|
Ziploc
|
 |
March 29, 2014, 05:54:04 PM |
|
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block That is already in there. I have mine unlocked and can't send transactions without entering my pass. Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end. Just to follow up with a couple more details and confirmations on this. 1. If you unlock the 'new' way, via the <settings> dropdown, you're wallet is up for grabs. No password is needed to send out your coins. 2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Thank god someone was thinking. 3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking. 4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out). 5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see. Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database! if You do no 2...the stacking works...just received few fractions of coins Well yes, it's supposed to work that way and does. You will also be staking by doing #1. The open question was more about #3 and #4. So far it looks like client is misreporting, and in fact at that point you are locked and not staking, in spite of the green light. Not a major issue. Security is. Looks like you're ok with #2. No doubt future releases will add features and heightened security. Be sure when you unlock in console to immediately delete history. **footnote for experts: there is always a possibility that, in spite of deleting console history your password is retained somewhere in memory and retrievable by someone clever enough to get in. It's beyond my skills to verify that, but would be glad to hear a report from someone capable of analyzing the matter in detail. actually no2 might be dangerous also.....just checked and my transaction passed without password...... I then did walletlock command..... wallet is locked now and the stacking icon is green...will have to check if it is really stacking....I came to the same questions as yours...will try to report if I will get something... |
|
|
|
|
|
Charloz24
|
|
March 29, 2014, 05:55:46 PM |
|
im gonna hold until we plateau around the same market cap as nextcoin
I didn't know NXT really well my first time with crypto were after last christmass. I looked at the NXT to compare price... did not found too much talk about price, just 1 guy selling 1 000 000 nxt for 1 btc... (was in the end of november. Now it's at 5600 sats... so well hope BC will do the same in a such small time frame!  |
|
|
|
|
|
Jabulon
|
|
March 29, 2014, 05:57:09 PM |
|
why can't the wallet have an option to only be unlocked for staking but not allow for any transactions to be SENT? then ppl could leave their wallets unlocked to stake without worry of being stolen.
Good point we will try ask rar4 for that feature.Something like transaction password block That is already in there. I have mine unlocked and can't send transactions without entering my pass. Check again people. I just did, and not for the first time. No password is required to send from an unlocked wallet. And yes, I'm using the latest release (windows client). I brought this up weeks ago in a cautionary post, before Soepkip had his coins swiped, and then subsequently. For the future health of the coin and anyone owning it, let's tie up this loose end. Just to follow up with a couple more details and confirmations on this. 1. If you unlock the 'new' way, via the <settings> dropdown, you're wallet is up for grabs. No password is needed to send out your coins. 2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Thank god someone was thinking. 3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking. 4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out). 5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see. Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database! if You do no 2...the stacking works...just received few fractions of coins Well yes, it's supposed to work that way and does. You will also be staking by doing #1. The open question was more about #3 and #4. So far it looks like client is misreporting, and in fact at that point you are locked and not staking, in spite of the green light. Not a major issue. Security is. Looks like you're ok with #2. No doubt future releases will add features and heightened security. Be sure when you unlock in console to immediately delete history. **footnote for experts: there is always a possibility that, in spite of deleting console history your password is retained somewhere in memory and retrievable by someone clever enough to get in. It's beyond my skills to verify that, but would be glad to hear a report from someone capable of analyzing the matter in detail. actually no2 might be dangerous also.....just checked and my transaction passed without password...... I then did walletlock command..... wallet is locked now and the stacking icon is green...will have to check if it is really stacking....I came to the same questions as yours...will try to report if I will get something... Strange. I confirmed earlier that #2 demanded my password. What client are you on? Could you restart and reconfirm please. I'm on the latest windows qt. |
|
|
|
|
Charloz24
|
|
March 29, 2014, 06:21:08 PM |
|
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?
|
|
|
|
|
machinez
Member
 Offline
Activity: 61
Merit: 10
|
|
March 29, 2014, 06:25:32 PM |
|
Strange. I confirmed earlier that #2 demanded my password. What client are you on? Could you restart and reconfirm please. I'm on the latest windows qt.
