Running A Full Node - Bitcoin

Bitcoin miner installed on ABC servers; LulzSec and Mt. Gox? Sophos Security comments on virtues of virtual currency

Bitcoin miner installed on ABC servers; LulzSec and Mt. Gox? Sophos Security comments on virtues of virtual currency submitted by FreshOutOfGeekistan to Bitcoin [link] [comments]

[OWL WATCH] Waiting for "IOTA TIME" 20; Hans's re-defined directions for DLT

Disclaimer: This is my editing, so there could be some misunderstandings...
--------------------------------------------
wellwho오늘 오후 4:50
u/Ben Royce****how far is society2 from having something clickable powered by IOTA?
Ben Royce오늘 오후 4:51
demo of basic tech late sep/ early oct. MVP early 2021
---------------------------------------------------
HusQy
Colored coins are the most misunderstood upcoming feature of the IOTA protocol. A lot of people see them just as a competitor to ERC-20 tokens on ETH and therefore a way of tokenizing things on IOTA, but they are much more important because they enable "consensus on data".
Bob
All this stuff already works on neblio but decentralized and scaling to 3500 tps
HusQy
Neblio has 8 mb blocks with 30 seconds blocktime. This is a throughput of 8 mb / 30 seconds = 267 kb per second. Transactions are 401+ bytes which means that throughput is 267 kb / 401 bytes = 665 TPS. IOTA is faster, feeless and will get even faster with the next update ...
-----------------------------------------------------------------------------
HusQy
Which DLT would be more secure? One that is collaboratively validated by the economic actors of the world (coporations, companies, foundations, states, people) or one that is validated by an anonymous group of wealthy crypto holders?
HusQy
The problem with current DLTs is that we use protection mechanisms like Proof of Work and Proof of Stake that are inherently hard to shard. The more shards you have, the more you have to distribute your hashing power and your stake and the less secure the system becomes.
HusQy
Real world identities (i.e. all the big economic actors) however could shard into as many shards as necessary without making the system less secure. Todays DLTs waste trust in the same way as PoW wastes energy.
HusQy
Is a secure money worth anything if you can't trust the economic actors that you would buy stuff from? If you buy a car from Volkswagen and they just beat you up and throw you out of the shop after you payed then a secure money won't be useful either :P
HusQy
**I believe that if you want to make DLT work and be successful then we need to ultimately incorporate things like trust in entities into the technology.**Examples likes wirecard show that trusting a single company is problematic but trusting the economy as a whole should be at ...
**... least as secure as todays DLTs.**And as soon as you add sharding it will be orders of magnitude more secure. DLT has failed to deliver because people have tried to build a system in vacuum that completely ignores things that already exist and that you can leverage on.
----------------------------------------------------------------------------------
HusQy
Blockchain is a bit like people sitting in a room, trying to communicate through BINGO sheets. While they talk, they write down some of the things that have been said and as soon as one screams BINGO! he hands around his sheet to inform everybody about what has been said.
HusQy
If you think that this is the most efficient form of communication for people sitting in the same room and the answer to scalability is to make bigger BINGO sheets or to allow people to solve the puzzle faster then you will most probably never understand what IOTA is working on.
--------------------------------------------------------------------------------
HusQy
**Blockchain does not work with too many equally weighted validators.****If 400 validators produce a validating statement (block) at the same time then only one can survive as part of a longest chain.**IOTA is all about collaborative validation.
**Another problem of blockchain is that every transaction gets sent twice through the network. Once from the nodes to the miners and a 2nd time from the miners as part of a block.**Blockchain will therefore always only be able to use 50% of the network throughput.
And****the last problem is that you can not arbitrarily decrease the time between blocks as it breaks down if the time between blocks gets smaller than the average network delay. The idle time between blocks is precious time that could be used for processing transactions.
-----------------------------------------------------------------------------
HusQy
I am not talking about a system with a fixed number of validators but one that is completely open and permissionless where any new company can just spin up a node and take part in the network.
------------------------------------------------------------------------
HusQy
Proof of Work and Proof of Stake are both centralizing sybil-protection mechanism. I don't think that Satoshi wanted 14 mining pools to run the network.
And "economic clustering" was always the "end game" of IOTA.
-----------------------------------------------------------------------------
HusQy
**Using Proof of Stake is not trustless. Proof of Stake means you trust the richest people and hope that they approve your transactions. The rich are getting richer (through your fees) and you are getting more and more dependant on them.**Is that your vision of the future?
----------------------------------------------------------------------------

HusQy
Please read again exactly what I wrote. I have not spoken of introducing governance by large companies, nor have I said that IOTA should be permissioned. We aim for a network with millions or even billions of nodes.

HusQy
That can't work at all with a permissioned ledger - who should then drop off all these devices or authorize them to participate in the network? My key message was the following: Proof of Work and Proof of Stake will always be if you split them up via sharding ...

HusQy
... less secure because you simply need fewer coins or less hash power to have the majority of the votes in a shard. This is not the case with trust in society and the economy. When all companies in the world jointly secure a DLT ...

HusQy
... then these companies could install any number of servers in any number of shards without compromising security, because "trust" does not become less just because they operate several servers. First of all, that is a fact and nothing else.

HusQy
Proof of Work and Proof of Stake are contrary to the assumption of many not "trustless" but follow the maxim: "In the greed of miners we trust!" The basic assumption that the miners do not destroy the system that generates income for them is fundamental here for the ...

HusQy
... security of every DLT. I think a similar assumption would still be correct for the economy as a whole: The companies of the world (and not just the big ones) would not destroy the system with which their customers pay them. In this respect, a system would be ...

HusQy
... which is validated by society and the economy as a whole probably just as "safely" as a system which is validated by a few anonymous miners. Why a small elite of miners should be better validators than any human and ...

HusQy
... To be honest, companies in this world do not open up to me. As already written in my other thread, safe money does not bring you anything if you have to assume that Volkswagen will beat you up and throw you out of the store after you ...

HusQy
... paid for a car. The thoughts I discussed say nothing about the immediate future of IOTA (we use for Coordicide mana) but rather speak of a world where DLT has already become an integral part of our lives and we ...

HusQy
... a corresponding number of companies, non-profit organizations and people have used DLT and where such a system could be implemented. The point here is not to create a governance solution that in any way influences the development of technology ...

HusQy
... or have to give nodes their OK first, but about developing a system that enables people to freely choose the validators they trust. For example, you can also declare your grandma to be a validator when you install your node or your ...

HusQy
... local supermarket. Economic relationships in the real world usually form a close-knit network and it doesn't really matter who you follow as long as the majority is honest. I also don't understand your criticism of censorship, because something like that in IOTA ...

HusQy
... is almost impossible. Each transaction confirms two other transactions which is growing exponentially. If someone wanted to ignore a transaction, he would have to ignore an exponential number of other transactions after a very short time. In contrast to blockchain ...

HusQy
... validators in IOTA do not decide what is included in the ledger, but only decide which of several double spends should be confirmed. Honest transactions are confirmed simply by having other transactions reference them ...

HusQy
... and the "validators" are not even asked. As for the "dust problem", this is indeed something that is a bigger problem for IOTA than for other DLTs because we have no fees, but it is also not an unsolvable problem. Bitcoin initially has a ...

