|
Blazin8888
|
 |
July 13, 2016, 05:51:12 AM |
|
the official release of the GUI wallet
Looking forward to this. XMR + STEEM could very well be the best investments of 2016. |
|
|
|
|
|
Ratatosk
|
|
July 13, 2016, 12:22:38 PM |
|
Hi
Are the XMR openalias website and service xmr.link definitively dead ?
|
|
|
|
|
aminorex
Legendary
 Offline
Activity: 1596
Merit: 1030
Sine secretum non libertas
|
|
July 13, 2016, 12:23:30 PM |
|
Looking forward to this. XMR + STEEM could very well be the best investments of 2016.
To me, an important difference (among many important differences) is that XMR could very well be the best investment of the third millennium. STEEM, not so much. |
Give a man a fish and he eats for a day. Give a man a Poisson distribution and he eats at random times independent of one another, at a constant known rate.
|
|
|
luigi1111
Legendary
Offline
Activity: 1105
Merit: 1000
|
|
July 13, 2016, 02:13:12 PM |
|
.... then again, the reason minergate has so much hash is because they have a browser miner.... which, you know, is just weird.
...no. The performance of the web miner is something like 1-2 hash/sec. |
|
|
|
|
mmortal03
Legendary
Offline
Activity: 1762
Merit: 1011
|
|
July 13, 2016, 03:00:37 PM |
|
A wallet file of mine that was handled by the latest compile of simplewallet from the master seems to have become unopenable by simplewallet 0.9.4 (become not backwards compatible). I'm pretty sure all I did was refresh it, test sweep_all, and then save it, and now 0.9.4 gives the following error after typing the password: "Error: failed to load wallet: std::bad_alloc". The latest version of simplewallet that I compiled can still open it. I'm on Windows 10 64-bit. Anyway, not that big of a deal to me; just thought I'd mention it.
|
|
|
|
|
|
qgmurugan007
|
|
July 13, 2016, 06:09:50 PM |
|
Looking forward to this. XMR + STEEM could very well be the best investments of 2016.
To me, an important difference (among many important differences) is that XMR could very well be the best investment of the third millennium. STEEM, not so much. For me its BTS + STEEM are going to be the best ones. XMR, need to hear some good news. |
|
|
|
|
bitebits
Legendary
Offline
Activity: 2257
Merit: 3622
Flippin' burgers since 1163.
|
|
July 13, 2016, 08:02:49 PM |
|
XMR, need to hear some good news.
Monero is the good news kid. Learn about it. |
- You can figure out what will happen, not when /Warren Buffett - Pay any Bitcoin address privately with a little help of Monero. |
|
|
|
qgmurugan007
|
|
July 13, 2016, 08:15:50 PM |
|
XMR, need to hear some good news.
Monero is the good news kid. Learn about it.Thanks for the enlightment, old man.  |
|
|
|
|
MoneroMooo
Legendary
Offline
Activity: 1276
Merit: 1001
|
|
July 13, 2016, 08:41:52 PM |
|
A wallet file of mine that was handled by the latest compile of simplewallet from the master seems to have become unopenable by simplewallet 0.9.4 (become not backwards compatible). I'm pretty sure all I did was refresh it, test sweep_all, and then save it, and now 0.9.4 gives the following error after typing the password: "Error: failed to load wallet: std::bad_alloc". The latest version of simplewallet that I compiled can still open it. I'm on Windows 10 64-bit. Anyway, not that big of a deal to me; just thought I'd mention it.
Do you remember the commit hash you had last saved this wallet cache with ? If so, which ? |
|
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 13, 2016, 09:11:05 PM |
|
hopefully monerohash.com's recent upgrade to allow mining directly to an exchange, although not ideal, will move some of the hashrate from the others
I'd like that to happen  the reason minergate has so much hash is because they have a browser miner.... which, you know, is just weird.
Mining in the browser is actually extremely slow. Most probably the reason they have so much hash is because their GUI miner has a "Smart Mining" feature (enabled by default) that mines the most profitable coin, which right now happens to be Monero. And that's probably why Minergate's XMR hash has gone up a lot from what they used to have. That and the GUI miner (and built-in wallet on the site) is very user friendly. Ya know, people like dem GUIs. |
|
|
|
|
mmortal03
Legendary
Offline
Activity: 1762
Merit: 1011
|
|
July 13, 2016, 09:22:29 PM |
|
A wallet file of mine that was handled by the latest compile of simplewallet from the master seems to have become unopenable by simplewallet 0.9.4 (become not backwards compatible). I'm pretty sure all I did was refresh it, test sweep_all, and then save it, and now 0.9.4 gives the following error after typing the password: "Error: failed to load wallet: std::bad_alloc". The latest version of simplewallet that I compiled can still open it. I'm on Windows 10 64-bit. Anyway, not that big of a deal to me; just thought I'd mention it.
