|
princesultan1
|
 |
May 11, 2014, 04:43:36 PM |
|
any point of forging is i only have 10,000 coins?
Lease your forging power What would I get? |
|
|
|
|
|
|
|
Brangdon
|
|
May 11, 2014, 05:23:29 PM |
|
Thanks! Actually I was hoping for a little more detail  The address is something like sha256(curve25519(sha256(key))). It is presumably as easy or hard to bruteforce this regardless of whether an account has been verified. If you know the key, you have access to the account. You must be talking about an intermediate step - a way of sending funds from an account without using its private key? I don't think this got replied to. As I understand it, that's not what an account is in Nxt. In Nxt an account is only the first 64 bits of the hash. That's why it's relatively weak. It's also why it can be expressed in 21 digits, where Bitcoin needs 34 alphnumeric characters. So account collisions are much more likely in Nxt. When you first send from a Nxt account, your public key is registered to the account, and that brings the security back up to 256 bits. Thanks - that's helpful. I think I understand it now. It rules out conventional cold storage, unfortunately. You can create an account on an offline computer, send some coins to it, then create a transaction signed on the offline computer, move that transaction to an online computer, and broadcast it. That gets your account associated with a public key without the private key ever being exposed an online computer. I say "you can" but I don't know if the wallet software to do this exists yet; if it doesn't it could (and should!) be written. It'd work pretty much the same as Armory, except with the need to create that initial (offline) transaction. |
Bitcoin: 1BrangfWu2YGJ8W6xNM7u66K4YNj2mie3t Nxt: NXT-XZQ9-GRW7-7STD-ES4DB
|
|
|
|
Daedelus
|
|
May 11, 2014, 05:59:56 PM |
|
Thanks! Actually I was hoping for a little more detail The address is something like sha256(curve25519(sha256(key))). It is presumably as easy or hard to bruteforce this regardless of whether an account has been verified. If you know the key, you have access to the account. You must be talking about an intermediate step - a way of sending funds from an account without using its private key? I don't think this got replied to. As I understand it, that's not what an account is in Nxt. In Nxt an account is only the first 64 bits of the hash. That's why it's relatively weak. It's also why it can be expressed in 21 digits, where Bitcoin needs 34 alphnumeric characters. So account collisions are much more likely in Nxt. When you first send from a Nxt account, your public key is registered to the account, and that brings the security back up to 256 bits. Thanks - that's helpful. I think I understand it now. It rules out conventional cold storage, unfortunately. You can create an account on an offline computer, send some coins to it, then create a transaction signed on the offline computer, move that transaction to an online computer, and broadcast it. That gets your account associated with a public key without the private key ever being exposed an online computer. I say "you can" but I don't know if the wallet software to do this exists yet; if it doesn't it could (and should!) be written. It'd work pretty much the same as Armory, except with the need to create that initial (offline) transaction. Account control will allow you to lock your account, preventing any outgoing transactions that will add good security. Post in the nxtforum account control subforum and come-from-beyond will pick it up. |
|
|
|
|
TwinWinNerD
Legendary
 Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
May 11, 2014, 06:12:25 PM |
|
|
|
|
|
Cassius
Legendary
Offline
Activity: 1764
Merit: 1031
|
|
May 11, 2014, 06:37:33 PM |
|
Thanks! Actually I was hoping for a little more detail The address is something like sha256(curve25519(sha256(key))). It is presumably as easy or hard to bruteforce this regardless of whether an account has been verified. If you know the key, you have access to the account. You must be talking about an intermediate step - a way of sending funds from an account without using its private key? I don't think this got replied to. As I understand it, that's not what an account is in Nxt. In Nxt an account is only the first 64 bits of the hash. That's why it's relatively weak. It's also why it can be expressed in 21 digits, where Bitcoin needs 34 alphnumeric characters. So account collisions are much more likely in Nxt. When you first send from a Nxt account, your public key is registered to the account, and that brings the security back up to 256 bits. Thanks - that's helpful. I think I understand it now. It rules out conventional cold storage, unfortunately. You can create an account on