HusQy
Solved similar problem by declaring outputs with a minimum amount of 5430 satoshis as invalid ( github.com/Bitcoin/Bitcoi…). A similar solution where an address must contain a minimum amount is also conceivable for IOTA and we are discussing ...

HusQy
... several possibilities (including compressing dust using cryptographic methods). Contrary to your assumption, checking such a minimum amount is not slow but just as fast as checking a normal transaction. And mine ...

HusQy
... In my opinion this is no problem at all for IOTA's use case. The important thing is that you can send small amounts, but after IOTA is feeless it is also okay to expect the recipients to regularly send their payments on a ...

HusQy
... merge address. The wallets already do this automatically (sweeping) and for machines it is no problem to automate this process. So far this was not a problem because the TPS were limited but with the increased TPS throughput of ...

HusQy
... Chrysalis it becomes relevant and appropriate solutions are discussed and then implemented accordingly. I think that was the most important thing first and if you have further questions just write :)

HusQy
And to be very clear! I really appreciate you and your questions and don't see this as an attack at all! People who see such questions as inappropriate criticism should really ask whether they are still objective. I have little time at the moment because ...

HusQy
... my girlfriend is on tour and has to take care of our daughter, but as soon as she is back we can discuss these things in a video. I think that the concept of including the "real world" in the concepts of DLT is really exciting and ...

HusQy
... that would certainly be exciting to discuss in a joint video. But again, that's more of a vision than a specific plan for the immediate future. This would not work with blockchain anyway but IOTA would be compatible so why not think about such things.
-----------------------------------------------------------------------

HusQy
All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time.
----------------------------------------------------------------------------------

HusQy
Exactly. It would mean that addresses "cost" something but I would rather pay a few cents than fees for each transaction. And you can "take" this minimum amount with you every time you change to a new address.

HusQy
All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time.
-----------------------------------------------------------------------------------

Relax오늘 오전 1:17
Btw. Hans (sorry for interrupting this convo) but what make people say that IOTA is going the permissioned way because of your latest tweets? I don't get why some people are now forecasting that... Is it because of missing specs or do they just don't get the whole idea?

Hans Moog [IF]오늘 오전 1:20
its bullshit u/Relaxan identity based system would still be open and permissionless where everybody can choose the actors that they deem trustworthy themselves but thats anyway just sth that would be applicable with more adoption
[오전 1:20]
for now we use mana as a predecessor to an actual reputation system

Sissors오늘 오전 1:31
If everybody has to choose actors they deem trustworthy, is it still permissionless? Probably will become a bit a semantic discussion, but still

Hans Moog [IF]오늘 오전 1:34
Of course its permissionless you can follow your grandma if you want to :p

Sissors오늘 오전 1:36
Well sure you can, but you will need to follow something which has a majority of the voting power in the network. Nice that you follow your grandma, but if others dont, her opinion (or well her nodes opinion) is completely irrelevant

Hans Moog [IF]오늘 오전 1:37
You would ideally follow the people that are trustworthy rather than your local drug dealers yeah

Sissors오늘 오전 1:38
And tbh, sure if you do it like that is easy. If you just make the users responsible for only connection to trustworthy nodes

Hans Moog [IF]오늘 오전 1:38
And if your grandma follows her supermarket and some other people she deems trustworthy then thats fine as well
[오전 1:38]
+ you dont have just 1 actor that you follow

Sissors오늘 오전 1:38
No, you got a large list, since yo uwant to follow those which actually matter. So you jsut download a standard list from the internet

Hans Moog [IF]오늘 오전 1:39
You can do that
[오전 1:39]
Is bitcoin permissionless? Should we both try to become miners?
[오전 1:41]
I mean miners that actually matter and not find a block every 10 trillion years 📷
[오전 1:42]
If you would want to become a validator then you would need to build up trust among other people - but anybody can still run a node and issue transactions unlike in hashgraph where you are not able to run your own nodes(수정됨)
[오전 1:48]
Proof of Stake is also not trustless - it just has a builtin mechanism that downloads the trusted people from the blockchain itself (the richest dudes)

Sissors오늘 오전 1:52
I think most agree it would be perfect if every person had one vote. Which is pr oblematic to implement of course. But I really wonder if the solution is to just let users decide who to trust. At the very least I expect a quite centralized network

Hans Moog [IF]오늘 오전 1:53
of course even a trust based system would to a certain degree be centralized as not every person is equally trustworthy as for example a big cooperation
[오전 1:53]
but I think its gonna be less centralized than PoS or PoW
[오전 1:53]
but anyway its sth for "after coordicide"
[오전 1:54]
there are not enough trusted entities that are using DLT, yet to make such a system work reasonably well
[오전 1:54]
I think the reason why blockchain has not really started to look into these kind of concepts is because blockchain doesnt work with too many equally weighted validators
[오전 1:56]
I believe that DLT is only going to take over the world if it is actually "better" than existing systems and with better I mean cheaper, more secure and faster and PoS and PoW will have a very hard time to deliver that
[오전 1:56]
especially if you consider that its not only going to settle value transfers

Relax오늘 오전 1:57
I like this clear statements, it makes it really clear that DLT is still in its infancy

Hans Moog [IF]오늘 오전 1:57
currently bank transfers are order of magnitude cheaper than BTC or ETH transactions

Hans Moog [IF]오늘 오전 1:57
and we you think that people will adopt it just because its crypto then I think we are mistaken
[오전 1:57]
The tech needs to actually solve a problem
[오전 1:57]
and tbh. currently people use PayPal and other companies to settle their payments
[오전 1:58]
having a group of the top 500 companies run such a service together is already much better(수정됨)
[오전 1:58]
especially if its fast and feeless
[오전 2:02]
and the more people use it, the more decentralized it actually becomes
[오전 2:02]
because you have more trustworthy entities to choose of

Evaldas [IF]오늘 오전 2:08
"in the greed of miners we trust"


submitted by btlkhs to Iota [link] [comments]

