Nxt source code flaw reports

[ZeroTheGreat]

U (and the others) should wait when Instant Transactions r implemented. Then u don't need referenced transactions, even unconfirmed transactions will be confirmed with 100% guarantee.

With ~100%, right? In any time in future no one forger can actually get 100%, but could be very close.

[1714767541]

1714767541

[1714767541]

1714767541

[1714767541]

1714767541

[Come-from-Beyond]

U (and the others) should wait when Instant Transactions r implemented. Then u don't need referenced transactions, even unconfirmed transactions will be confirmed with 100% guarantee.

With ~100%, right? In any time in future no one forger can actually get 100%, but could be very close.

>= 100%. < 100% can be only if a merchant is isolated from the network, which is easily detectable.

[ZeroTheGreat]

Hmm. Does it mean that low stakes never'll have chance to forge, if there's big stake around? Every next block till active he'll have bigger chances up to 100%+?

If there's still game of chances, u can predict who forge next only with <100% probability. Up to any amount of "9", but lower than 100%.

[Come-from-Beyond]

Hmm. Does it mean that low stakes never'll have chance to forge, if there's big stake around? Every next block till active he'll have bigger chances up to 100%+?

No.

[ZeroTheGreat]

Hmm. Does it mean that low stakes never'll have chance to forge, if there's big stake around? Every next block till active he'll have bigger chances up to 100%+?

No.

If there're chances for other forgers, no one can've 100%, cos in some cases, in x% cases someone else'll generate a block. So only (100-x)% achievable. Am I right?

[Come-from-Beyond]

Hmm. Does it mean that low stakes never'll have chance to forge, if there's big stake around? Every next block till active he'll have bigger chances up to 100%+?

No.

If there're chances for other forgers, no one can've 100%, cos in some cases, in x% cases someone else'll generate a block. So only (100-x)% achievable. Am I right?

No, it's based on another approach - https://bitcointalk.org/index.php?topic=316104.0

[gimre]

Oh P.S, this can be done differently, and I'm actually doing it in a different way in my python code.

Share, plz.

I think it's ok for me to do, when analyzing data, but I'm not sure it it'd be ok for official client.

Basically when getting blocks, I think (but I might be wrong here) there are only two options:

• our tail is ok
• either our current tail is wrong and we must fix it

First case is clear, just append new blocks.

In second case:

                                our_1 .. our_2 .. our_n
                              /
id_1 . id_2 ... commonBlockId
                              \
                                recv_1 .. recv_2 .. recv_3 .. recv_m

(I'm doing check if recv chain makes any sense at all and)
I'm relying solely on length of chain, if recv is longer than mine, I'm dropping my chain.

I think that might be inacceptable for official client, as with number of *evil* nodes, bad things could happen.

The difference is NRS to "rollback", does re-load of blocks and TXes from file (which will be more and more costly, when chain will get longer and longer).
With the cost of complicating code a bit, I think that "applying changes & rollback" could be done in more lightway way

[Come-from-Beyond]

The difference is NRS to "rollback", does re-load of blocks and TXes from file (which will be more and more costly, when chain will get longer and longer).

This will be changed when we get rid of *.nxt files.

[gimre]

First block chain:
.....<--> block i <--> block i+1 <--> block i+2 <--> ..... <--> block n = last Block

Second block chein:
.....<--> block i <--> corrupted block i+1 <--> block i+2 <--> ... <--> block n = last block

block i+2 contains a hash for block i+1, so if you change any bit in i+1, the original i+2 will not fit anymore...

Can you PLEASE describe/explain what happens in the above scenario if block i is the Genesis Block?

What do you mean? we're already far after genesis block, so the question is a bit strange.

also the example above i "corrupted block" is really bad one, there is no such thing as "corrupted block" actually.
The situation described by BloodyRookie suggest, that nodes trust more nodes with bigger stake, that is NOT the case.

Even if you change the block, that doesn't make much sense, as one of the blocks will simply get orphaned...

[gimre]

The difference is NRS to "rollback", does re-load of blocks and TXes from file (which will be more and more costly, when chain will get longer and longer).

This will be changed when we get rid of *.nxt files.

what will there be instead of those files?

btw. I'm somewhere in the middle of the file (I'm going top to bottom), and I still haven't noticed those flaws, sigh :]

[Come-from-Beyond]

what will there be instead of those files?

