Bitcoin Forum
November 11, 2024, 10:19:20 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 »  All
  Print  
Author Topic: mgw  (Read 3780 times)
antanst
Sr. Member
****
Offline Offline

Activity: 294
Merit: 260


View Profile
March 07, 2014, 09:03:40 PM
 #41

The google authenticator is the second authentication. All withdraw requests, actually all requests, verify that the NXTaddr matches the sender of the AM. So, only the one who controls the NXTaddr should be able to set/change the withdraw address.

Nervous about sharing secrets. Maybe there is no need to? All the gateway really needs is a second approval before releasing a withdrawal. maybe include withdrawal address and amount in the data that is gathered? then I can match it up with any withdraws in the queue

If you want to use Google Authenticator, the authenticator key must be known to the user, and therefore to the web server.

If, instead of using Google Authenticator, you ask the user to give you his DOGE withdrawal address, you won't be able to change it afterwards via AM. If you do allow changing it via AM, then this beats the purpose of asking it the first time.

mcjavar
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500


View Profile
March 07, 2014, 09:11:29 PM
 #42

Let´s put this here, too, becaue I think that it will get lost in the other thread.

https://bitcointalk.org/index.php?topic=345619.msg5574707#msg5574707

[NXTmixer announcement]
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 07, 2014, 09:57:03 PM
 #43

Let´s put this here, too, becaue I think that it will get lost in the other thread.

https://bitcointalk.org/index.php?topic=345619.msg5574707#msg5574707

[NXTmixer announcement]
[NXTmixer announcement]

Based on feedbacks and ideas in the NXTcash thread, I think i might have come up with a pretty good NXT mixing algo. I just got a successful encrypt/decrypt cycle in the multigateway. Obviously, still very new as I just started coding this today, but now that I have verified proper public/private key handling, the rest is a matter of debugging.

The initial model supports both a mixing service using the gateway and a totally decentralized direct "payment" path. However, since NXT doesnt support multisig (hint, hint, CfB) the mixing is totally centralized on one of the gateway servers. The decentralized part allows (nearly?) undetectable transmission of NXT acct password (or any other data) directly to the destination acct.

Even though I am adding this functionality to the gateway, it is totally independent of the multisig DOGE gateway and also NXTcash. It just shares a lot of the code base, so it was easiest to add to the existing multigateway code. I am using libnacl http://nacl.cr.yp.to/index.html that xyzzyx recommended.

Ah, you want to know how it works?

I added the following to the gateway_AM structure:
Code:
struct payment_bundle
{
    unsigned char escrow_pubkey[crypto_box_PUBLICKEYBYTES];
    unsigned char depositaddr[MAX_NXTADDR_LEN];
    unsigned char paymentacct_key[crypto_box_SECRETKEYBYTES];
    unsigned char txouts[8][MAX_NXTADDR_LEN];
    int64_t amounts[8],sessionid;
};

added to gateway_AM:
        struct
        {
            unsigned char publickey[crypto_box_PUBLICKEYBYTES];
            unsigned char nonce[crypto_box_NONCEBYTES];
            unsigned char paymentkey_by_prevrecv[crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES + crypto_box_ZEROBYTES];
            unsigned char payload_by_escrow[sizeof(struct payment_bundle) + crypto_box_ZEROBYTES];
        };

At the high level there are what I call sessions. Initially, when the activity is low, a session might be as long as a day, but as activity grows, the duration of a session will shrink. It is critical that your transaction isnt the only one in a session, otherwise no amount of anything will help anonymity. If there are 1000 transactions, then with a good system, the best anybody should be able to do is 0.1% accuracy, eg. random guessing.

