AlexGR
Legendary
 Offline
Activity: 1708
Merit: 1049
|
 |
April 02, 2014, 10:48:58 PM |
|
the 1000 is the masternodes own money, and no one else in the transaction of a darksend can steal those
So running a dark send node, with an online wallet attached containing 1000 DRKs, is 100% secure? The risk for exposing these 1000 DRKs is zero? hmm i would think that having a encrypted wallet would be ok, as long as the value is 1000 drk.. 1. Will the encrypted wallet need to be opened at any time with the password, so that the darksend node can be established? If yes, can the attacker take the money later on? 2. If no, can an attacker copy the wallet.dat of, say, 500 nodes, take them for himself and then run 500 nodes with the stolen wallet.dats to create network collisions, or to map half the network transactions, without having to pay any cost of owning master nodes - as he would be the pretentious owner of 500.000 DRK by using the wallets of people who actually do have that type of money? In case (1) the money themselves are at risk. In case (2) the network's anonymity might be at risk through bypassing the cost of running a node. I may be totally wrong in what I'm saying here, because as I said, I have no idea how some things work. |
|
|
|
|
AlexGR
Legendary
Offline
Activity: 1708
Merit: 1049
|
|
April 02, 2014, 10:50:58 PM |
|
You're referring to the 1000DRK kept in the hot wallet right? All of the Bitcoin exchanges have began to switch to multisig setups that would require 2 of 3 of the different networks to be breached. I'm sure the same thing will happen for Darkcoin, we just need a good enough setup to protect the money.
Yes, the 1000 in the hot wallet is what I'm talking about. I've no clue what multisig setup are, I'll google it. |
|
|
|
|
CHAOSiTEC
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
April 02, 2014, 10:54:46 PM |
|
You're referring to the 1000DRK kept in the hot wallet right? All of the Bitcoin exchanges have began to switch to multisig setups that would require 2 of 3 of the different networks to be breached. I'm sure the same thing will happen for Darkcoin, we just need a good enough setup to protect the money.
Yes, the 1000 in the hot wallet is what I'm talking about. I've no clue what multisig setup are, I'll google it. basically you need more than 1 password to open the wallet |
node-vps.com - Tron / Masternode hosting services
|
|
|
AlexGR
Legendary
Offline
Activity: 1708
Merit: 1049
|
|
April 02, 2014, 10:55:19 PM |
|
You're referring to the 1000DRK kept in the hot wallet right? All of the Bitcoin exchanges have began to switch to multisig setups that would require 2 of 3 of the different networks to be breached. I'm sure the same thing will happen for Darkcoin, we just need a good enough setup to protect the money.
Yes, the 1000 in the hot wallet is what I'm talking about. I've no clue what multisig setup are, I'll google it. basically you need more than 1 password to open the wallet Aha ok... |
|
|
|
|
|
|
CHAOSiTEC
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
April 02, 2014, 11:05:35 PM |
|
|
node-vps.com - Tron / Masternode hosting services
|
|
|
yum
Newbie
Offline
Activity: 9
Merit: 0
|
|
April 02, 2014, 11:14:30 PM |
|
I've heard people say that darksend is "easy to compromise, bad mixing...masternodes need trust, easy to destruct and dos the whole network."
I'm bullish and hold DRK, but I don't know enough of the technical details to debate. Is there any merit to the statement above?
|
|
|
|
|
CHAOSiTEC
Legendary
Offline
Activity: 1358
Merit: 1002
|
|
April 02, 2014, 11:20:17 PM |
|
I've heard people say that darksend is "easy to compromise, bad mixing...masternodes need trust, easy to destruct and dos the whole network."
I'm bullish and hold DRK, but I don't know enough of the technical details to debate. Is there any merit to the statement above?
easy to compromise: to compromise the darksend network you need to run master nodes, the more masternodes you run, the easier it becomes, but the mixing is going through several master nodes, so you need control all of most of them to try and demask the users real life chance of success: possible, but slim at best. bad mixing: sorry that is just bullshit masternodes need trust: Trust yes, but if a masternode does not behave, it gets penalized dos the whole network, see above Also, since its expensive to run a master node, it is going to be very costly to run one, and lets just say you want to run enough to have a descent success then you will need 10s of thousend drks to run them. |
node-vps.com - Tron / Masternode hosting services
|
|
|
dime
Member
Offline
Activity: 88
Merit: 10
|
|
April 02, 2014, 11:32:18 PM |
|
You could run a micro on EC2 for $14/mo to do it.