Tear my CyberSec plan apart

Hey guys. Just coming finishing up my second year as a "Jack of all Trades" sysadmin/IT and after Passing my Sec+ my boss has approved my request to change my title to Sec Admin and work mostly full time on Securing our network as these past 2 years we've seen pretty large growth with at least 3 ransomware attacks and one employee installing bitcoin miners and getting away with it because literally nothing is logged.
Our Company consists of our main office with 9 adminstrators and 3 IT guys. Me and another guy, and our manager. We have a 30 person call center in the building with a remote call center connected back here. We serve as a telecom with roughly 40,000 users. Since we have a bunch of phone equipment and such, We have 6 almost identical Colos that each have the work divided between them, but they do not act as failovers. If one Colo loses internet/power, those 10k or so customers are SOL
Our security stance is this - and I quote "Don't get attacked". Hasn't worked so far. We do at the very least have a Fortigate
Leads me to the CyberSec plan. My first project was adding and configuring a WSUS server so our servers that were last updated in 2018 can at least be a little more secure. I just now finished it and the documentation and now My director and CEO have thrown their full support behind whatever I suggest So i'm kinda insanely excited to just get to get after it with very little redtape. I've spent the last few weeks planning out what I think we need to at least get us up to "Mediocre" standing.
Below is my list and my explanations. If all is good I will present this to our C-suite as our CyberSecuity Initiative. This list has gone through several changes and I know that some is way too much or I have the totally wrong idea on what this stuff is. As title says, feel free to tear it apart. I'm excited to learn all of this stuff.
9/15 Updated Cybersec Initiative Current List: -Full Risk/Impact analysis with a Disaster Recovery Plan // Was very surprised to hear we don't have any of this. We just got hit with a hurricane and we were down for almost a week because no disaster plans or fail overs
-Entire Network Map with help of LibreNMS or other Net tools // We don't have any maps of our network. Most of what I know is because I have to ask where a server is and I keep a notebook of it around.
-Audit security of our POS kiosk systems // We have a few kiosks out that process transactions and I know nothing of any security controls. Would it be a good idea to add these to our domain as well?
-Contain the ridiculous VM sprawl // We have VMs that we have no idea what/if they do anything. Need to contain this
-Combine our Call center and Main DC, Full permission Audit, add Group policy restrictions (Time of Day, Lockout), add all COLO servers to domain, add all technicians to domain // This is a big one. No point in my opinion of having 2 domains when one is literally one group called "Call center Agents". None of our field guys are added to our domain, and none of our COLO servers are on our domain. Group policy updates to limit time of day and password policies
-Create a honeypot/net // This one is mostly for fun
-Full rollout of Security Onion // One sensor at each COLO plus our main office network. Wazuh/Malwarebytes configured on every PC/Server we have.
-Harden our outward facing Webservers // We don't do much as our websites are administered by another company, But i'd like to talk with them about it
-Disable SNMPv2 or change community string // I know that our printers still have this
-Create .iso of "stock OS" with malwarebytes/Wazuh already installed, system alreay hardened // More of a convenience
-Configure Guest Wifi using best practices
-Audit/Use Backups // I know we have backups of some things but not everything. Set this up with raid and/or offsite backup
-Implement 2FA/SSO on user PCs // Outlook 2FA and SSO for some of our resources
-Turn on firewall logging // Thats right. No logs on firewall at all.
-Implement security policies on our Outlook stuff // Phishing detection, logging, etc
-Train users on phishing campaigns and such // This wouldn't be until next year during annual company training
TLDR: I'm now a sec admin and I'm looking for critique on if/why the above controls wouldn't work or are too much/overkill on our network that takes "Security through obscurity" to a new level. Feel free to fuck me up y'all.
Edit: A lot more help than I thought I'd get. This has all been great. You guys are so much nicer than linux4noobs
submitted by HighSeasCaesar to sysadmin [link] [comments]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Multiple DHT22 Sensors

Hello all, first thing first, I am a computer repair technician at a Bitcoin mining facility. We have about 20,000 bitcoin miners that me and my coworkers are in charge of monitoring and repairing. So with that being said I am pretty much lost when it comes to python and servers and things of that sort.Everyone that has dealt with computers/electronics know that heat is a huge issue. And heat is a killer to bitcoin miners,so monitoring the temperature and humidity in the facility is crucial so we can control the waterwalls and such as needed .I have successfully set up 14 raspberry pis with DHT22 sensors by copying and pasting scripts that I found online. They are reporting to a website through POST method. The readings are shown on a barchart,but is not dynamic so it only shows 1 reading at a time. I have been tasked with setting up a way to get all the sensors reading to a single server,then pulling the data from the server onto a D3.js grouped bar chart . Now, there is 14 Pis and each is set to read every mintue. These will be running 24/7 so there will be alot of readings. My question,actually a few questions is I am needing to set up 1 Pi as a dedicated server receiving all the readings. 1)What would be the best way to set that up,I have read that a MQTT server is the easiest but cant handle a lot of data(which I will have)I was thinking about a MySql. 2)Would I need to attach extra storage to this Pi to handle all the data. 3) How do I send all the readings to the server Pi(NOTE: they will all be on the same network) 4) How would I pull all this information from the server and input it into a D3.js grouped bar chart. Do I need to have a web server installed on the Pi?. I'm not expecting a step by step answer, and I am on a timeline and honestly dont have time to learn pythhon,html,php,sql or whatever is needed for this. All I am asking is for is a step in the right direction, thanks to all that read this and any information will be greatly appreciated
submitted by AbsentGalaxy to RASPBERRY_PI_PROJECTS [link] [comments]

List of CFML Vulnerabilities & Security Issues

This list is updated frequently as we detect more issues, also note that we can’t detect these issues in all cases on all servers, even if the issue has not been patched yet.
Here are some CFML Vulnerabilities & Security Issues that you might have faced-