Each session goes as follows:
A. NXTmixer pays out all the funds that cleared during the last session to the depositaddrs for each NXT addr that received anonymous payment during the session

B. NXTmixer publishes new sessionid and its public key for this session

C. ALL participating nodes publish a SEND_ANONYMOUS_PAYMENTS AM. Yes, I said ALL nodes.

D2. ALL nodes process all of the SEND_ANONYMOUS_PAYMENTS from C and they try to decrypt every paymentkey_by_prevrecv. If they are able to decrypt it (first half matches their previous public key) then they have access to the NXTacct that the password in the rest of the message contains.

D2. NXTmixer also scans all SEND_ANONYMOUS_PAYMENTS from C and processes all payment bundles that properly decrypt. paymentacct_key is for a (temporary) account that is funded with the amount necessary to make all the payments specified in the payment bundle. In order to make sure it wont be emptied and to MIX all the NXT together, the funds required to make all the payments are sent to a shared account. Since NXT is totally fungible, this step is actually VERY effective in removing payment source information.

The NXTmixer updates the credits for each NXTacct during session and when there is enough different payments or max time elapsed, the session ends and we go back to A, where the payments are made.

************
The NXTmixer cannot implement all parts of this by itself, the clients need to implement code that synchronizes all participating nodes. The reason for this is that if everybody is broadcasting, then there is no information leaked when you publish your public key and payment bundle. Since everything is on the same broadcast, anybody can receive the message, but nobody knows if they did or not. This allows a direct transmission of a funded NXT acct to somebody else. Let us assume you will trust them to not drain the account during the next two sessions. Since he is the one paying you, if he does, then whatever deal was in place is off.

userA funds acct A with 10000 NXT
userA encrypts password for acct A using public key of B and it goes into paymentkey_by_prevrecv

userB decrypts the AM and gets the password for acctA and locally verifies that it has 10000 NXT
Now, for the next session, userB sets the paymentacct_key to be the key for acctA and payments can be made from this acctA on behalf of userB, even though userB has NEVER used the password for acctA other than locally to encrypt it into the payment_bundle.

Similarly, you can specify your depositaddr to be an acct that you have never used, but know the password for. Then in later sessions, you can use depositaddr's password as the paymentacct_key. As long as you are receiving payments, you are able to make pretty anonymous payments as I am finding it hard to figure out how anybody can determine payment paths.

Can anybody find any serious flaws with this approach? Should I debug this and add it to the multigateway?

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
⇾ Re: mgw
March 07, 2014, 10:08:35 PM
 #44

The google authenticator is the second authentication. All withdraw requests, actually all requests, verify that the NXTaddr matches the sender of the AM. So, only the one who controls the NXTaddr should be able to set/change the withdraw address.

Nervous about sharing secrets. Maybe there is no need to? All the gateway really needs is a second approval before releasing a withdrawal. maybe include withdrawal address and amount in the data that is gathered? then I can match it up with any withdraws in the queue

If you want to use Google Authenticator, the authenticator key must be known to the user, and therefore to the web server.

If, instead of using Google Authenticator, you ask the user to give you his DOGE withdrawal address, you won't be able to change it afterwards via AM. If you do allow changing it via AM, then this beats the purpose of asking it the first time.
I understand that to use GA (Google Authenticator) the web server needs to know the key, otherwise it cant display QR code, which is critical.

I think you misunderstand my intent. I think AM should be the only way to change the withdrawal address. The GA will be an optional step people need to opt in for, so it has to be this way.

At some point the user sends NXT asset back to issuer, this triggers the withdrawal process. Presumably the client software will be updated to bring up the website (or at least URL). Now the user has to authenticate by putting in the GA TOTP, withdrawal address and amount. The last two are so the gateway can match up authentication with specific withdraw requests, in case there are more than one.

The website sends success in authentication with withdraw address and amount and the gateway will respond success if it finds a matching withdraw address, or at least something that is close to it.

Not sure what the problem is with this?

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
k_day
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
March 08, 2014, 07:30:23 AM
 #45

I'm still working way through the concepts in this thread, but I think I at least understand the basics as to how this works.

