Bitcoin Forum
August 19, 2019, 05:54:16 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 ... 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 [734] 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 ... 2051 »
  Print  
Author Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency  (Read 4574607 times)
dEBRUYNE
Legendary
*
Offline Offline

Activity: 1848
Merit: 1116


View Profile
September 24, 2014, 10:21:13 PM
 #14661

Thanks for clarifying!

Privacy matters, use Monero - A true untraceable cryptocurrency
Why Monero matters? http://weuse.cash/2016/03/05/bitcoiners-hedge-your-position/
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566237256
Hero Member
*
Offline Offline

Posts: 1566237256

View Profile Personal Message (Offline)

Ignore
1566237256
Reply with quote  #2

1566237256
Report to moderator
1566237256
Hero Member
*
Offline Offline

Posts: 1566237256

View Profile Personal Message (Offline)

Ignore
1566237256
Reply with quote  #2

1566237256
Report to moderator
xulescu
Sr. Member
****
Offline Offline

Activity: 263
Merit: 250


View Profile
September 24, 2014, 11:12:08 PM
 #14662

Plus open checkpoints evaluated at runtime allow us to disappear off the face of the earth and a new group could still deliver checkpoints (ie. a reduction in centralisation).

The only plausible way for someone else to take over if we disappear off the face of the earth would be to also take over maintaining the software, which means they could change any public key used to verify a signature, if it were done that way.

The idea that the existing software can continue to run indefinitely and decentralized without being updated is totally implausible.

Point. So then the checkpoints.json thing is a convenience tool more than anything else.

In any case I agree with your point that it doesn't need to be signed, especially if blockchain.bin is not signed.
My understanding is that the daemon doesn't verify the correctness of the blockchain when it's loading it from disk, and for performance reasons the intention is to keep it this way. In this case, shouldn't the daemon sign all the bin files (i.e. pool, p2p, chain)? Shouldn't it verify the blockchain if there is a problem with the signature?

I argue that automatic checkpoints should be treated the same way, not in case you guys disappear, but so that you don't have to do it manually in the future Smiley
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1260
Merit: 1053


GetMonero.org / MyMonero.com


View Profile WWW
September 24, 2014, 11:16:24 PM
 #14663

My understanding is that the daemon doesn't verify the correctness of the blockchain when it's loading it from disk, and for performance reasons the intention is to keep it this way. In this case, shouldn't the daemon sign all the bin files (i.e. pool, p2p, chain)? Shouldn't it verify the blockchain if there is a problem with the signature?

I argue that automatic checkpoints should be treated the same way, not in case you guys disappear, but so that you don't have to do it manually in the future Smiley

It verifies checkpoints when loading off disk. It's a bad idea to treat the blockchain as a "file" (same with p2pstate and poolstate), as we have and will abstract these away from their physical files.

Checkpoints are a temporary measure that we're going to get away from eventually, so we're just doing the best we can with something we'll be stuck with for the next few years:)

xulescu
Sr. Member
****
Offline Offline

Activity: 263
Merit: 250


View Profile
September 24, 2014, 11:21:47 PM
 #14664

It verifies checkpoints when loading off disk. It's a bad idea to treat the blockchain as a "file" (same with p2pstate and poolstate), as we have and will abstract these away from their physical files.

Checkpoints are a temporary measure that we're going to get away from eventually, so we're just doing the best we can with something we'll be stuck with for the next few years:)

Well duh, my bad. If it verifies checkpoints then only the checkpoints need to be signed Smiley
Furthermore, even after abstracting, there is still going to be a file on the disk, even if that is a compact DB.
Finally, 'next few years' seems like a lot of checkpoints to me to be doing them manually.

But I understand there are other complexities involved with key management, so there definitely is a trade-off here.
myagui
Legendary
*
Offline Offline

Activity: 1154
Merit: 1000



View Profile
September 24, 2014, 11:47:27 PM
Last edit: September 25, 2014, 12:01:45 AM by myagui
 #14665

New purse of transgenic XMR to poloniex.com a day not to account, which is why ah Huh Huh

Poloniex suspended XMR deposit/withdraw as a precautionary measure.
You just need to wait a bit longer, or submit a support ticket.

smooth
Legendary
*
Offline Offline

Activity: 2212
Merit: 1131



View Profile
September 25, 2014, 12:13:29 AM
 #14666

In this case, shouldn't the daemon sign all the bin files (i.e. pool, p2p, chain)? Shouldn't it verify the blockchain if there is a problem with the signature?

Maybe, but only if your security model is that the file is in a different trust domain than the daemon itself. For example, that would make it possible to store the blockchain.bin file on a cloud drive without being vulnerable to tampering there. That's possible but not really in line with how anyone is using it to my knowledge.
smooth
Legendary
*
Offline Offline

Activity: 2212
Merit: 1131



View Profile
September 25, 2014, 12:14:51 AM
 #14667

Finally, 'next few years' seems like a lot of checkpoints to me to be doing them manually.