  1. Jakarta Virtual Directory Exposed – The /jakarta virtual directory (which is required by CF10+ on Tomcat/IIS) is serving files such as isapi_redirect.properties or isapi_redirect.log. The only URI that should be served is /jakarta/isapi_redirect.dll – you can use Request Filtering to block.
  2. Bitcoin Miner Discovered – Found files in /CFIDE that match the signature of a bitcoin miner exploit. Look for /CFIDE/m /CFIDE/m32 /CFIDE/m64 and /CFIDE/updates.cfm among others.
  3. Hotfix APSB11-14 Not Installed – Apply the hotfixes located in Adobe Security Notice apsb11-14.
  4. Railo Security Issue 2635 – Input of Chr(0) to the ReplaceList function can cause infinate loop / crash. Fixed in Version 4.1.1.008
  5. XSS Injection in cfform.js – A document.write call was found in your /CFIDE/scripts/cfform.js file, an attacker may be injecting a javascript, please check your cfform.js file.
  6. Executable found in CFIDE – Found executable file(s) in /CFIDE with one of the following file extensions: dll, exe, bat, sh
  7. Heartbleed Vulnerability Detected – The heartbleed vulnerability is a bug in OpenSSL (the crypto library used by Apache, NGinx, and others) that can allow the leakage of private keys used for TLS/SSL encryption.
  8. OpenBD AdminAPI Exposed to the Public – The /bluedragon/adminapi/ directory is open to the public it should be locked down to prevent exploit.
  9. Security Hotfix APSB12-26 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB12-26 was not found to be installed on your server. This hotfix resolves a sandbox permission issue.
  10. Security Hotfix APSB17-30 Not Installed Or Partailly Installed – The security hotfix referenced in Adobe Security Bulletin APSB17-30 was not found to be fully installed on your server. For the hotfix to be effective you must have Java 8 update 121 or greater installed. This hotfix resolves two critical vulnerabilities CVE-2017-11286 and CVE-2017-11283 / CVE-2017-11284 and one important vulnerability CVE-2017-11285. The issues are resolved in ColdFusion 11 Update 13+ and ColdFusion 2016 Update 5+ with Java 8 update 121 or greater.
  11. ColdFusion Example Applications Installed – The ColdFusion example applications are installed at /cfdocs/exampleapps/ or /CFIDE/gettingstarted/, they should not be installed on a production server.
  12. Svn Hidden Directory Exposed – A request for /.svn/text-base/index.cfm.svn-base appears to resolve to a subversion repository, which could lead to source code disclosure. Please block .svn/
  13. Solr Search Service Exposed – CVE-2010-0185 detected. ColdFusion 9 Apache Solr services are exposed to the public. Any data in solr search collections may be exposed to the public. Follow the instructions in APSB10-04 to remedy, or upgrade to ColdFusion 9.0.1.
  14. TLS Compression Supported – TLS Compression should be disabled due to the CRIME TLS vulnerability.
  15. Security Hotfix APSB11-04 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB11-04 was not found to be installed on your server. This hotfix also contains most prior security hotfixes.
  16. Git Hidden Directory Exposed – A request for /.git/config appears to resolve to a git repository, wouch could lead to source code disclosure. Please block .git/
  17. Cross Site Scripting Vulnerability CVE-2011-4368 – CVE-2011-4368 detected. Apply the hotfix located in Adobe Security Notice apsb11-29.
  18. JVM Vulnerable to Java Null Byte Injection – The JVM that you are running is vulnerable to null byte injections (or null byte poisioning) in java.io file operations. Java 1.7.0_40+ or 1.8+ attempt to mitigate null byte injection attacks.
  19. Java 11 Security Update Available – The JVM that you are running contains security vulnerabilities that could be exploited in server side environments. Update to the latest version of Java 11. Note that Oracle Java 11 requires a commercial license. Adobe CF customers can download Oracle Java 11 from the ColdFusion Downloads Page. You can also use OpenJDK, Amazon Corretto, or other non-oracle JVMs for free.
  20. Security Hotfix APSB19-10 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB19-10 was not found to be installed on your server. This hotfix resolves 2 issues, one important (CVE-2019-7092) and one critical (CVE-2019-7091). The issues are resolved in ColdFusion 11 Update 16+ ColdFusion 2016 Update 8+ and ColdFusion 2018 Update 2+. For all security fixes to be effective you should also have Java 8 update 121 or greater installed.
  21. Cross Site Scripting Vulnerability CVE-2011-0583 – CVE-2011-0583 detected. Apply the hotfixes located in Adobe Security Notice apsb11-04. The detection of this vulnerability also indicates to a high degree of likelihood that the following vulnerabilities may also exist: CVE-2011-0580, CVE-2011-0581, CVE-2011-0582, CVE-2011-0584
  22. Apache 2.2 Security Update Available – The version of Apache you are running does not contain the most recent security fixes.
  23. BlaseDS/AMF External XML Entity Injection – CVE-2009-3960 detected. You must apply the hotfix specified in Adobe Security Bulliten APSB10-05, otherwise an attacker can read any file on the server that ColdFusion has permission to read. You need to do this even if you don’t use BlaseDS or Flash Remoting because it is enabled in CF by default.
  24. SSL Version 2 Enabled – Your Web Server is accepting SSL V2 connections, a weak protocol. For PCI compliance, and strong security you must disable this protocol on your web server.
  25. Missing Strict-Transport-Security Header – This domain supports HTTPS but does not send the HTTP Strict-Transport-Security response header (HSTS) to force HTTPS.
  26. The /CFIDE/scripts directory is in default location. – Consider changing the default location of /CFIDE/scripts/ by changing the value of the Default Script Src setting in the ColdFusion Administrator.
  27. Recalled Hotfix 10.0.3 Installed – You are running ColdFusion 10.0.3 which has been recalled by adobe due to bugs in the release. Please install the latest 10.0 hotfix.
  28. ComponentUtils Exposed to the Public – The /CFIDE/componentutils/ directory is open to the public it should be locked down to prevent exploit.
  29. ColdFusion Update Available – You may not be running the latest version of ColdFusion 8, consider updating to ColdFusion 8.0.1
  30. Security Hotfix APSB13-10 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB13-10 was not found on your server. This hotfix resolves authentication issues that could allow an attacker impersonate a user in your application, or a ColdFusion Administrator.
  31. CVE-2010-2861 Detected – Path Traversal Vulnerability detected (CVE-2010-2861 APSB10-18), this allows an attacker to read any file on the servers file system that ColdFusion has access to (within the same drive on windows).
  32. Security Hotfix APSB13-19 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB13-19 was not found on your server.
  33. Security Hotfix APSB12-15 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB12-15 was not found to be installed on your server. This hotfix resolves a HTTP response splitting vulnerability in the ColdFusion Component Browser CVE-2012-2041.
  34. Security Hotfix APSB16-16 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB16-16 was not found to be installed on your server. This hotfix addresses a XSS issue, a Java Deserialization Vulnerability and a TLS Hostname verification issue. This issue is fixed in ColdFusion 10 Update 19+, ColdFusion 11 Update 8+, and ColdFusion 2016 Update 1+
  35. Vulnerable PageSpeed Module – The Version of PageSpeed Module you are using may be vulnerable to one or more vulnerabilities. Update your PageSpeed web server module to the latest version to resolve.
  36. TLS 1.2 Is Not Enabled – Configure your server to accept TLS 1.2 connections for optimal HTTPS security. Note for IIS you must be running Windows 2008r2 or greater for TLS 1.2 support. You can use our IIS SSL / TLS configuration tool to toggle protocol support on your server.
  37. Java 13 EOL – Java 13 has reached end of life at the release of Java 14. It is not a LTS (Long Term Support Version), you can use Java 11 for LTS.
  38. Lucee Security Issue 2015-08-06 – Lucee fixed an XSS issue in version 4.5.1.023. This issue remains unpatched in Railo.
submitted by aligatorraid to coldfusion [link] [comments]

Technical Questions: Mac Nodes & Servers

Hi guys, I posted this over at BitcoinBeginners but it hasn’t received a lot of useful input. I’ve read the FAQ there and searched around the web for answers, but could really use your help.
I have a dedicated 2011 MacBook Pro running High Sierra that I’d like to use in support of Bitcoin. So far, I have installed and verified GPG Suite and Bitcoin Core following instructions from bitcoin.orf. It is now synced, and I hope to add block explorer, a lightning node, and an electrum server. Once complete, I’d like to create some tutorials and guides to help others who have old Macs, since there is already a lot of good info for Windows and Linux.
I found this guide on Medium talking about Power Node Launcher, but it’s doesn’t have the same emphasis on security as the other tools I’ve setup. Before taking next steps, I’d like input from the community on the order of steps and trusted sources for installing the aforementioned programs.
If there is anything else I can do with my computer and bandwidth to help Bitcoin, please let me know. Specifically, if I am able to setup a lightning node, would it help if I stored some bitcoin on it to support transactions? Should I setup a slow simple mining program or run an older ASIC miner that is not part of a pool just to help diversify the network? Should I setup a satellite connection as Andreas suggested in one of his older videos? Thanks for your input.
submitted by itfwg to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

Intents Festival, The Online Festival v2.0 | Livesets Download (With Saturday!)