I gotta admit that my excitement was tempered a bit when I realized that centralized gateways were required. I get it though - it is unreasonable to require every client to have the all of the dameons running + blockchains downloaded.

I also agree with antast, in that having this in pure C gives me hives.

So what needs to be done here? Is anyone working on a transaction explorer? I could try to put together something that sniffs the AMs for transactions and displays them somewhere. I'm not really a web guy, so someone else could actually make it look nice. Or I could have a stab at porting some of the C to something more manageable.

I have a day job so my time is a bit limited, and I am sure there will be some time required before I can understand things well enough to be productive. So it may be good idea for me to start with something that isn't mission critical. But I am willing to put some time into it and help out where I can.
antanst
Sr. Member
****
Offline Offline

Activity: 294
Merit: 260


View Profile
March 08, 2014, 08:03:09 AM
 #46

At some point the user sends NXT asset back to issuer, this triggers the withdrawal process. Presumably the client software will be updated to bring up the website (or at least URL).

Which client software? You mean that the user's NRS client will notice that you're sending assets to the gateway account and it will open the URL of the gateway web site?

Quote
Now the user has to authenticate by putting in the GA TOTP, withdrawal address and amount. The last two are so the gateway can match up authentication with specific withdraw requests, in case there are more than one.

The website sends success in authentication with withdraw address and amount and the gateway will respond success if it finds a matching withdraw address, or at least something that is close to it.

Not sure what the problem is with this?

Sounds fine. It wasn't clear to me up to now. Actually, it would help if you offered a complete diagram of the flow and the input/outputs of each step, especially for newcomers to this thread. I use http://www.asciiflow.com for simple diagrams (makes a killer combination with http://ditaa.sourceforge.net/)

If you want anything with the site, I'll be happy to help.

oldnbold
Member
**
Offline Offline

Activity: 64
Merit: 10


View Profile
March 08, 2014, 09:32:24 AM
 #47

antanst, who is now the designated Evil Bob, has raised the issue of a gateway server being compromised.

I read about some security hardened servers somewhere, but I cant find the URL. It was setup so that the software running on it couldnt be changed, without some elaborate process. I am pretty sure amazon offered some such service. If anybody knows about this, please post......

James


Is this what you have in mind?

If not I'll do some more searching.

Quote
Deep Security as a Service delivers a complete set of security capabilities for Amazon Web Services including intrusion detection and prevention, firewall, anti-malware, web reputation and integrity monitoring. The service runs on AWS for rapid deployment and security can be elastically added to instances for instant protection from a centrally managed security console.

http://www.trendmicro.com/us/business/saas/deep-security-as-a-service/index.html

There's a 30 day free trial

I found the above site linked from the following

Quote
Over the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for protecting your applications and data.

While some of these recommended tips involve configuring and tuning AWS itself, some require the use of third-party tools....

http://cloud.trendmicro.com/5-questions-aws/

This isnt exactly what I saw, but it does look highly relevant. Can you dig up some objective reviews about this service, especially how it compares to other similar services? Once we find one, we can find all its competitors and then choose the best one for our needs

Thanks for the legwork, it saves me time hour for hour!

James

working on it - taking longer than I expected (terminology etc new to me!). Hopefully get back to you with some results later today or tomorrow latest.
antanst
Sr. Member
****
Offline Offline

Activity: 294
Merit: 260


View Profile
March 08, 2014, 12:21:08 PM
 #48

10000 NXT BOUNTY for google authenticator help

I am announcing a 10000 NXT bounty for someone to help me integrate google authenticator to the gateway. It will be paid when the gateway passes the community created test plan for multigateway.

Where's this plan?

jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 08, 2014, 01:10:56 PM
 #49

10000 NXT BOUNTY for google authenticator help

I am announcing a 10000 NXT bounty for someone to help me integrate google authenticator to the gateway. It will be paid when the gateway passes the community created test plan for multigateway.