an offline computer, send some coins to it, then create a transaction signed on the offline computer, move that transaction to an online computer, and broadcast it. That gets your account associated with a public key without the private key ever being exposed an online computer. I say "you can" but I don't know if the wallet software to do this exists yet; if it doesn't it could (and should!) be written. It'd work pretty much the same as Armory, except with the need to create that initial (offline) transaction. Account control will allow you to lock your account, preventing any outgoing transactions that will add good security. Post in the nxtforum account control subforum and come-from-beyond will pick it up. Cool, thanks for both replies. How would account locking work - separate password? The main attack I see happening on NXT is malware/keystroke loggers. I really like the all-offline solution of bitcoin cold storage because it's so elegantly simple and powerful. Wondering what the NXT analogue is. |
|
|
|
|
|
Daedelus
|
|
May 11, 2014, 06:44:04 PM |
|
Thanks! Actually I was hoping for a little more detail The address is something like sha256(curve25519(sha256(key))). It is presumably as easy or hard to bruteforce this regardless of whether an account has been verified. If you know the key, you have access to the account. You must be talking about an intermediate step - a way of sending funds from an account without using its private key? I don't think this got replied to. As I understand it, that's not what an account is in Nxt. In Nxt an account is only the first 64 bits of the hash. That's why it's relatively weak. It's also why it can be expressed in 21 digits, where Bitcoin needs 34 alphnumeric characters. So account collisions are much more likely in Nxt. When you first send from a Nxt account, your public key is registered to the account, and that brings the security back up to 256 bits. Thanks - that's helpful. I think I understand it now. It rules out conventional cold storage, unfortunately. You can create an account on an offline computer, send some coins to it, then create a transaction signed on the offline computer, move that transaction to an online computer, and broadcast it. That gets your account associated with a public key without the private key ever being exposed an online computer. I say "you can" but I don't know if the wallet software to do this exists yet; if it doesn't it could (and should!) be written. It'd work pretty much the same as Armory, except with the need to create that initial (offline) transaction. Account control will allow you to lock your account, preventing any outgoing transactions that will add good security. Post in the nxtforum account control subforum and come-from-beyond will pick it up. Cool, thanks for both replies. How would account locking work - separate password? The main attack I see happening on NXT is malware/keystroke loggers. I really like the all-offline solution of bitcoin cold storage because it's so elegantly simple and powerful. Wondering what the NXT analogue is. It is in Come-from-beyonds hands. The last discussion I saw was in the megathread. For now, we have http://wiki.nxtcrypto.org/wiki/Account_Control or posting questions in the subforum above. |
|
|
|
|
mr_random
Legendary
Offline
Activity: 1344
Merit: 1001
|
|
May 11, 2014, 07:08:21 PM |
|
Sweet. |
|
|
|
|
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
May 11, 2014, 08:41:10 PM |
|
|
|
|
|
|
|
TwinWinNerD
Legendary
Offline
Activity: 1680
Merit: 1001
CEO Bitpanda.com
|
|
May 11, 2014, 08:41:36 PM |
|
Very nice! Whos work is it? Passion_LTC and? |
|
|
|
|
|
|
PL_CoinTrader
|
|
May 11, 2014, 08:51:13 PM |
|
I'm wondering why the price drops before the AE launch. Howsoever I'm very excited for the AE launch and I'm going to buy a lot of assets. Especially assets from Noxam, Bithaus, Dgex and Dots for Bits. I'm just a little afraid that the stakeholder buy all the assets. But I have no idea whether this is a realistic scenario or not.
|
|
|
|
|
EvilDave
|
|
May 11, 2014, 08:51:53 PM |
|
+1 to my uncouth friend..... It does, indeed, appear to be mammaries of the highest possible quality. NXT rules......i've run out of +1 for today. (thats 3 amazing NXT things I've seen today.....I don't get out much) |
|
|
|
|
|
godt
Member
Offline
Activity: 87
Merit: 10
|
|
May 11, 2014, 09:07:57 PM |
|
Nice great design...Finally |
|
|
|
|
|
rdanneskjoldr
|
|
May 11, 2014, 09:36:48 PM |
|
Also the weekend does not help.Good thing is people will be able to try it tomorrow when they wake up without waiting  |
|
|
|
|
farl4web
Legendary
Offline
Activity: 1205
Merit: 1000
|
|
May 11, 2014, 09:44:08 PM |
|
The new website www.NXT.org is really looking great!! 
|
|
|
|
|
|