Intents Festival, The Online Festival v2.0 | Livesets Download Single sets can be downloaded via a torrent client. The source of the rip for 'Intents Festival, The Online Festival' is a copy of their Twitch Livestream, recorded using streamlink. I never use screen or audio records.
All the 3 stages, Friday Pre-Party, Saturday Outdoor Mainstage and Indoor Stage are all in 1 spreadsheet with multiple tabs. But here are the links directly to the correct tab: Friday Pre-Party Saturday Outdoor Mainstage Saturday Indoor Stage
If you use BitTorrent or μTorrent, shame on you. Get a good torrent client like qBittorrent or Deluge, they dont include advertisements and work as well, if not better.
New! a less than 1 minute tutorial on how to download a liveset if do you do not have qBittorrent yet! Use the pause button if it goes too fast ;) To copy a link from the spreadsheet use 'CTRL+C' or any other equivalent for your OS. You can also add all the livesets at once Example
Note: If you have issues with the download not strarting, you can add my seedbox as a peer manually: 185.45.195.189:20117 Quick tutorial on how to do thisClick me
Note 2: Downloading sets from the Indoor Stage are currently slow as fuck because they are still getting uploaded to a server.
submitted by DyonR to hardstyle [link] [comments]

What is Masternode? Why Is XinFin Masternode a Good Alternative to Proof of Work

Taking into account current market conditions more and more crypto enthusiasts are gaining interest in being rewarded for holding tokens. Ain’s it’s beneficial than patiently waiting for the moon? Traditional Proof-of-Work (PoW) mining is not in the best shape. Therefore miners are not an exception as it’s getting harder to stay profitable. Plus, PoW mining isn’t friendly for mass adoption and requires huge network consumption. Another important fact is that you do not have to be a trading guru to start gaining additional income. These are just a few reasons why more buzz have been around the Proof-of-Stake (PoS) and Masternodes (MN). We have to admit that they are eye-catching nowadays, and considered as the future of cryptocurrency.
Now you might be asking yourself “What is the Masternode?” Let’s get down to business!
Well, in a nutshell, masternode is a server on a decentralized network. Some blockchain protocols provide for the creation of particular nodes that perform additional work on the verification of transactions and bring their owners regular profits. Such nodes are called masternodes. They regularly get rewards for completing such actions. Builds a curiosity? Move on!
Why Do You Need to Launch a XinFin Masternode Now, Until it’s Not Too Late? XinFin Masternode is a good option for passive income, and there are several reasons why it might be the right time to start running a XinFin masternode or a few at once.
First of all, XinFin masternodes are not so famous for now. However, this is likely to change soon. The same applies to rewards, which will decrease every year. Secondly, the XinFin XDC coin is cheaper, which means that the entry threshold at the moment is much lower than before. It won’t cost you a fortune. Finally, it’s better to hold and get rewards than merely hope for prices to go up.
Although according to the CoinGecko 2018 report the numbers of both masternodes and masternode coins increased significantly during the past year, there is still a substantial drop in overall value. The total market cap for masternodes coins dropped from over $12 billion in January 2018 to just over $500 million by 2018’s end — a double-digit drop quarter-on-quarter. Nevertheless, it’s just the beginning of the XinFin. Remember, the early bird gets the worm!
What is the Average XinFin Masternode ROI? Take in mind, that ROI is a relative term in the context of cryptocurrency space. We got used to the practice that ROI in crypto space is a bit another term, unlike the traditional markets where XinFin ROI measures per year around 10%+ as per the past few months’ data.
How to Setup Masternode: It’s very easy to setup XinFin Masternode compare to setting us crypto mining facility for Bitcoin and ethereum.
XinFin vs bitcoin mining: XinFin Masternode needs the lowest hardware configuration to run masternode while bitcoin needs the high configuration of hardware to run bitcoin mining and this also results in high depreciation every month with high risk. While XinFin Masternode runs with a tiny VPS hosting plan with the lowest cost of operation.
Before the launch of XinFin main-net i used to do bitcoin and ethereum mining And now shifted to XinFin network after the launch of main-net
Disclaimer: Digital asset investment, Mining comes with high risk. This article is not for the purpose of investment, tax or legal advice. The author is not responsible for any review of the assets. Please consult with your financial advisor before Crypto Investment or starting mining facilities
Useful link for XinFin Masternode Here is a link on How to setup masternode.
IndSoft System partnership with XinFin for hosting masternode: Click here to know more about partnership.
Guide to setup node with one click installer
For any instant support join XinFin Telegram Group.
submitted by dojogang to u/dojogang [link] [comments]

TkeyNet: release date, a brief analysis of the system, future plans

TkeyNet: release date, a brief analysis of the system, future plans

https://preview.redd.it/ayym7cl9c1b51.png?width=700&format=png&auto=webp&s=367792bdc6acdcc670345cf1d6e12865d681b21b
During the development of the project, we published 3 documents about the technology that we are developing and preparing for the market. Some decisions were changed, but the main idea and goal remained the same — effective financial management.
Since the ICO boom, several years have passed, blockchain and cryptocurrencies have become synonymous and are perceived only as a means of earning money and the obvious advantages of using the technology itself in combination with others are of little interest to anyone. A user, business representatives, or some government officials associate the word “blockchain” directly with cryptocurrency or Bitcoin, without thinking about using systems built on a distributed registry in the current reality.
As we mentioned above, during the development of the project, several documents were published in which we announced our technology and clearly said that we are mixing modern concepts and approaching the market from an economic and scientific point of view, borrowing the best from Bitcoin, Ethereum, DASH, and other alternative currencies.
It is important to note that the concept of Bitcoin or Monero will be different from the concept of TkeyNet. These are other areas and practical application that some market participants may perceive as similar, but this is far from the case.
“When you innovate, you must be prepared for a prolonged lack of understanding of your actions on the part of your environment. You can do something you believe in, but for a long time, people who only wish you well may criticize your endeavors. When faced with such criticism, ask yourself — Are they right? And if you answer this question positively, accept the criticism and adjust your work accordingly. If the answer is negative, if you are firmly convinced of your rightness, you should prepare for a long defense, defending your positions. This approach is a key component of innovation.” ©
The idea of Bitcoin is beautiful, even if it has not yet been accepted by society as planned, but at least the idea of using Bitcoin as a means of accumulating value and storing savings has a place to be. Bitcoin actively strives for a high price mark and dominates the market by more than 50%, and this is a great result. Bitcoin set the necessary vector for many developers around the world, people were able to review the systems used and make their own decisions based on the Bitcoin core, for example, DASH or Ethereum, and users, in turn, learned about such a phenomenon as cryptocurrency.
In General, what was this introduction for? That TKEY should be considered as a universal asset, without defining it as a cryptocurrency. The question may immediately arise, why is this so? It doesn’t have explicit currency properties? Bitcoin also does not have the properties of cash but is called a cryptocurrency, and the types of applications of the peer-to-peer payment system Bitcoin and TkeyNet can differ significantly from each other.
https://preview.redd.it/3qfe582cc1b51.png?width=700&format=png&auto=webp&s=406f3c93314c473f9b9c9512e543fa33c6211067
The purpose of this publication is to tell you about the new features of TkeyNet, when the official transition to the new Protocol will take place, and why TKEY is a universal asset that simply needs liquidity? In General, we will talk about the clear advantages of switching to new technologies that we have been striving for so long and about your benefits of using them accordingly.

What is TkeyNet, and what are its advantages?