#2 also asked for my password. im on v1.0.5  |
|
|
|
|
|
stormia
|
|
March 29, 2014, 06:27:21 PM |
|
im still on the fence can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
return false;
im not well enough versed with the code to know what these variable names imply i have discovered a flaw with current PoS implementation you can easily do a 51% attack with PoS blocks without needing large holdings since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes enough to put the security and function of a coin in question couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks are people really not concerned about this? YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALLHi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night. Check our code i'd say No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why. |
|
|
|
|
|
Jabulon
|
|
March 29, 2014, 06:31:40 PM |
|
im still on the fence can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
return false;
im not well enough versed with the code to know what these variable names imply i have discovered a flaw with current PoS implementation you can easily do a 51% attack with PoS blocks without needing large holdings since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes enough to put the security and function of a coin in question couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks are people really not concerned about this? YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALLHi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night. Check our code i'd say No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why. This flaw was addressed by the author of PoS, Sunny King, earlier this year: Official release build is now available http://www.ppcoin.org/ (via sourceforge) What's in 0.3.0 release: Stake generation protocol upgrade (protocol switch March 20th) Qt UI support Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client) Miscellaneous bug fixes and improvements The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities. My sincere appreciation to co-contributors of 0.3.0 release: Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix Jutarul for demonstrating stake generation vulnerability EskimoBob for reporting issue fixed in 0.3.0 |
|
|
|
machinez
Member
Offline
Activity: 61
Merit: 10
|
|
March 29, 2014, 06:32:55 PM |
|
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?
keep in mind that you CAN'T mine BC directly anymore, so if you're using a SHA256 miner on the multipools, you're actually mining SHA256 coins against other SHA256 miners, then trade those coin for BTC to buy BC. using coinwarz  , for 200ghz, you're looking at around $14 dollars a day, or 0.02804BTC at current exchange's rate  |
|
|
|
|
|
Charloz24
|
|
March 29, 2014, 06:37:07 PM |
|
Hey I was wodering something about ASIC. Since there is more and more scrypt asic, what about old SHA256 one? Is there good bargain on them? Since blackcoin pool also mine Sha256... How much BC per day with 200gh/s?
keep in mind that you CAN'T mine BC directly anymore, so if you're using a SHA256 miner on the multipools, you're actually mining SHA256 coins against other SHA256 miners, then trade those coin for BTC to buy BC. using coinwarz , for 200ghz, you're looking at around $14 dollars a day, or 0.02804BTC at current exchange's rate Yeah of course I know that I can't mine directly BC, was just wondering if SHA256 is now a better option than GPU mining, seems like they are about the same.. |
|
|
|
|
|
bitcoinwonders010
|
|
March 29, 2014, 06:41:55 PM |
|
looks like where on cryptsy now, i still believe in black coin so still holding. take a look at CGA coin,
|
|
|
|
|
|
stormia
|
|
March 29, 2014, 06:42:42 PM |
|
im still on the fence can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
return false;
im not well enough versed with the code to know what these variable names imply i have discovered a flaw with current PoS implementation you can easily do a 51% attack with PoS blocks without needing large holdings since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes enough to put the security and function of a coin in question couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks are people really not concerned about this? YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALLHi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night. Check our code i'd say No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why. This flaw was addressed by the author of PoS, Sunny King, earlier this year: Official release build is now available http://www.ppcoin.org/ (via sourceforge) What's in 0.3.0 release: Stake generation protocol upgrade (protocol switch March 20th) Qt UI support Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client) Miscellaneous bug fixes and improvements The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities. My sincere appreciation to co-contributors of 0.3.0 release: Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix Jutarul for demonstrating stake generation vulnerability EskimoBob for reporting issue fixed in 0.3.0 +1 thank you for quick and helpful response |
|
|
|
|
machinez
Member
Offline
Activity: 61
Merit: 10
|
|