Important: Please take time to read this!I see a lot of excitement from people looking to run masternodes, but ensure you know what you are doing. Among them, is NOT putting a masternode on ANY VPS provider. Here is a checklist of things that could go wrong. Remember it's your 1000 drk sitting in a hotwallet. 1. Remember you did not do the install, you launched an image that was prepared. This is analogous to putting your key into someone else's computer. There is no way of knowing the image is not rootkitted because you are INSIDE the image. 2. VMs are still rather new and there are plenty of host privilege escalation exploits. This means security of your vm is not 100% yours. You are multiplying your risk by the number of other VMs on your VM host, and the network it is connected to. 3. VPS storage is rather primitive and NOT designed for security. Your root storage is NOT encrypted at all. Encrypting a container inside your vm will not do any good because it must be decrypted for your process to run it. Then the VM host has access to it. 4. (offtopic) If you don't have the resources to set up your own machine and are just looking to use a VPS, you may not have general knowledge of hardening your image against vulnerabilities. A few topics to be knowledgeable about include selinux, PaX, iptables, auditd if you run anything else what so ever on the VM. 5. Trusting your provider: those of you who have been in this game long enough will remember countless heists, but the one that rings out in my memory is the one where someone lost a wallet of 25k btc when btc was at $20 USD. He cried over $500k of btc, what was he thinking when 25k btc meant the loss of $30million+? I haven't looked it back up, but as I recall, he NEVER found out how he lost it, and that was the worst part. The only suspicion was that he uploaded a backup of his wallet onto dropbox. Who took it? A dropbox employee? Was dropbox compromised? As far as I know, no one ever found out. No amount of security audits can help find the culprit when the number of doors and windows are an unknown variable. If you're into darkcoin because privacy is your thing but you don't think twice about online security, I have a VM to sell you. ps. sign up for your free darksend.it/username at http://darksend.it |
|
|
|
|
|
InternetApe
|
|
April 02, 2014, 11:45:12 PM |
|
You could run a micro on EC2 for $14/mo to do it.
Important: Please take time to read this!I see a lot of excitement from people looking to run masternodes, but ensure you know what you are doing. Among them, is NOT putting a masternode on ANY VPS provider. Here is a checklist of things that could go wrong. Remember it's your 1000 drk sitting in a hotwallet. 1. Remember you did not do the install, you launched an image that was prepared. This is analogous to putting your key into someone else's computer. There is no way of knowing the image is not rootkitted because you are INSIDE the image. 2. VMs are still rather new and there are plenty of host privilege escalation exploits. This means security of your vm is not 100% yours. You are multiplying your risk by the number of other VMs on your VM host, and the network it is connected to. 3. VPS storage is rather primitive and NOT designed for security. Your root storage is NOT encrypted at all. Encrypting a container inside your vm will not do any good because it must be decrypted for your process to run it. Then the VM host has access to it. 4. (offtopic) If you don't have the resources to set up your own machine and are just looking to use a VPS, you may not have general knowledge of hardening your image against vulnerabilities. A few topics to be knowledgeable about include selinux, PaX, iptables, auditd if you run anything else what so ever on the VM. 5. Trusting your provider: those of you who have been in this game long enough will remember countless heists, but the one that rings out in my memory is the one where someone lost a wallet of 25k btc when btc was at $20 USD. He cried over $500k of btc, what was he thinking when 25k btc meant the loss of $30million+? I haven't looked it back up, but as I recall, he NEVER found out how he lost it, and that was the worst part. The only suspicion was that he uploaded a backup of his wallet onto dropbox. Who took it? A dropbox employee? Was dropbox compromised? As far as I know, no one ever found out. No amount of security audits can help find the culprit when the number of doors and windows are an unknown variable. If you're into darkcoin because privacy is your thing but you don't think twice about online security, I have a VM to sell you. ps. sign up for your free darksend.it/username at http://darksend.it We ,Darkcoin team, are planning on putting out an AMI and iso image for people to use. Even IF you used a rooted image or server, if your wallet is backed-up and encrypted its going to be VERY hard for someone to take your coins. Now with that said no matter how much something is encrypted and secure, if someone wants something bad enough they can get it. If someone wants your coins and you have it on a paper wallet and someone wants it bad enough they will just find where you put it and take it. The problems with running a master node is you MUST know what you are doing! You need to be prepared if someone decides to DDOS your node. The reason for the 1000DRK in the wallet is to weed out people that wouldnt know how to manage the issues that could come up. |
|
|
|
|
mattmct
|
|
April 02, 2014, 11:54:04 PM |
|
I'm been mining this coin since before it was even called DarkCoin, and taken part in numerous DarkSend betas. VERY excited about this coin, and of course also interested in being a Master node(s)  Seeing Evan and InternetApe's devotion and pure intelligence grows my confidence in DarkCoin daily. |
|
|
|
|
thelonecrouton
Legendary
Offline
Activity: 966
Merit: 1000
|
|
April 03, 2014, 12:21:16 AM |
|
Just dumped my entire BTC reserve and bought more DRK.
Like a goddamn tycoon.
If it all goes tits up I'm going to have to work for a couple of days to make up for it.
|
|
|
|
|
coins101
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
April 03, 2014, 12:41:26 AM |
|
Just dumped my entire BTC reserve and bought more DRK.
Like a goddamn tycoon.
If it all goes tits up I'm going to have to work for a couple of days to make up for it.
I think you are a trend setter. |
|
|
|
|
enzo86
Newbie
Offline
Activity: 39
Merit: 0
|
|
April 03, 2014, 12:46:28 AM |
|
You could run a micro on EC2 for $14/mo to do it.