TkeyNet is an infrastructure that combines various solutions for users, businesses, and the public sector. Secure corporate networks, payment processors, liquidity, cross-border payments, trading tools, information security, instant exchanges, investment tools. One platform — millions of opportunities.
https://preview.redd.it/bwewihsdc1b51.png?width=700&format=png&auto=webp&s=4bfc1343b46a1eb51f0b972cac509cc1893f3fa4
When creating TkeyNet, we immediately turned to e-cash protocols, concepts of electronic currencies, considered the movements of Bank international transfers, and also drew attention to the obvious complexity of these systems. Therefore, to build a high-quality architecture of TkeyNet, the team took as a basis — blockchain technology, cryptography, payment and banking system, electronic cash protocols, exchanges, stock markets, DHT, and other p2p networks.
Now more than ever, businesses, users, and most financial market participants need reliable and modern systems that will meet the needs of the market.
For example, a user wants to quickly send funds to another user, and they do not want to think about how the blockchain works and who the “miners” are and what they do for the network. Any of us want to open the app and click a few buttons on the screen to pay for a particular service or send money to relatives abroad and the most importantly, know that the funds will reach you quickly and with a minimum Commission. Or let’s say you came to India, you have some funds in Bitcoin, but you would like to pay for your purchases in the local currency — the Indian rupee without extra conversions.
You are the owner of a payment system or Bank, and you want to receive % for conversion transactions, or banks want to create their consortium for cross-border payments. Either you are an entrepreneur and plan to open an exchange or trading platform for trading various assets, not necessarily digital, but, for example, gold and diamonds, or you are a young and purposeful startup team and want to quickly launch your Digital Bank, or you do not want to do business, and you have several million euros or dollars, you want to get % of their use.
https://preview.redd.it/hkv2xcpfc1b51.png?width=626&format=png&auto=webp&s=4ae497765a2d02b66046d5a112eb0dd4f1eeb0bc
TkeyNet makes these features available to all participants.
As we can see with you, there are quite a lot of use cases, and it may seem that TKEY is again torn into 100500 different directions, but this is far from the case. Here, a specific and clear direction is Finance and its movement.

How TkeyNet works

Remember, we said that — “to develop the platform on a global level, it is necessary to reach a consensus between government regulation, business, and society. We understand that it is impossible to achieve 100% of this, but it is possible to create favorable conditions favorable to all parties.”
How will the system work? All participants are connected to the system using TkeyNet technology that allows the financial gateway to control their transactions with increased speed, transparency, and efficiency. Independent verification servers constantly compare their transaction records. To hack the system, you will need to get access to all the devices that are logged in.
https://preview.redd.it/ltwgjrhhc1b51.png?width=700&format=png&auto=webp&s=413d03504eafa2b496cf99d837b6a2a1c9ba6818
TkeyNet solutions offer a cryptographically secure, end-to-end payment flow with the immutability of transactions and redundancy of information contained in them. It is developed to meet each financial gateway’s risk, privacy, and compliance requirements. Since the software is developed to be easily integrated into the existing financial infrastructure, it minimizes any integration costs and failures, and also meets international standards (ISO, etc.).

TkeyNet can be a neutral utility for financial institutions and systems

A gateway is an organization that allows users to invest money and take money out of a pool of liquidity. The gateway accepts currency deposits from users and issues balances to the TkeyNet blockchain.
TkeyNet Protocol provides a single source of truth for counterparties while maintaining the confidentiality of payment data of Bank clients.
TKEY is a universal bill (digital obligation) in the distributed registry TkeyNet.
Gateways install specialized software for interacting with the distributed registry and other system participants. Users, brokers, and other participants interact with the system via mobile or web interfaces. Gateways act as a link between the distributed registry, brokers, users, and other services that allow you to make quick transactions.
https://preview.redd.it/igdiw4tjc1b51.png?width=700&format=png&auto=webp&s=3a25f8f6b74a0cebf2450d05a7bf7c675547e624
The participants of the system make payments between themselves by using cryptographically signed transactions denominated in digital obligation. This type of transaction uses an internal registry.
In the case of working with Fiat currency and other assets, such as securities and precious metals, the registry records the amounts owed with assets presented as debt obligations. All accounts and transactions are cryptographically secure and verified algorithmically. Payments can only be authorized by the account holder, and all payments are processed automatically, without any third parties or intermediaries. The TkeyNet Protocol checks balances and accounts inside the system for transferring payments and sends payment notifications with minimal delay, which ensures fast calculations in the system.
For more specialized solutions can be created by the Central gateways and the gateways just. A Central gateway is an organization that allows users to invest money and take money out of the liquidity pool. Gateway is an organization that interacts with the Central gateway. Accepts and exchanges digital liabilities for other assets, such as securities.
TkeyNet globally reduces the number of different expenses and automates operational tasks, simplifies and reduces the cost of conducting monetary transactions, and improves traditional financial services.
We understand that it is not easy to tell all the principles of the TkeyNet system in a single publication, especially one that deals with neither one nor two issues. Therefore, you should consider this material as a basis, a base that will help you learn the information that is related to the TkeyNet Protocol most easily after the release of TkeyNet.
Moving a little away from corporate solutions, we suggest you recall some theses from our roadmap, which was published on the official website in the period from September 2018 to November 2019:
“The introduction of the exchanger in web wallets and the app will allow users to send money in one currency, and the recipient will receive it in another currency. For example, a user can buy Tkeycoin for dollars and exchange it for euros or Bitcoin or Ethereum at the current exchange rate.This functionality provides full control of funds through a single trusted and most secure source. Users no longer need to create multiple accounts on third-party resources to make an exchange into a particular currency.With the development of the network, it is possible to implement a multi-exchange that works on the principle of a payment bridge, when the user sends funds to Tkeycoin, and the recipient chooses the receiving currency, let’s say Litecoin, the funds are automatically converted” ©
https://preview.redd.it/htf048hmc1b51.png?width=700&format=png&auto=webp&s=9be3fe4895b5bece5c7c0d72548d4724e46556a7
We wrote above that TKEY can in principle be used as a universal asset, acting as a digital obligation or an asset as an exchange. By the way, references to this were also published on the official website — tkeycoin.com. In simple words, using one of our web interfaces, you can access TKEYRUB or TKEYUSD or any other asset, such as TKEYGOLD.
TKEYUSD, TKEYRUB, and TKEYGOLD are symbols and can be called differently in the system, for example, TKUSD or GOLDTKEY, so now they should be considered as an example.

Why is TKEY a universal asset?

As before, you can easily and quickly send TKEY to any member of the network and TKEY will have liquidity on the exchange also, TKEY allows you to fast exchange for euros, dollars, or other currencies.
https://i.redd.it/qapkdnvoc1b51.gif
For the interface, the applications will display functions of digital assets 1:1 to a particular currency, for example, TKEY to RUB, TKey to EUR, or TKEY to Dirhams or TKEY to the pound and vice versa, respectively.
https://preview.redd.it/0ipx86fqc1b51.png?width=700&format=png&auto=webp&s=a406e9c0f181a5d0b1ecde347511954ba61bf433
Therefore, as we said above, TKEY should not be regarded as a cryptocurrency, it is a universal unit inside the system TkeyNet, which may refer to transaction information as exchanges of obligations between banks and transaction TKEY -> TKEY between users, or to carry information about the exchange on the exchange or the exchange of digital assets or gold variations quite a lot, for most of the functions we describe in the release day TkeyNet.