March 29, 2014, 06:43:33 PM |
|
to match $14 dollars, you will need a scrypt rig that can mine at around 4.7mhz. If you're looking to purchase one TODAY, then SHA256 seems to be a better option as you can get the ANTMINER S1 on ebay for $500-600  A scrypt rig will cost alot more than that  |
|
|
|
|
|
kana
|
|
March 29, 2014, 06:46:19 PM |
|
double checked still ask me for the key also
|
|
|
|
|
|
kana
|
|
March 29, 2014, 06:47:07 PM |
|
to match $14 dollars, you will need a scrypt rig that can mine at around 4.7mhz. If you're looking to purchase one TODAY, then SHA256 seems to be a better option as you can get the ANTMINER S1 on ebay for $500-600 A scrypt rig will cost alot more than that Even with the difference in power usage? |
|
|
|
|
|
artiface
|
|
March 29, 2014, 06:57:15 PM |
|
im still on the fence can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
return false;
im not well enough versed with the code to know what these variable names imply i have discovered a flaw with current PoS implementation you can easily do a 51% attack with PoS blocks without needing large holdings since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes enough to put the security and function of a coin in question couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks are people really not concerned about this? YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALLHi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night. Check our code i'd say No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why. This flaw was addressed by the author of PoS, Sunny King, earlier this year: Official release build is now available http://www.ppcoin.org/ (via sourceforge) What's in 0.3.0 release: Stake generation protocol upgrade (protocol switch March 20th) Qt UI support Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client) Miscellaneous bug fixes and improvements The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities. My sincere appreciation to co-contributors of 0.3.0 release: Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix Jutarul for demonstrating stake generation vulnerability EskimoBob for reporting issue fixed in 0.3.0 And just to make it absolutely clear Blackcoin uses 0.3.0 POS protocol. Also the attack described would not work. Coins are not staked only on coinage, it is only one factor. So even if you made a lot of transactions so all your coins were separated by a small interval, there is no guarantee they will stake at each interval - in fact splitting them into small amounts to make these intervals will make them less likely to stake. You would have to have a very large amount of coins at each interval to even have a chance of producing 2 consecutive blocks. This attack is completely unrealistic. |
|
|
|
|
|
stormia
|
|
March 29, 2014, 07:06:23 PM |
|
im still on the fence can someone explain how this stops someone from generating lots of PoS blocks 20 days in the future from a bunch of TX's with small interval, whether through one or multiple wallets ss << nStakeModifier;
ss << nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n << nTimeTx;
hashProofOfStake = Hash(ss.begin(), ss.end());
if(CBigNum(hashProofOfStake) > bnCoinDayWeight * bnTargetPerCoinDay)
return false;
im not well enough versed with the code to know what these variable names imply i have discovered a flaw with current PoS implementation you can easily do a 51% attack with PoS blocks without needing large holdings since PoS blocks are generated on a coin age basis, you could create TXO's delayed by a time offset at the minimum TXO cost for a future attack period so after creating 10000 TXO of 1 MINT separated by 0.5 seconds to make sure 60 consecutive blocks are generated at repeated interval by your wallet 20 days in the future, the attack would last 1 hour and 40 minutes enough to put the security and function of a coin in question couple that with the fact the difficulty calculation includes PoS blocks, that would mean difficulty would jump to stratospheric levels making it impossible to mine PoW blocks are people really not concerned about this? YOU CAN 51% ATTACK ANY POS COIN WITHOUT THE NEED FOR 51% OF SUPPLY OR ANY PoW HASHRATE AT ALLHi all. Just thought I'd share some of the joy we've been dealing with on the Mintcoin thread. Have a good night. Check our code i'd say No explanation? I'm not computer savvy enough to get the answer from the code myself so I was hoping somebody who knows the blackcoin code could explain. It seems that this type of attack is prevented by hybrid PoW/PoS since the PoW blocks have a different and independent difficulty algorithm from the PoS blocks, and you cannot predict with any certainty what the next block in the chain will be (trying to build x consecutive PoS blocks to form an attack with would be interrupted by the generation of a valid PoW block). If that is true, I still don't understand how a pure PoS coin would deal with this. I've got a lot of money invested in this coin and other PoS coins so I would like to know my money is safe, and I would appreciate a concrete answer other than "your money is safe" or "we've figured out how to prevent that" because I'm the type of person that only trusts something if