chronological order in the block chain".
(2) What are these "strict cryptographic rules"
(3) What is the mechanism of this "lottery".

From what you described,  there are too many important details that you are glossing over.  

If you can't answer the 3 question I asked, then you truly don't know what you are writing.   You are the author of the code, right?

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
xibeijan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


View Profile
January 03, 2014, 09:41:39 PM
 #128

I normally don't call people trolls, but:

1) It is clear you have not been following anything related to NXT. Injected flaws (in an otherwise working base code) with bounty payouts is meant to encourage people to take a very hard look a the code. Also, read the 1st post again, c-f-b explained this.
2) Bashing how "clean" the code looks. Really? If you're so good at this, why didn't you come up with a better NXT first? It's probably because you can't (hence you have to fork NXT's code... how ironic).

So your are admiting that this indeed is not the 'real source code' but some variant of it that doesn't really work.

I thought the purpose of releasing source code is to have other people to review if it is correct.

Well... I may just create a much better NXT.   Something that

(1) Has a very clear specification of the distributed consensus algorithm that people can review for flaws.
(2) Follow best practice Java coding standards.
(3) Gone through extensive static code analysis.
(4) Have a battery of unit tests to exhaustive test out the code.
(5) Ensure that tests perform 100% test coverage.

but unfortunately none of that exists for NXT.   It is just a high school project that some folks invested 21 BTC to get a stake on it.



Yes.  Please go do that.

P.S. I would ask you to PM me when you have 100% test coverage, but I've not even found this in the bitcoin source code...

Notable projects 2019: Semux, Dero, Wagerr, BEAM
pandaisftw
Full Member
***
Offline Offline

Activity: 224
Merit: 100


View Profile
January 03, 2014, 09:42:05 PM
 #129

I normally don't call people trolls, but:

1) It is clear you have not been following anything related to NXT. Injected flaws (in an otherwise working base code) with bounty payouts is meant to encourage people to take a very hard look a the code. Also, read the 1st post again, c-f-b explained this.
2) Bashing how "clean" the code looks. Really? If you're so good at this, why didn't you come up with a better NXT first? It's probably because you can't (hence you have to fork NXT's code... how ironic).

So your are admiting that this indeed is not the 'real source code' but some variant of it that doesn't really work.

I thought the purpose of releasing source code is to have other people to review if it is correct.

Well... I may just create a much better NXT.   Something that

(1) Has a very clear specification of the distributed consensus algorithm that people can review for flaws.
(2) Follow best practice Java coding standards.
(3) Gone through extensive static code analysis.
(4) Have a battery of unit tests to exhaustive test out the code.
(5) Ensure that tests perform 100% test coverage.

but unfortunately none of that exists for NXT.   It is just a high school project that some folks invested 21 BTC to get a stake on it.



Who claimed this was the 'real source code'? If you find the 3 flaws, correct them (or post here to collect bounty), you will have a 100% working base-code that runs 0.4.7e.

But let's get back on topic and look for the flaws, please.

NXT: 13095091276527367030
tk808
Legendary
*
Offline Offline

Activity: 1512
Merit: 1124


Invest in your knowledge


View Profile
January 03, 2014, 09:42:33 PM
 #130

Frictionless

Did you even read the code?
The proof of stake is hard coded in with the founder's acct numbers and the number of NXT they started with. The genesis block is created from scratch and the blockchain starts from there.

By starting with 100% of the NXT issued to the founders in the hardcoded block, as long as every transfer of NXT is accounted for properly the proof of stake is maintained.

James

Isn't it obvious to you all now?

All he knows is the 10 cookbook recipes he's been learning in college for the past 4 years.

Frictionless is one of those dudes who thinks he's a genius because of what he knows. This is the real-world dude, not an algorithm found in a textbook
xibeijan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


View Profile
January 03, 2014, 09:43:17 PM
 #131

Don't worry FreaktionLess I have hired some of the best developers (who happen to be my friends too) to make this brilliant innovative algorithm into a real software project (along of course with Jean-Luc who is the leader dev atm).