What are the advantages for companies and developers?

First of all, we strive to open the doors for all platform participants. Only through synergy and cooperation can we accelerate the pace of development of the entire system and the introduction of new technologies in the market.
The platform will open doors for developers, who in turn can create technological solutions based on TkeyNet. A working environment will be created, and integration with the TkeyNet platform will be as easy as with the documented SDK or plug-ins. In the course of development, API documentation and ready-made SDKs for developers will be published.
https://i.redd.it/31x1k7gsc1b51.gif
This will make it easy to use and implement TkeyNet technology in various types of applications, for example, you want to create fast exchanges, we provide you with a framework, back-end, and API, and you create a front-end and launch your service, get your Commission, and are an independent project in the market. An important point is that integration into the existing infrastructure takes place while maintaining the decentralization of the TkeyNet system so that all its internal and external operations remain confidential and verified at the same time.

What are the advantages for users?

This means getting a universal tool for working with financial markets and easily converting an asset into any other asset: euro, dollars, or gold.

https://preview.redd.it/ol4964huc1b51.png?width=626&format=png&auto=webp&s=7fedfc9009201cb8c392be3f214f285d003c0d95
Also, TKEY owners should clearly understand that the more the system develops and there are more participants, namely the corporate segment, projects, and partners, the company will be more stable and thus the project assets will grow stronger.
The popularity of the platform and trust in it directly affects the price of assets, these are the key points of growth signs, the wider and more influential the spread of the company in various areas, the higher its performance in the market.

When will the long-awaited transition to TkeyNet take place?

What changes will be made to the products?

As you understand, everything will change, and this is for the better. At a minimum, products will become faster, lighter, safer, and more versatile.
Changes and new releases will be released as soon as they are ready. In TkeySpace, the TKEY libraries will be rewritten under TkeyNet. A web version of the wallet will appear, and eventually, an application with an exchange interface will be released for quick trading and exchange of various assets, not limited to digital ones. The Tkey Messenger will be adapted for TkeyNet and will be released for previously announced platforms: iOS, Android, Linux, macOS, Windows immediately with the ability to translate directly in the messenger. We will tell you about the messenger architecture on the release day.
All changes and releases will be published and announced after the release of TkeyNet.

What is radically new in TkeyNet?

There will be funds, the Protocol will become much more universal, as well as the TKEY itself. The Protocol will also exclude the possibility of attacks that could have been in Core 1.0, also, the principles of the platform will change. We will publish all technical specifications on the day of release.

Timeline for switching to TkeyNet

The transition to TkeyNet will not take place until August 2020. We will release news and instructions for switching to TkeyNet, so we recommend that you subscribe to the newsletter immediately: https://tkeycoin.com/en/newslette.

Listing on crypto exchanges

The liquidity of the TKEY asset is urgently needed for the development of the entire TkeyNet system, so the company will provide trading platforms for TKey trading and exchange.

Conclusion

The introduction of technologies using digital currencies will create the fastest transition of users and the corporate market to a new level.
FinTech direction makes it possible to manage finances in the most efficient and secure way, without violating the law. This system simplifies, reduces the cost of conducting monetary transactions, and actually improves traditional financial services.
The solution is interesting to everyone who works with money and is used to getting maximum efficiency from it: business, investors, traders, users of banking solutions, the corporate segment, etc. When using the system, large businesses get solutions for interacting with customers online, without using specialized points.
We, in turn, are open to various offers and cooperation on flexible terms. If you have any suggestions or interesting concepts, please contact us at [[email protected]](mailto:[email protected]).
submitted by tkeycoin to Tkeycoin_Official [link] [comments]

DFINITY Research Report

DFINITY Research Report
Author: Gamals Ahmed, CoinEx Business Ambassador
ABSTRACT
The DFINITY blockchain computer provides a secure, performant and flexible consensus mechanism. At its core, DFINITY contains a decentralized randomness beacon, which acts as a verifiable random function (VRF) that produces a stream of outputs over time. The novel technique behind the beacon relies on the existence of a unique-deterministic, non-interactive, DKG-friendly threshold signatures scheme. The only known examples of such a scheme are pairing-based and derived from BLS.
The DFINITY blockchain is layered on top of the DFINITY beacon and uses the beacon as its source of randomness for leader selection and leader ranking. A “weight” is attributed to a chain based on the ranks of the leaders who propose the blocks in the chain, and that weight is used to select between competing chains. The DFINITY blockchain is layered on top of the DFINITY beacon and uses the beacon as its source of randomness for leader selection and leader ranking blockchain is further hardened by a notarization process which dramatically improves the time to finality and eliminates the nothing-at-stake and selfish mining attacks.
DFINITY consensus algorithm is made to scale through continuous quorum selections driven by the random beacon. In practice, DFINITY achieves block times of a few seconds and transaction finality after only two confirmations. The system gracefully handles temporary losses of network synchrony including network splits, while it is provably secure under synchrony.

1.INTRODUCTION

DFINITY is building a new kind of public decentralized cloud computing resource. The company’s platform uses blockchain technology which is aimed at building a new kind of public decentralized cloud computing resource with unlimited capacity, performance and algorithmic governance shared by the world, with the capability to power autonomous self-updating software systems, enabling organizations to design and deploy custom-tailored cloud computing projects, thereby reducing enterprise IT system costs by 90%.
DFINITY aims to explore new territory and prove that the blockchain opportunity is far broader and deeper than anyone has hitherto realized, unlocking the opportunity with powerful new crypto.
Although a standalone project, DFINITY is not maximalist minded and is a great supporter of Ethereum.
The DFINITY blockchain computer provides a secure, performant and flexible consensus mechanism. At its core, DFINITY contains a decentralized randomness beacon, which acts as a verifiable random function (VRF) that produces a stream of outputs over time. The novel technique behind the beacon relies on the existence of a unique-deterministic, non-interactive, DKG-friendly threshold signatures scheme. The only known examples of such a scheme are pairing-based and derived from BLS.
DFINITY’s consensus mechanism has four layers: notary (provides fast finality guarantees to clients and external observers), blockchain (builds a blockchain from validated transactions via the Probabilistic Slot Protocol driven by the random beacon), random beacon (provides the source of randomness for all higher layers like smart contract applications), and identity (provides a registry of all clients).
DFINITY’s consensus mechanism has four layers

Figure1: DFINITY’s consensus mechanism layers
1. Identity layer:
Active participants in the DFINITY Network are called clients. Where clients are registered with permanent identities under a pseudonym. Moreover, DFINITY supports open membership by providing a protocol for registering new clients by depositing a stake with an insurance period. This is the responsibility of the first layer.
2. Random Beacon layer:
Provides the source of randomness (VRF) for all higher layers including ap- plications (smart contracts). The random beacon in the second layer is an unbiasable, verifiable random function (VRF) that is produced jointly by registered clients. Each random output of the VRF is unpredictable by anyone until just before it becomes avail- able to everyone. This is a key technology of the DFINITY system, which relies on a threshold signature scheme with the properties of uniqueness and non-interactivity.