Do you remember the commit hash you had last saved this wallet cache with ? If so, which ? I downloaded the source as a zip file on 2016-07-10, so it would've been after fluffypony's most recent commit from five days ago. Looking at the following, I don't see any commits since then: https://github.com/monero-project/bitmonero/commits/masterDoes that answer your question? I can also see if I can reproduce the issue on further wallets if you'd like. |
|
|
|
|
MoneroMooo
Legendary
Offline
Activity: 1276
Merit: 1001
|
|
July 14, 2016, 07:29:33 AM |
|
Do you remember the commit hash you had last saved this wallet cache with ? If so, which ?
I downloaded the source as a zip file on 2016-07-10, so it would've been after fluffypony's most recent commit from five days ago. Looking at the following, I don't see any commits since then: https://github.com/monero-project/bitmonero/commits/masterDoes that answer your question? I can also see if I can reproduce the issue on further wallets if you'd like. I'd misread. This is normal that a newer wallet cache can't be read by older simplewallet. There's new stuff added in that the old code can't understand. It'd be theoretically possible to keep forward compatibility though. What I'm really interested in is whether newer code can't open an older wallet. That would need fixing. |
|
|
|
|
Hueristic
Legendary
Offline
Activity: 3990
Merit: 5429
Doomed to see the future and unable to prevent it
|
|
July 14, 2016, 04:11:34 PM |
|
And I thought that this was replacing remote communication as well. Which is a VERY BIG DEAL. But after listening to the Podcast you linked I see that it is intended for interprocess communication currently but Fluffy did say it can be extended for wiring protocol replacement.
In terms of "dev notes", a lot of this stuff goes down on IRC in #monero-dev and sometimes even #monero. The bi-weekly dev meetings are the culmination of these discussions that span thousands of lines of text over many days. Could you post those logs on pastebin? 0MQ is a trivial decision to make, because it's a backend change as you've observed. Our only option is either a messaging system (of which 0MQ is unequivocally the most battle-tested, with the largest number of implementations) or replacing the current HTTP server with something far more performant. Obviously, short of forking nginx, the latter is not really an option. I don't quite understand why there needs to be any wrapper at all for local communication, why not use direct input and add the daemon functionality to say the gui? Is there any reason these need to be separate for end users? I just see this as a injection point where one doesn't need to be. To speak to your other concern: we are definitely looking at replacing the wire protocol. Since we'll have 0MQ in already, and since we want to enable developers to build consensus-compatible implementations in whatever language they'd like, the logical choice is ZMTP ( http://zmtp.org). This is, again, something that is battle-hardened and has implementations in tons of languages. Our other option is picking one of the Tor pluggable transports, something like obfs4, but that's somewhat less desirable for cross-implementation purposes. I do remember this discussion being touched on in this thread I think but I don't remember a decision being announced. Making the product more accessible to a larger is base is laudable as I said I just want to make sure it is not at the cost of security. Especially with the vultures hovering looking for any attack vector they can find. The current home-grown Boost::ASIO wire protocol is significantly more risky than switching to something that is standard. It's entirely possible that there's some weirdness under the hood that we haven't uncovered yet, so swapping it out for something that is well-known and widely used in FOSS projects is extremely desirable. Complexity is the enemy of good security, and in this case custom protocols way worse than well-known standards.
Perhaps more importantly, though, the wire protocol is hardly an attack surface. The major risk it represents is an MITM attack revealing what transactions you were the first to broadcast (mitigated by end-to-end encryption in ZMTP), and fingerprinting attacks being able to correlate your clearnet IP with your i2p address (mitigated by introducing some execution randomness to the i2p connectivity, and completely separating the information shared with nodes on both interfaces). Beyond that, a compromised or poisoned wire protocol won't be able to "do" anything particularly bad. The daemon has no idea what your private keys are. It has some information about your transactions you send out, and the ones you're interested in, but if it were revealing that it would be spotted very quickly.