Where's this plan?
Its in the from the future Smiley
at some point someone needs to make one

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 08, 2014, 01:16:08 PM
 #50

I'm still working way through the concepts in this thread, but I think I at least understand the basics as to how this works.

I gotta admit that my excitement was tempered a bit when I realized that centralized gateways were required. I get it though - it is unreasonable to require every client to have the all of the dameons running + blockchains downloaded.

I also agree with antast, in that having this in pure C gives me hives.

So what needs to be done here? Is anyone working on a transaction explorer? I could try to put together something that sniffs the AMs for transactions and displays them somewhere. I'm not really a web guy, so someone else could actually make it look nice. Or I could have a stab at porting some of the C to something more manageable.

I have a day job so my time is a bit limited, and I am sure there will be some time required before I can understand things well enough to be productive. So it may be good idea for me to start with something that isn't mission critical. But I am willing to put some time into it and help out where I can.
transaction explorer would be great, it could be integrated into the authentication website
I am very fluent in C, and I can write much faster and more accurately than if I used anything else. Once things stabilize, I definitely want it to be refactored.

https://github.com/jl777/multigateway is still in flux, but you can get a feel for things and get a head start on the refactoring

I view my code as proof of concept and specification. We will be dealing with people's money so it needs to be as robust as possible

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 08, 2014, 01:19:23 PM
 #51

At some point the user sends NXT asset back to issuer, this triggers the withdrawal process. Presumably the client software will be updated to bring up the website (or at least URL).

Which client software? You mean that the user's NRS client will notice that you're sending assets to the gateway account and it will open the URL of the gateway web site?

Quote
Now the user has to authenticate by putting in the GA TOTP, withdrawal address and amount. The last two are so the gateway can match up authentication with specific withdraw requests, in case there are more than one.

The website sends success in authentication with withdraw address and amount and the gateway will respond success if it finds a matching withdraw address, or at least something that is close to it.

Not sure what the problem is with this?

Sounds fine. It wasn't clear to me up to now. Actually, it would help if you offered a complete diagram of the flow and the input/outputs of each step, especially for newcomers to this thread. I use http://www.asciiflow.com for simple diagrams (makes a killer combination with http://ditaa.sourceforge.net/)

If you want anything with the site, I'll be happy to help.
I fully expect that all the major GUI's will add a gateway section to deal with gateway specific stuff. During development, we can just tell the testers they need to go to authentication webpage. Before mainstream release, maybe the client software interfaces directly with authentication website? Not sure, still working on low level.

As far as flowcharting, I hope there is enough info here for others to document. I would rather spend time coming up with stuff like NXTmixer than pretty flow charts

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 08, 2014, 01:20:41 PM
 #52

working on it - taking longer than I expected (terminology etc new to me!). Hopefully get back to you with some results later today or tomorrow latest.
Dont rush this. In some sense this is the most important part of the gateway. There is plenty of time, we are still not even feature complete

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
k_day
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
March 09, 2014, 11:28:08 PM
 #53

I am going to give a basic transaction explorer a go.  jl777 can you elaborate a bit more as to what you want here?

Do you want a service that just lists every AE transaction, or do you want something takes an account number and lists all AE transactions for that user? I was reading through the API a bit today, and it looks fairly straightforward, so hopefully I can make some progress on it this week. I will probably start out by just making this a main prog, and then worry about making it a web service after.

jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 10, 2014, 03:21:39 AM
 #54

I am going to give a basic transaction explorer a go.  jl777 can you elaborate a bit more as to what you want here?

Do you want a service that just lists every AE transaction, or do you want something takes an account number and lists all AE transactions for that user? I was reading through the API a bit today, and it looks fairly straightforward, so hopefully I can make some progress on it this week. I will probably start out by just making this a main prog, and then worry about making it a web service after.