Jean-Luc will decide.

btw. I'm somewhere in the middle of the file (I'm going top to bottom), and I still haven't noticed those flaws, sigh :]

The flaws r very obvious, that's why it's hard to notice them.

[gimre]

What do you mean?

Maybe what I was asking is clearer now in the Edit of my post.

As I've written, there's no such thing as "corrupt block", there's only forking block chain and orphaning blocks (well can be whole chains as well),

take a look at one of my posts above, search for "catch-up", maybe this will clear things a bit

[gimre]

Yes, "corrupt block" is in the forking block chain... how do/would things progress if, for example, you have enough trusted hallmark nodes forking the block chain right at nextBlock == Genesis + 1?

...just trying to understand the defense mechanism better...

Eh it doesn't work this way...
(don't mean to offend you, but this shows some lack in understanding of how blockchain works - not only in NXT)

Lets assume you are at block_x and you have adversary who first sends blockA_(x+1) and blockB_(x+1)

doesn't actually matter which one is "correct", bad one will simply get orphaned, when there will be block (x+2) available

This is important part of the code:

if (Block.getLastBlock().cumulativeDifficulty.compareTo(curCumulativeDifficulty) < 0) {

EDIT: so to answer your question if from genesis block there would go two blocks, it depends on NEXT lock which one of those split will go into the chain

[ImmortAlex]

Btw, about that restoring code...

Code:

if (Block.getLastBlock().cumulativeDifficulty.compareTo(curCumulativeDifficulty) < 0) {
    Block.loadBlocks("blocks.nxt.bak");
    Transaction.loadTransactions("transactions.nxt.bak");
    peer.blacklist();
}

On startup NRS do a some work after loading of blockchain, like block.analyse() and everything else.
Do NRS able to restore on-the-fly at all?!

And I admit that cannot find any other bug in this thread.

[Come-from-Beyond]

Btw, about that restoring code...

Code:

if (Block.getLastBlock().cumulativeDifficulty.compareTo(curCumulativeDifficulty) < 0) {
    Block.loadBlocks("blocks.nxt.bak");
    Transaction.loadTransactions("transactions.nxt.bak");
    peer.blacklist();
}

On startup NRS do a some work after loading of blockchain, like block.analyse() and everything else.
Do NRS able to restore on-the-fly at all?!

blocks.nxt and transactions.nxt is enough to restore complete state of the ledger, including aliases, trades, etc.

[jl777]

Not sure if its logic flaw, but somebody could simply change initial allocation in genesis block to give themselves a lot of NXT.

We have seen a case of altered client already, so changing genesis block's hardcoding and hypnotizing jean-luc into signing it as the official release, would be an obvious but effective way to steal a lot of NXT

James

[Come-from-Beyond]

Not sure if its logic flaw, but somebody could simply change initial allocation in genesis block to give themselves a lot of NXT.

We have seen a case of altered client already, so changing genesis block's hardcoding and hypnotizing jean-luc into signing it as the official release, would be an obvious but effective way to steal a lot of NXT

James

True, that's why noone knows who Jean-Luc is.

[jl777]

Not sure if its logic flaw, but somebody could simply change initial allocation in genesis block to give themselves a lot of NXT.

We have seen a case of altered client already, so changing genesis block's hardcoding and hypnotizing jean-luc into signing it as the official release, would be an obvious but effective way to steal a lot of NXT

James

True, that's why noone knows who Jean-Luc is.

Maybe he is BCNext!

[Come-from-Beyond]

Maybe he is BCNext!

We don't know who BCNext is... Looks like an infinite loop!

[instacalm]

Not sure if its logic flaw, but somebody could simply change initial allocation in genesis block to give themselves a lot of NXT.

We have seen a case of altered client already, so changing genesis block's hardcoding and hypnotizing jean-luc into signing it as the official release, would be an obvious but effective way to steal a lot of NXT

James

True, that's why noone knows who Jean-Luc is.

Maybe he is BCNext!

Well, BCNext, "Jean-Luc" and Come-from-Beyond are all three Russian.

I'm not entirely sure who is who or whether all three are one, but that makes it more exciting