Bitcoin Forum
June 21, 2024, 02:07:08 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 »  All
  Print  
Author Topic: [NXT] Development Discussion - The dev plan that keeps on delivering  (Read 22171 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
February 28, 2015, 09:36:47 PM
 #181

would be interesting if there was a way to create a dynamic password generator that is somehow linked to your mobile with with an app like google authenticator when using nxt login.

You covered a lot of ground there!  Grin

What do you mean by dynamic? If you mean random, the main client generates a diceware password with a greater entropy than the encryption in Nxt, all done client side so it is secure against bruteforcing. If you still don't trust that, then you can create your own diceware password and enter it yourself.

Two phase transactions will act like google authenticator, in that you can set it up to need two (or more) accounts to approve any transactions from your main account. It has the same effect in that if someone hacks your scvount, they can't steal anything or purchase scam assets/mscoins the would be thief is selling.

Not all of this is in thr mobile wallet but there is vontant development. You might want to look at the online wallets you can access at mynxt.info or nxtblocks.info. They use the short psssword you use in your log in to create a secure password as above so they are easier to use on the move. There is also Android and iOS apps available but don't know a lot about them
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 01, 2015, 11:46:27 PM
 #182

Seems some people think that Nxt doesn't have a presence on this forum.

So I just wanted to point out that Nxts 'official' thread for help and general chat can be found:

https://bitcointalk.org/index.php?topic=587007.0

Thanks  Grin
box0211
Full Member
***
Offline Offline

Activity: 165
Merit: 101


View Profile
March 02, 2015, 04:04:16 AM
 #183

no what i meant was have it generate a custom QR time based code that is derived from your password. so everytime someone logins to nxt they must have the constantly changing pin # to login to their account.
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 14, 2015, 09:15:02 PM
 #184

The surprise gifts just keep on coming - Multiaccount wallets.


Login in Nxt 1.5 does not require a password anymore. Only sending a transaction does. In effect, 1.5 has a multi-account wallet as a client side only feature.
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 14, 2015, 09:16:26 PM
 #185

no what i meant was have it generate a custom QR time based code that is derived from your password. so everytime someone logins to nxt they must have the constantly changing pin # to login to their account.

Sorry, I forgot about this. I think I understand.  I'll ask the devs, Jones is always interested in stuff like this.
jones_
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
March 14, 2015, 09:34:19 PM
 #186

no what i meant was have it generate a custom QR time based code that is derived from your password. so everytime someone logins to nxt they must have the constantly changing pin # to login to their account.

Sorry, I forgot about this. I think I understand.  I'll ask the devs, Jones is always interested in stuff like this.

I am Smiley my most recent system uses an encrypted wallet.dat type format where you can use a keypad to type in your PIN to unencrypt the nxt secretphrase. That way your account is safe against keyloggers and losing your wallet.dat and its short enough to be rememberable.

Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 14, 2015, 09:41:23 PM
 #187

I knew it  Cheesy Could it be adjusted to rely on a dynamic pin generator, a different PIN produced each use? That sounds complicated to do.
allwelder
Legendary
*
Offline Offline

Activity: 1512
Merit: 1004



View Profile
March 14, 2015, 11:34:32 PM
 #188

great,wait for NRS1.5 Smiley

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
jones_
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
March 15, 2015, 03:53:18 AM
 #189

I knew it  Cheesy Could it be adjusted to rely on a dynamic pin generator, a different PIN produced each use? That sounds complicated to do.

It could reencrypt the data with a different key each time, but it would just be more work for the user remembering new passwords each time the previous one is entered.

A 2fa like system would be cool, but is fairly impractical in a non centralized system. The closest to the is a project I've heard called nxt vault, but they plan to use nxt phasing and account control to achieve multisig like 2fa.
box0211
Full Member
***
Offline Offline

Activity: 165
Merit: 101


View Profile
March 15, 2015, 01:35:22 PM
 #190

maybe make a 2fa thats somehow correlates to the block height since it changes. and with the block height u generate a 2fa code that only u remeber. say for example a math formula. ex. block height is 1000 . now u decide enter ur own 2fa formula which is: (blockheight * 2) + 5

2fa code is 2005

this is all derived from the block height and the formula u remember. this makes it a always changing pass without the need of another device.

does this make sense?
jabo38
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


mining is so 2012-2013


View Profile WWW
March 15, 2015, 02:46:43 PM
 #191

maybe make a 2fa thats somehow correlates to the block height since it changes. and with the block height u generate a 2fa code that only u remeber. say for example a math formula. ex. block height is 1000 . now u decide enter ur own 2fa formula which is: (blockheight * 2) + 5

2fa code is 2005

this is all derived from the block height and the formula u remember. this makes it a always changing pass without the need of another device.

does this make sense?

using block height as a part of the 2FA is a pretty interesting idea

Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 15, 2015, 07:14:29 PM
 #192

maybe make a 2fa thats somehow correlates to the block height since it changes. and with the block height u generate a 2fa code that only u remeber. say for example a math formula. ex. block height is 1000 . now u decide enter ur own 2fa formula which is: (blockheight * 2) + 5

2fa code is 2005

does this make sense?

No, it doesn't make sense. This is nonsense. Who decides if your formula is correct and lets you login? Where is the formula saved? Why can't the hacker use the same formula?