The need for checkpoints likely will remain for quite some time (bitcoin has them as mentioned earlier) but their frequency will depend on the nature of the environment in which they operate, which will certainly evolve.

Hatch
Full Member
***
Offline Offline

Activity: 198
Merit: 100


View Profile
September 25, 2014, 12:47:00 AM
 #14668

Correct on checkpointing as regular (but temporary mitigation). I would kindly request that the dev team release binaries as well, to ensure that the checkpoints are further distributed. Presumably, exchanges & pools will take the checkpoints from source at regular intervals, but compiling is not accessible to the average user.

From what I understand, the dev team is working on additional preventive measures, aiming for a more permanent solution to this type of attack. This experience should also highlight the importance of a healthy (read: strong/fast) Monero mining network. An open source AMD miner is perhaps one important measure in this regard.

Reminder: There's still an open bounty to this effect, and Wolf0 has generously posted some partial code towards this goal, so someone taking up the task, will not need to start from scratch.
https://bitcointalk.org/index.php?topic=656841.0

Edit: Credits due to the community members who came up with these creative responses. Thank you!

I think sponsoring a good optimized CPU and GPU Miner would be a great initiative. It would promote mining and if you built in a 1 or 2% developer fee you would still be preferable to other 5% miners and generate operating capital to boot!
smooth
Legendary
*
Offline Offline

Activity: 2212
Merit: 1131



View Profile
September 25, 2014, 01:04:28 AM
 #14669

Important update (source code only)

We have a new update with additional precautionary checkpoints added to protect more of the existing blockchain. In addition this update adds the ability to read checkpoints from an external file. We will be distributing updated checkpoint files that will continue to protect the blockchain without the need for a full update of the daemon.

Although there has been no actual attack we consider the threat credible and are acting accordingly. We urge you to do the same.

We are however, continuing development and this update also contains some new features that will be included in the next official numbered build. As such, dependencies have changed. For example Linux dependencies:

Quote
GCC 4.7.3 or later, CMake 2.8.6 or later, Unbound 1.4.16 or later, and Boost 1.53 or later (except 1.54, more details here).

https://github.com/monero-project/bitmonero

Plain 'git pull' wont work. Unless you are doing your own modifications to the code it is probably easiest to make a new clone. If you are doing your own modifications you should know how to use git.

If you are operating a pool or other important service, or if you are solo mining, and you compile your own node, please pull master from github and upgrade ASAP. If you are not a git expert it is probably better to just create a new clone. Likewise if you have AWS images, please rebuild them with the new version.

Our recommendation for exchange is to remain frozen for external transactions. If you are still running a node, please update.

The only evidence of anomalous activity is what was reported by fluffypony. Nevertheless malicious activity may occur that is not visible until the moment of the attack.

The update is an important precaution.

Updated binaries will follow shortly.

Further measures will be taken as necessary.
surfer43
Sr. Member
****
Offline Offline

Activity: 518
Merit: 250


"Trading Platform of The Future!"


View Profile
September 25, 2014, 01:32:48 AM
 #14670

...
we consider the threat credible and are acting accordingly.
...
Our recommendation for exchange is to remain frozen for external transactions.
...

phantom attack: success

nsimmons
Sr. Member
****
Offline Offline

Activity: 308
Merit: 250


View Profile
September 25, 2014, 02:03:57 AM
 #14671

...
we consider the threat credible and are acting accordingly.
...
Our recommendation for exchange is to remain frozen for external transactions.
...

Dear Monero

Can I have have access to my fucking money yet??


NewLiberty
Legendary
*
Offline Offline

Activity: 1204
Merit: 1001


Gresham's Lawyer


View Profile WWW
September 25, 2014, 02:08:47 AM
 #14672

...
we consider the threat credible and are acting accordingly.
...
Our recommendation for exchange is to remain frozen for external transactions.
...

phantom attack: success

Weird, I would have picked some other words to indicate success.
Such as:
"We will be distributing updated checkpoint files that will continue to protect the blockchain without the need for a full update of the daemon."

This has been done exactly never before on other coins.
It shows the innovation on demand this team can produce, with rapid on-point responsiveness to a real-time threat with no warning, whether it be real or not.

They could be writing anything, anywhere, and yet have chosen to work on this project.
I am humbled by their generosity to advancing the state of the art as we know it in this arena.

Thank you gentlemen, thank you kindly, you are a credit to your profession.

FREE MONEY1 Bitcoin for Silver and Gold NewLibertyDollar.com and now BITCOIN SPECIE (silver 1 ozt) shows value by QR
Bulk premiums as low as .0012 BTC "BETTER, MORE COLLECTIBLE, AND CHEAPER THAN SILVER EAGLES" 1Free of Government
smooth
Legendary
*
Offline Offline

Activity: 2212
Merit: 1131



View Profile
September 25, 2014, 02:17:35 AM
 #14673

...
we consider the threat credible and are acting accordingly.
...
Our recommendation for exchange is to remain frozen for external transactions.
...

phantom attack: success

I agree.