This is actually my top concern, I want to see how this has been vetted. Call me paranoid but changing a core protocol with off hand remarks is worrisome and I just want to verify that we are not just taking anyone's word on the fact that the crypto in 0MQ is sound and safe when it comes to a currency that cannot be checked for manipulation. http://arstechnica.com/security/2014/01/how-the-nsa-may-have-put-a-backdoor-in-rsas-cryptography-a-technical-primer/BTW we are very close to losing beta status correct? How long will this be tested within the beta phase? I don't know anything about this so I wanted to see a peer review or a word from our scientists that they have verified this is bulletproof. Looking into ZeroMq I see it uses Curve25519 correct? http://zeromq.org/topics:encryptionZeroMQ 4.x has extensible encryption, and comes with CurveZMQ as a built-in security mechanism. Pieter Hintjens has some articles that explain how this works. The only extra dependency is libsodium, which provides the Curve25519 security functions. https://www.reddit.com/r/programming/comments/1ms5fu/new_zeromq_4_does_strong_encryption_and_perfect/https://en.wikipedia.org/wiki/Curve25519
I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry
— Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)
*********************************************************************************************************** Will Monero pitch to Anchor into Factom blockchain after they do Ethereum?
Ethereum is for smart contracts Factom is for data and Dash or Monero is for privacy.
Actually I don't know who's better between Dash or Monero and I know there is heated debate about this so not opening that pandoras box because I don't have a horse in the race. Anyway both are experimental technologies in field worthy of pursuit.
Well just looking at XMR's rich list should tell you something. http://moneroblocks.info/richlistIt could be worse, but there's a hint of smugness to the writing on that page. As there should be, this project is headed by some of the smartest and capable people I've ever seen, they are so advanced they take for granted that we as a community know the things I ask in this thread. I feel like the kid in class that asked the question because others are lost and afraid to. Not to say I don't get lost, my brain is on life support these days. Lol This project gets the hardest scrutiny and has never to my knowledge lied, misled or deceived the community, how many other ones can you say that about? Still waiting on a reply here. 2 WEEK BUMP. Still waiting. Here's a good one. https://www.youtube.com/watch?v=Ik4DpbVQxlA |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
luigi1111
Legendary
Offline
Activity: 1105
Merit: 1000
|
|
July 14, 2016, 08:35:35 PM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. |
|
|
|
|
Hueristic
Legendary
Offline
Activity: 3990
Merit: 5429
Doomed to see the future and unable to prevent it
|
|
July 14, 2016, 08:55:13 PM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. FTFY. So I get ignored until then? I'd rather have answers then listen to an hour long answer/question podcast that may or may not answer my questions. Did the community somehow stop being a part of the development and I didn't notice along the way? Are the Devs just calling the shots now without input or recourse? Sorry but "The Cult of Fluffy" is getting a little out of hand here. I think 2 weeks is long enough to wait for an answer. Any DEV can answer this unless he's the only one. And if he is the only one then there is something rotten in Denmark. |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
dEBRUYNE
Legendary
Offline
Activity: 2268
Merit: 1141
|
|
July 14, 2016, 09:27:10 PM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. FTFY. So I get ignored until then? I'd rather have answers then listen to an hour long answer/question podcast that may or may not answer my questions. Did the community somehow stop being a part of the development and I didn't notice along the way? Are the Devs just calling the shots now without input or recourse? Sorry but "The Cult of Fluffy" is getting a little out of hand here. I think 2 weeks is long enough to wait for an answer. Any DEV can answer this unless he's the only one. And if he is the only one then there is something rotten in Denmark. Why don't you hop on IRC and ask in #monero-dev? I am sure someone will provide you with an answer rather quickly. |
|
|
|
dEBRUYNE
Legendary
Offline
Activity: 2268
Merit: 1141
|
|
July 14, 2016, 09:27:35 PM |
|
|
|
|
|
Hueristic
Legendary
Offline
Activity: 3990
Merit: 5429
Doomed to see the future and unable to prevent it
|
|
July 14, 2016, 11:23:15 PM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. FTFY. So I get ignored until then? I'd rather have answers then listen to an hour long answer/question podcast that may or may not answer my questions. Did the community somehow stop being a part of the development and I didn't notice along the way? Are the Devs just calling the shots now without input or recourse? Sorry but "The Cult of Fluffy" is getting a little out of hand here. I think 2 weeks is long enough to wait for an answer. Any DEV can answer this unless he's the only one. And if he is the only one then there is something rotten in Denmark. Why don't you hop on IRC and ask in #monero-dev? I am sure someone will provide you with an answer rather quickly. I like having the info here so I don't have to keep logs. Not to mention IRC doesn't show up on google searches. Many times with my shitty memory I have googled stuff and found answer from my own past posts! That is weird. |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