While it would be nice to have all the AE transactions, that is pretty much built into the NXT API.
What is needed is something that shows all the gateway AM transactions. These are gateway specific interpretation of AM data. the reference client shows how to monitor the blockchain for these. there are some additional funcid's for server responses and checkpoints.

The first step is to just log all the deposit address and withdraw address AM's
and the gateway AM's

// client gateway funcids
#define GET_COINDEPOSIT_ADDRESS 'g'
#define SET_COINWITHDRAW_ADDRESS 'w'

// gateway internal funcids
#define BIND_DEPOSIT_ADDRESS 'b'
#define PENDING_SWEEP 's'
#define WITHDRAW_REQUEST '<'
#define MONEY_SENT 'm'

// NXTmixer functions
#define SEND_ANONYMOUS_PAYMENTS 'A'   
#define START_NEW_SESSION 'N'

// NXTcoins
#define CREATE_NXTCOINS 'C' // NXTcoins

https://github.com/jl777/multigateway/blob/master/jl777.h defines the AM structure

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
antanst
Sr. Member
****
Offline Offline

Activity: 294
Merit: 260


View Profile
March 10, 2014, 01:13:45 PM
 #55

I am going to give a basic transaction explorer a go.  jl777 can you elaborate a bit more as to what you want here?

I'm building a block explorer already, which I'm going to release in about a week or so. It will show messages, aliases and assets and the user will be able to search on everything as well.

I'm not saying this to discourage you from building your own, I just thought you should know. In any case, the more choices the better.

k_day
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
March 10, 2014, 05:04:12 PM
 #56

I am going to give a basic transaction explorer a go.  jl777 can you elaborate a bit more as to what you want here?

I'm building a block explorer already, which I'm going to release in about a week or so. It will show messages, aliases and assets and the user will be able to search on everything as well.

I'm not saying this to discourage you from building your own, I just thought you should know. In any case, the more choices the better.

Thanks for the heads up. Will this also display gateway AM transactions? It sounds like that is the main piece that jl777 wants. No use in me duplicating efforts here. I will keep my eyes peeled for other pieces to work on.
antanst
Sr. Member
****
Offline Offline

Activity: 294
Merit: 260


View Profile
March 10, 2014, 06:08:28 PM
 #57

Thanks for the heads up. Will this also display gateway AM transactions? It sounds like that is the main piece that jl777 wants. No use in me duplicating efforts here. I will keep my eyes peeled for other pieces to work on.

It will display all AM transactions. You can search inside the transaction message, so yes, you'll be able to filter them to see only gateway transactions.

jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 11, 2014, 05:02:49 PM
 #58

Can someone really pound on nodeminer? I was expecting some bugs, a server crash, something.
Maybe I offer some bounty for bugs, but it is so young, it shouldnt be hard to find bugs.
Free nodecoins if you can hack the "mining" algo

James

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
mcjavar
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500


View Profile
March 11, 2014, 11:47:54 PM
 #59

Can someone really pound on nodeminer? I was expecting some bugs, a server crash, something.
Maybe I offer some bounty for bugs, but it is so young, it shouldnt be hard to find bugs.
Free nodecoins if you can hack the "mining" algo

James
How to set it up?
jl777 (OP)
Legendary
*
Offline Offline

Activity: 1176
Merit: 1134


View Profile WWW
March 12, 2014, 02:11:50 AM
 #60

Can someone really pound on nodeminer? I was expecting some bugs, a server crash, something.
Maybe I offer some bounty for bugs, but it is so young, it shouldnt be hard to find bugs.
Free nodecoins if you can hack the "mining" algo

James
How to set it up?
It is for testnet the following is how to get it compiled and running from command line

git clone https://github.com/jl777/multigateway
cd multigateway
chmod +x run.sh
./run.sh
./nodeminer <NXTacct> <passphrase>

http://www.digitalcatallaxy.com/report2015.html
100+ page annual report for SuperNET
Pages: « 1 2 [3] 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!