As with the previous attacks this will make us stronger.
smooth
Legendary
*
Offline Offline

Activity: 2212
Merit: 1131



View Profile
September 25, 2014, 02:18:30 AM
 #14674

Can I have have access to my fucking money yet??

It would do you fuck all good to have it stolen or destroyed.

mmortal03
Legendary
*
Offline Offline

Activity: 1750
Merit: 1005


View Profile
September 25, 2014, 03:04:19 AM
 #14675

...
we consider the threat credible and are acting accordingly.
...
Our recommendation for exchange is to remain frozen for external transactions.
...

phantom attack: success

Weird, I would have picked some other words to indicate success.
Such as:
"We will be distributing updated checkpoint files that will continue to protect the blockchain without the need for a full update of the daemon."

This has been done exactly never before on other coins.
It shows the innovation on demand this team can produce, with rapid on-point responsiveness to a real-time threat with no warning, whether it be real or not.

They could be writing anything, anywhere, and yet have chosen to work on this project.
I am humbled by their generosity to advancing the state of the art as we know it in this arena.

Thank you gentlemen, thank you kindly, you are a credit to your profession.

For people interested in a general discussion on checkpoints (as it applied to Bitcoin), see here: https://bitcointalk.org/index.php?topic=194078.0
aerbax
Full Member
***
Offline Offline

Activity: 201
Merit: 100


View Profile WWW
September 25, 2014, 03:49:49 AM
 #14676

Out of curiosity, what's been added that requires unbound?  I'm familiar with it being a DNS resolving library, but what's in store?


Edit:
Also, of note, installing just the unbound dev libraries was not enough, "ldns" is also a requirement.

On Debian, this should satisfy the new dependencies: apt-get install libunbound-dev libunbound2 libldns-dev


pa
Hero Member
*****
Offline Offline

Activity: 528
Merit: 501


View Profile
September 25, 2014, 04:25:11 AM
 #14677

Out of curiosity, what's been added that requires unbound?  I'm familiar with it being a DNS resolving library, but what's in store?


Edit:
Also, of note, installing just the unbound dev libraries was not enough, "ldns" is also a requirement.

On Debian, this should satisfy the new dependencies: apt-get install libunbound-dev libunbound2 libldns-dev



In OS X, this worked:

brew install unbound
brew install --HEAD bitmonero
NewLiberty
Legendary
*
Offline Offline

Activity: 1204
Merit: 1001


Gresham's Lawyer


View Profile WWW
September 25, 2014, 04:30:23 AM
 #14678

Can I have have access to my fucking money yet??
Yes, if its on poloniex.
They're updated and open for withdrawals and deposits of all coins.
I've not checked all the others yet, but suspect they are also open or will be soon.

FREE MONEY1 Bitcoin for Silver and Gold NewLibertyDollar.com and now BITCOIN SPECIE (silver 1 ozt) shows value by QR
Bulk premiums as low as .0012 BTC "BETTER, MORE COLLECTIBLE, AND CHEAPER THAN SILVER EAGLES" 1Free of Government
aerbax
Full Member
***
Offline Offline

Activity: 201
Merit: 100


View Profile WWW
September 25, 2014, 04:57:23 AM
 #14679

Out of curiosity, what's been added that requires unbound?  I'm familiar with it being a DNS resolving library, but what's in store?


Edit:
Also, of note, installing just the unbound dev libraries was not enough, "ldns" is also a requirement.

On Debian, this should satisfy the new dependencies: apt-get install libunbound-dev libunbound2 libldns-dev



thanks, I had to install this too

Aaaannnd tewinget just updated the repo to remove that dependency. Smiley

https://github.com/monero-project/bitmonero/commit/145dc19eebd2c9f289381debfa1fb7a4b8c71ef7


pa
Hero Member
*****
Offline Offline

Activity: 528
Merit: 501


View Profile
September 25, 2014, 05:00:48 AM
 #14680

So, I just recompiled bitmonerod, and now it seems to be stuck on block 232616. Here's some of the output:

2014-Sep-25 00:59:26.151813 [P2P5][188.232.142.138:18080 OUT]Sync data returned unknown top block: 232616 -> 232692 [76 blocks (0 days) behind]
SYNCHRONIZATION started
2014-Sep-25 00:59:32.237618 [P2P5][188.232.142.138:18080 OUT]Sync data returned unknown top block: 232616 -> 232692 [76 blocks (0 days) behind]
SYNCHRONIZATION started
2014-Sep-25 00:59:38.255829 [P2P8][188.232.142.138:18080 OUT]Sync data returned unknown top block: 232616 -> 232692 [76 blocks (0 days) behind]
SYNCHRONIZATION started
2014-Sep-25 00:59:44.404735 [P2P8][188.232.142.138:18080 OUT]Sync data returned unknown top block: 232616 -> 232692 [76 blocks (0 days) behind]
SYNCHRONIZATION started

Did I do something wrong?
Pages: « 1 ... 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 [734] 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 ... 2051 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!