GingerAle
Legendary
Offline
Activity: 1260
Merit: 1008
|
|
July 14, 2016, 11:56:30 PM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. FTFY. So I get ignored until then? I'd rather have answers then listen to an hour long answer/question podcast that may or may not answer my questions. Did the community somehow stop being a part of the development and I didn't notice along the way? Are the Devs just calling the shots now without input or recourse? Sorry but "The Cult of Fluffy" is getting a little out of hand here. I think 2 weeks is long enough to wait for an answer. Any DEV can answer this unless he's the only one. And if he is the only one then there is something rotten in Denmark. Why don't you hop on IRC and ask in #monero-dev? I am sure someone will provide you with an answer rather quickly. I like having the info here so I don't have to keep logs. Not to mention IRC doesn't show up on google searches. Many times with my shitty memory I have googled stuff and found answer from my own past posts! That is weird. Honestly I forget what the question was. If you concatenate it to about 2-3 sentences I'll post it on IRC and relay the response back. I'm a relay bot. Beep boop. |
|
|
|
Hueristic
Legendary
Offline
Activity: 3990
Merit: 5429
Doomed to see the future and unable to prevent it
|
|
July 15, 2016, 12:02:49 AM |
|
fluffypony is going to be speaking about this in the upcoming missive, which should be out in the next week or so. FTFY. So I get ignored until then? I'd rather have answers then listen to an hour long answer/question podcast that may or may not answer my questions. Did the community somehow stop being a part of the development and I didn't notice along the way? Are the Devs just calling the shots now without input or recourse? Sorry but "The Cult of Fluffy" is getting a little out of hand here. I think 2 weeks is long enough to wait for an answer. Any DEV can answer this unless he's the only one. And if he is the only one then there is something rotten in Denmark. Why don't you hop on IRC and ask in #monero-dev? I am sure someone will provide you with an answer rather quickly. I like having the info here so I don't have to keep logs. Not to mention IRC doesn't show up on google searches. Many times with my shitty memory I have googled stuff and found answer from my own past posts! That is weird. Honestly I forget what the question was. If you concatenate it to about 2-3 sentences I'll post it on IRC and relay the response back. I'm a relay bot. Beep boop. This is what I really want answered. The current home-grown Boost::ASIO wire protocol is significantly more risky than switching to something that is standard. It's entirely possible that there's some weirdness under the hood that we haven't uncovered yet, so swapping it out for something that is well-known and widely used in FOSS projects is extremely desirable. Complexity is the enemy of good security, and in this case custom protocols way worse than well-known standards.
Perhaps more importantly, though, the wire protocol is hardly an attack surface. The major risk it represents is an MITM attack revealing what transactions you were the first to broadcast (mitigated by end-to-end encryption in ZMTP), and fingerprinting attacks being able to correlate your clearnet IP with your i2p address (mitigated by introducing some execution randomness to the i2p connectivity, and completely separating the information shared with nodes on both interfaces). Beyond that, a compromised or poisoned wire protocol won't be able to "do" anything particularly bad. The daemon has no idea what your private keys are. It has some information about your transactions you send out, and the ones you're interested in, but if it were revealing that it would be spotted very quickly.
This is actually my top concern, I want to see how this has been vetted. Call me paranoid but changing a core protocol with off hand remarks is worrisome and I just want to verify that we are not just taking anyone's word on the fact that the crypto in 0MQ is sound and safe when it comes to a currency that cannot be checked for manipulation. http://arstechnica.com/security/2014/01/how-the-nsa-may-have-put-a-backdoor-in-rsas-cryptography-a-technical-primer/BTW we are very close to losing beta status correct? How long will this be tested within the beta phase? I don't know anything about this so I wanted to see a peer review or a word from our scientists that they have verified this is bulletproof. Looking into ZeroMq I see it uses Curve25519 correct? http://zeromq.org/topics:encryptionZeroMQ 4.x has extensible encryption, and comes with CurveZMQ as a built-in security mechanism. Pieter Hintjens has some articles that explain how this works. The only extra dependency is libsodium, which provides the Curve25519 security functions. https://www.reddit.com/r/programming/comments/1ms5fu/new_zeromq_4_does_strong_encryption_and_perfect/https://en.wikipedia.org/wiki/Curve25519
I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry
— Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)
|
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
|