See you around I hope to review their code too Wink

+1

Notable projects 2019: Semux, Dero, Wagerr, BEAM
jl777
Legendary
*
Offline Offline

Activity: 1176
Merit: 1132


View Profile WWW
January 03, 2014, 09:44:15 PM
 #132

frictionless,

Unfortunately (for us), the answers to your questions are indeed in the source code as released and the live version uses the identical or bug fixed version.

CfB is not the author, he was one of the founders who BCNext convinced to deal with the forum while he kept coding

Conceptual framework for the algorithm is in the original BCNext thread (https://bitcointalk.org/index.php?topic=303898.160), you just have to read through it or the source code or wait for the white paper

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
Vega
Hero Member
*****
Offline Offline

Activity: 739
Merit: 500



View Profile
January 03, 2014, 09:45:01 PM
 #133

And, the devs really need to get a whitepaper together.
Among other things. As someone who has a nice amount of money invested in Nxt, I'm not that happy this days about how many thing going with Nxt.
But screaming at the devs without offering anything constructive, is less than pointless, unless he have an agenda.
And if I remember correctly, it's not even the first time he seen the code, he posted last week on btt and on reddit already about it, after he decompiled it.
So this is pretty much rehearsed bashing.
klee
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000



View Profile
January 03, 2014, 09:50:33 PM
 #134

And, the devs really need to get a whitepaper together.
Among other things. As someone who has a nice amount of money invested in Nxt, I'm not that happy this days about how many thing going with Nxt.
But screaming at the devs without offering anything constructive, is less than pointless, unless he have an agenda.
And if I remember correctly, it's not even the first time he seen the code, he posted last week on btt and on reddit already about it, after he decompiled it.
So this is pretty much rehearsed bashing.
Secret agenda - who are you FREAKtionless? What is your motives?
Serving the 'truth'?? lol

Go back to your worthless dinosaur soon to extinct (PoW) investment...
mcjavar
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500


View Profile
January 03, 2014, 09:52:15 PM
 #135

Don't worry FreaktionLess I have hired some of the best developers (who happen to be my friends too) to make this brilliant innovative algorithm into a real software project (along of course with Jean-Luc who is the leader dev atm).

See you around I hope to review their code too Wink

Glad to read that! When do they get on board and who is paying for them?
gsan1
Newbie
*
Offline Offline

Activity: 50
Merit: 0


View Profile
January 03, 2014, 09:53:16 PM
 #136

Guess its time to shutdown the computer after a 5 hour code research marathon. No flaws found up to now..
klee
Legendary
*
Offline Offline

Activity: 1498
Merit: 1000



View Profile
January 03, 2014, 09:53:59 PM
 #137

Don't worry FreaktionLess I have hired some of the best developers (who happen to be my friends too) to make this brilliant innovative algorithm into a real software project (along of course with Jean-Luc who is the leader dev atm).

See you around I hope to review their code too Wink

Glad to read that! When do they get on board and who is paying for them?
They are almost a week on board (2 devs + 1 IT + maybe 1 more dev) and I pay for them...
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1009

Newbie


View Profile
January 03, 2014, 09:56:41 PM
 #138

Guess its time to shutdown the computer after a 5 hour code research marathon. No flaws found up to now..

U have to understand logic of the code to find these flaws.
inkadnb
Member
**
Offline Offline

Activity: 126
Merit: 10


View Profile
January 03, 2014, 10:07:01 PM
 #139

Am I too late to the game? Have any been found yet?

gsan1
Newbie
*
Offline Offline

Activity: 50
Merit: 0


View Profile
January 03, 2014, 10:11:31 PM
 #140

Guess its time to shutdown the computer after a 5 hour code research marathon. No flaws found up to now..

U have to understand logic of the code to find these flaws.

Sure I have to  Wink Stuck at the Peer Class. I haven't looked at the Curve25519 algorithmus. Maybe I search further tomorrow. But enough for today - guess I am dreaming of brakets and semicolons.  Grin

PS: Am I the only one that often receivs a 502 Bad Gateway while navigating in this forum?
Pages: « 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 ... 65 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!