I understand why. This flaw was addressed by the author of PoS, Sunny King, earlier this year: Official release build is now available http://www.ppcoin.org/ (via sourceforge) What's in 0.3.0 release: Stake generation protocol upgrade (protocol switch March 20th) Qt UI support Fix compatibility with vanitygen (note: private keys dumped in v0.2 is no longer importable into v0.3.0, must dump again from v0.3.0 client) Miscellaneous bug fixes and improvements The protocol upgrade in 0.3.0 includes a new algorithm to derive proof-of-stake hash modifier, the entity that scrambles computation for stake owners, which replaces the current proof-of-stake difficulty used as modifier in 0.2 protocol. The design was started late September last year, when I first began to realize the issues with using difficulty as modifier. Honorary mention also goes to Jutarul, who independently discovered and verified an issue with using difficulty as modifier and published on bitcointalk in December last year, while successfully executed a demo attack on the block chain. Other changes in the protocol include starting hash weight from 0 at the 30-day mininum age, and requirement that coinstake timestamp must equal block timestamp. Overall 0.3 protocol should significantly strengthen the proof-of-stake protection and resolve the current known vulnerabilities. My sincere appreciation to co-contributors of 0.3.0 release: Robert VanHazinga of Hartland PC (dreamwatcher) for the vanitygen compatibility fix Jutarul for demonstrating stake generation vulnerability EskimoBob for reporting issue fixed in 0.3.0 And just to make it absolutely clear Blackcoin uses 0.3.0 POS protocol. Also the attack described would not work. Coins are not staked only on coinage, it is only one factor. So even if you made a lot of transactions so all your coins were separated by a small interval, there is no guarantee they will stake at each interval - in fact splitting them into small amounts to make these intervals will make them less likely to stake. You would have to have a very large amount of coins at each interval to even have a chance of producing 2 consecutive blocks. This attack is completely unrealistic. Thank you both, my fears have been quelled and I've learned some new stuff:) |
|
|
|
|
|
jamieb81
|
|
March 29, 2014, 07:08:35 PM |
|
Just to follow up with a couple more details and confirmations on this.
1. If you unlock the 'new' way, via the <settings> dropdown, you're wallet is up for grabs. No password is needed to send out your coins.
2. If you unlock it old-school, via console, you will unlock for staking. It is a 'mintonly' command, fortunately. Tahnk god someone was thinking.
3. If you do #2, then initiate a send but cancel out before entering password, your wallet 'lock' symbol will close, but your staking light remains 'green' and mouse-hover will indicate you are staking.
4. If you do #1, then go back to the console and enter the command 'walletlock', same result as #3. (as someone else rightly pointed out).
5. Only remaining question is, for #3 and #4, is the wallet in fact still staking as indicated? I am waiting to find out. So far apparently not. But we shall see.
Conclusion: if you just do #1 and walk away for the day, you might have a very nasty surprise waiting for you when you get home. Even if no one has physical access to your computer, it can occur through a variety of exploits that someone gains remote access to your system. Then, my friend, you are most certainly fucked. Finally, if you don't already, consider using a password mgr. Among other things it will allow you to enter your long-and-random-as-fuck password without entering keystrokes. And be sure to keep a backup of your password database!
Yes indeed, I'm using KeePass together with chromeipass to store all my passwords. |
|
|
|
|
jiangkand1
Newbie
Offline
Activity: 42
Merit: 0
|
|
March 29, 2014, 07:10:19 PM
Last edit: April 09, 2014, 11:17:33 AM by jiangkand1 |
|
I see our friend the market manipulator is buying and selling his own large orders again....
agreed Yes, As long as we can see the trend of prices, investment in the market is very easy to obtain benefits! |
|
|
|
|
|
Jabulon
|
|
March 29, 2014, 07:33:30 PM |
|
I like this coin,it's performance was perfect,I am really like it.
Blackcoin has been the rockstar of crypto, going up steadily against a down market. The youthful hero, child of the beleaguered King BTC. It paid its dues, working its way up through early days on cryptorush, then taking over Mintpal, and now with Cryptsy coming to beg for a piece of the action. Definitely the Badboy of the alts. |
|
|
|
machinez
Member
Offline
Activity: 61
Merit: 10
|
|
March 29, 2014, 07:37:57 PM |
|
to match $14 dollars, you will need a scrypt rig that can mine at around 4.7mhz. If you're looking to purchase one TODAY, then SHA256 seems to be a better option as you can get the ANTMINER S1 on ebay for $500-600 A scrypt rig will cost alot more than that Even with the difference in power usage? I did not calculate power usage. It was base purely on mining power. If you take power usage into consideration then you'll end up paying more for a scrypt gig, thus your profit will be lower. |
|
|
|
|
|