Important: Please take time to read this!I see a lot of excitement from people looking to run masternodes, but ensure you know what you are doing. Among them, is NOT putting a masternode on ANY VPS provider. Here is a checklist of things that could go wrong. Remember it's your 1000 drk sitting in a hotwallet. 1. Remember you did not do the install, you launched an image that was prepared. This is analogous to putting your key into someone else's computer. There is no way of knowing the image is not rootkitted because you are INSIDE the image. 2. VMs are still rather new and there are plenty of host privilege escalation exploits. This means security of your vm is not 100% yours. You are multiplying your risk by the number of other VMs on your VM host, and the network it is connected to. 3. VPS storage is rather primitive and NOT designed for security. Your root storage is NOT encrypted at all. Encrypting a container inside your vm will not do any good because it must be decrypted for your process to run it. Then the VM host has access to it. 4. (offtopic) If you don't have the resources to set up your own machine and are just looking to use a VPS, you may not have general knowledge of hardening your image against vulnerabilities. A few topics to be knowledgeable about include selinux, PaX, iptables, auditd if you run anything else what so ever on the VM. 5. Trusting your provider: those of you who have been in this game long enough will remember countless heists, but the one that rings out in my memory is the one where someone lost a wallet of 25k btc when btc was at $20 USD. He cried over $500k of btc, what was he thinking when 25k btc meant the loss of $30million+? I haven't looked it back up, but as I recall, he NEVER found out how he lost it, and that was the worst part. The only suspicion was that he uploaded a backup of his wallet onto dropbox. Who took it? A dropbox employee? Was dropbox compromised? As far as I know, no one ever found out. No amount of security audits can help find the culprit when the number of doors and windows are an unknown variable. If you're into darkcoin because privacy is your thing but you don't think twice about online security, I have a VM to sell you. ps. sign up for your free darksend.it/username at http://darksend.it We ,Darkcoin team, are planning on putting out an AMI and iso image for people to use. Even IF you used a rooted image or server, if your wallet is backed-up and encrypted its going to be VERY hard for someone to take your coins. Now with that said no matter how much something is encrypted and secure, if someone wants something bad enough they can get it. If someone wants your coins and you have it on a paper wallet and someone wants it bad enough they will just find where you put it and take it. The problems with running a master node is you MUST know what you are doing! You need to be prepared if someone decides to DDOS your node. The reason for the 1000DRK in the wallet is to weed out people that wouldnt know how to manage the issues that could come up. If done correctly a VPS on AWS or any provider can be secure. enough so that places like netflix run their massive environment on AWS. if your Linux admin foo is great you will be fine. |
|
|
|
|
|
tifozi
|
|
April 03, 2014, 01:13:48 AM |
|
Expect a lot more coins to implement Dark Gravity Wave KGW --> Needs a fix. Digishield --> Needs a fix https://bitcointalk.org/index.php?topic=552895.msg6034641#msg6034641Too bad it is a BTC bear market going on. Confidence in cryptos might be at an all time low which is hindering Darkcoin as well. I still think Bitcoin rushed too much too soon. |
|
|
|
|
eduffield (OP)
Legendary
Offline
Activity: 1176
Merit: 1036
Dash Developer
|
|
April 03, 2014, 01:27:05 AM |
|
Expect a lot more coins to implement Dark Gravity Wave KGW --> Needs a fix. Digishield --> Needs a fix https://bitcointalk.org/index.php?topic=552895.msg6034641#msg6034641Too bad it is a BTC bear market going on. Confidence in cryptos might be at an all time low which is hindering Darkcoin as well. I still think Bitcoin rushed too much too soon. Yeah, DGW2 fixes what they're talking about |
Dash - Digital Cash | dash.org | dashfoundation.io | dashgo.io
|
|
|
fearcoka
Legendary
Offline
Activity: 1008
Merit: 1000
|
|
April 03, 2014, 01:31:52 AM |
|
87 btc buy order.. say wuttt  |
Just Nao Tomori and Bitcoin ( ͡° ͜ʖ ͡°)
|
|
|
|
tifozi
|
|
April 03, 2014, 01:42:20 AM |
|
87 btc buy order.. say wuttt <Henryxx> 79 btc loking to change for Darkcoin
<Henryxx> pm for offer
Sounds like someone wants to setup a few MasterNodes haha He will struggle to get it filled though. I posted a few pages back that I want to buy some DRKs and didn't get a single PM. |
|
|
|
|
TanteStefana
Full Member
Offline
Activity: 280
Merit: 100
The Future Of Work
|
|
April 03, 2014, 01:42:34 AM |
|
back to a master node misbehaving, there is a problem here.
A human will not know if they are hosting a master node as they shut off their machine for whatever reason, therefore we have a backup slave node to take over. I would think that the only "punishment" for the master node is that they will not participate in that round's rewards. Otherwise, we can hurt people who are just running their wallets.
I still haven't seen, but may have missed it, can we password protect our wallet while running the nodes? Also, can our balances and identity be inferred from running a node?
|
|
|
|
goin2mars
Member
Offline
Activity: 112
Merit: 10
|
|
April 03, 2014, 01:45:45 AM |
|
87 btc buy order.. say wuttt Awesome!!!  |
|
|
|
|
|