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
box0211
Full Member
***
Offline Offline

Activity: 165
Merit: 101


View Profile
March 16, 2015, 02:45:57 AM
 #193

your password is the formula. you never type the formula. you calculate it in your head and you just type it out. even if there was a key logger they wouldnt be able to steal the code since its always changing. no one will know ur formula.

i havent firgured out where its saved yet.. just an idea for now.
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 16, 2015, 05:18:02 AM
 #194

your password is the formula. you never type the formula. you calculate it in your head and you just type it out. even if there was a key logger they wouldnt be able to steal the code since its always changing. no one will know ur formula.

This doesn't make any sense. The client (software) also have to know the same formula  -- the one that is in your head -- otherwise how does the software check if your number  is correct?

2FA  doesn't work with decentralized system. It works when there are two parties, one is a server, and the second one is your phone, both have the same secret and can verify the code generated by the same shared secret. What you are saying makes no sense, as you and the software you  are using must have the same formula on the same machine. That doesn't add any security.

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
jones_
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
March 16, 2015, 06:10:13 AM
 #195

your password is the formula. you never type the formula. you calculate it in your head and you just type it out. even if there was a key logger they wouldnt be able to steal the code since its always changing. no one will know ur formula.

This doesn't make any sense. The client (software) also have to know the same formula  -- the one that is in your head -- otherwise how does the software check if your number  is correct?

2FA  doesn't work with decentralized system. It works when there are two parties, one is a server, and the second one is your phone, both have the same secret and can verify the code generated by the same shared secret. What you are saying makes no sense, as you and the software you  are using must have the same formula on the same machine. That doesn't add any security.


Not impossible, just different.

What if I have a smartphone app that has a secretphrase encrypted with the data in a qr code kept somewhere else, then I need to scan that qr code to decrypt the secretphrase, the app signs the transaction bytes with it and then discards the secretphrase and qr code data.

Then someone with my phone cant use my nxt unless they have my qr code also, 2 factors of authentication.
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
March 16, 2015, 07:38:51 PM
 #196


What if I have a smartphone app that has a secretphrase encrypted with the data in a qr code kept somewhere else, then I need to scan that qr code to decrypt the secretphrase, the app signs the transaction bytes with it and then discards the secretphrase and qr code data.

This isn't true 2FA. In 2FA the code is generated dynamically, so it changes every 30  second and can't be reused.

What you describe here is static password in the phone that you are scanning instead of typing.

That isn't 2FA

Nxt client never saves the password  anyway, so if you don't like typing that password, you can write an app that scans it instead. Same thing. This isn't 2FA

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 18, 2015, 11:59:34 AM
 #197

Account Control (lock your account to prevent any thefts, only allow transfers to specified accounts and others) looks like it could be in version NRS 1.6.

So any news about AC  now ?

Another dev, Petko, is working on AC. I see regular updates in a corresponding branch, so I think it will be in 1.6
ChuckOne
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250

☕ NXT-4BTE-8Y4K-CDS2-6TB82


View Profile
March 18, 2015, 05:27:36 PM
 #198

2FA in Nxt will be realized with hashchains.


What if I have a smartphone app that has a secretphrase encrypted with the data in a qr code kept somewhere else, then I need to scan that qr code to decrypt the secretphrase, the app signs the transaction bytes with it and then discards the secretphrase and qr code data.

This isn't true 2FA. In 2FA the code is generated dynamically, so it changes every 30  second and can't be reused.

What you describe here is static password in the phone that you are scanning instead of typing.

That isn't 2FA

Nxt client never saves the password  anyway, so if you don't like typing that password, you can write an app that scans it instead. Same thing. This isn't 2FA
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 18, 2015, 05:31:06 PM
 #199

2FA in Nxt will be realized with hashchains.


What if I have a smartphone app that has a secretphrase encrypted with the data in a qr code kept somewhere else, then I need to scan that qr code to decrypt the secretphrase, the app signs the transaction bytes with it and then discards the secretphrase and qr code data.

This isn't true 2FA. In 2FA the code is generated dynamically, so it changes every 30  second and can't be reused.

What you describe here is static password in the phone that you are scanning instead of typing.

That isn't 2FA

Nxt client never saves the password  anyway, so if you don't like typing that password, you can write an app that scans it instead. Same thing. This isn't 2FA

What (rough) release will hashchains be in? And is that the tech that prevents spam and allows zero fees?
Daedelus (OP)
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
March 18, 2015, 05:31:29 PM
 #200

Also, for the fans...

Hi folks,

right now, we are busy finishing the experimental version of 1.5.0e. It will contain the long-announced Voting System and phased transactions.

Voting System will give several options to create polls and several options to vote on such creates polls. Also, the set of voters can be restricted.

Phased transactions leads to a new kind of transactions: transactions included within a block but with delayed execution.

However, understand its implications require a severe amount of time and consideration (concerning the protocol, server-side, UI-side, third-party applications, etc.) which the team currently is working on. We are on a good track to pin down every corner cases, try to smooth things out and remove insensible use-cases.

That's so far for the upcoming release 1.5.0e. I cannot tell a release date for now. We first need to make sure we got it all right (at least theoretically) to reduce the amount of work later on.

Cheers,
Chuck
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!