https://preview.redd.it/hkcf53ic05e51.jpg?width=441&format=pjpg&auto=webp&s=44d45c9602ee630705ce92902b8a8379201d8111
3. Blockchain layer:
The third layer deploys the “probabilistic slot protocol” (PSP). This protocol ranks the clients for each height of the chain, in an order that is derived determin- istically from the unbiased output of the random beacon for that height. A weight is then assigned to block proposals based on the proposer’s rank such that blocks from clients at the top of the list receive a higher weight. Forks are resolved by giving favor to the “heaviest” chain in terms of accumulated block weight — quite sim- ilar to how traditional proof-of-work consensus is based on the highest accumulated amount of work.
The first advantage of the PSP protocol is that the ranking is available instantaneously, which allows for a predictable, constant block time. The second advantage is that there is always a single highest-ranked client, which allows for a homogenous network bandwidth utilization. Instead, a race between clients would favor a usage in bursts.
4. Notarization layer:
Provides fast finality guarantees to clients and external observers. DFINITY deploys the novel technique of block notarization in its fourth layer to speed up finality. A notarization is a threshold signature under a block created jointly by registered clients. Only notarized blocks can be included in a chain. Of all RSA-based alternatives exist but suffer from an impracticality of setting up the thresh- old keys without a trusted dealer.
DFINITY achieves its high speed and short block times exactly because notarization is not full consensus.
DFINITY does not suffer from selfish mining attack or a problem nothing at stake because the authentication step is impossible for the opponent to build and maintain a series of linked and trusted blocks in secret.
DFINITY’s consensus is designed to operate on a network of millions of clients. To en- able scalability to this extent, the random beacon and notarization protocols are designed such as that they can be safely and efficiently delegated to a committee

1.1 OVERVIEW ABOUT DFINITY

DFINITY is a blockchain-based cloud-computing project that aims to develop an open, public network, referred to as the “internet computer,” to host the next generation of software and data. and it is a decentralized and non-proprietary network to run the next generation of mega-applications. It dubbed this public network “Cloud 3.0”.
DFINITY is a third generation virtual blockchain network that sets out to function as an “intelligent decentralised cloud,”¹ strongly focused on delivering a viable corporate cloud solution. The DFINITY project is overseen, supported and promoted by DFINITY Stiftung a not-for-profit foundation based in Zug, Switzerland.
DFINITY is a decentralized network design whose protocols generate a reliable “virtual blockchain computer” running on top of a peer-to-peer network upon which software can be installed and can operate in the tamperproof mode of smart contracts.
DFINITY introduces algorithmic governance in the form of a “Blockchain Nervous System” that can protect users from attacks and help restart broken systems, dynamically optimize network security and efficiency, upgrade the protocol and mitigate misuse of the platform, for example by those wishing to run illegal or immoral systems.
DFINITY is an Ethereum-compatible smart contract platform that is implementing some revolutionary ideas to address blockchain performance, scaling, and governance. Whereas
DFINITY could pose a credible threat to Ethereum’s extinction, the project is pursuing a coevolutionary strategy by contributing funding and effort to Ethereum projects and freely offering their technology to Ethereum for adoption. DFINITY has labeled itself Ethereum’s “crazy sister” to express it’s close genetic resemblance to Ethereum, differentiated by its obsession with performance and neuron-inspired governance model.
Dfinity raised $61 million from Andreesen Horowitz and Polychain Capital in a February 2018 funding round. At the time, Dfinity said it wanted to create an “internet computer” to cut the costs of running cloud-based business applications. A further $102 million funding round in August 2018 brought the project’s total funding to $195 million.
In May 2018, Dfinity announced plans to distribute around $35 million worth of Dfinity tokens in an airdrop. It was part of the company’s plan to create a “Cloud 3.0.” Because of regulatory concerns, none of the tokens went to US residents.
DFINITY be broadening and strengthening the EVM ecosystem by giving applications a choice of platforms with different characteristics. However, if DFINITY succeeds in delivering a fully EVM-compatible smart contract platform with higher transaction throughput, faster confirmation times, and governance mechanisms that can resolve public disputes without causing community splits, then it will represent a clearly superior choice for deploying new applications and, as its network effects grow, an attractive place to bring existing ones. Of course the challenge for DFINITY will be to deliver on these promises while meeting the security demands of a public chain with significant value at risk.

1.1.1 DFINITY FUTURE

  • DFINITY aims to explore new blockchain territory related to the original goals of the Ethereum project and is sometimes considered “Ethereum’s crazy sister.”
  • DFINITY is developing blockchain-based infrastructure to support a new style of the internet (akin to Ethereum’s “World Computer”), one in which the internet itself will support software applications and data rather than various cloud hosting providers.
  • The project suggests this reinvented software platform can simplify the development of new software systems, reduce the human capital needed to maintain and secure data, and preserve user data privacy.
  • Dfinity aims to reduce the costs of cloud services by creating a decentralized “internet computer” which may launch in 2020
  • Dfinity claims transactions on its network are finalized in 3–5 seconds, compared to 1 hour for Bitcoin and 10 minutes for Ethereum.

1.1.2 DFINITY’S VISION

DFINITY’s vision is its new internet infrastructure can support a wide variety of end-user and enterprise applications. Social media, messaging, search, storage, and peer-to-peer Internet interactions are all examples of functionalities that DFINITY plans to host atop its public Web 3.0 cloud-like computing resource. In order to provide the transaction and data capacity necessary to support this ambitious vision, DFINITY features a unique consensus model (dubbed Threshold Relay) and algorithmic governance via its Blockchain Nervous System (BNS) — sometimes also referred to as the Network Nervous System or NNS.

1.2 DFINITY COMMUNITY

The DFINITY community brings people and organizations together to learn and collaborate on products that help steward the next-generation of internet software and services. The Internet Computer allows developers to take on the monopolization of the internet, and return the internet back to its free and open roots. We’re committed to connecting those who believe the same through our events, content, and discussions.

https://preview.redd.it/0zv64fzf05e51.png?width=637&format=png&auto=webp&s=e2b17365fae3c679a32431062d8e3c00a57673cf

1.3 DFINITY ROADMAP (TIMELINE) February 15, 2017

February 15, 2017
Ethereum based community seed round raises 4M Swiss francs (CHF)
The DFINITY Stiftung, a not-for-profit foundation entity based in Zug, Switzerland, raised the round. The foundation held $10M of assets as of April 2017.
February 8, 2018
Dfinity announces a $61M fundraising round led by Polychain Capital and Andreessen Horowitz
The round $61M round led by Polychain Capital and Andreessen Horowitz, along with an DFINITY Ecosystem Venture Fund which will be used to support projects developing on the DFINITY platform, and an Ethereum based raise in 2017 brings the total funding for the project over $100 million. This is the first cryptocurrency token that Andressen Horowitz has invested in, led by Chris Dixon.
August 2018
Dfinity raises a $102,000,000 venture round from Multicoin Capital, Village Global, Aspect Ventures, Andreessen Horowitz, Polychain Capital, Scalar Capital, Amino Capital and SV Angel.
January 23, 2020
Dfinity launches an open source platform aimed at the social networking giants

2.DFINITY TECHNOLOGY

Dfinity is building what it calls the internet computer, a decentralized technology spread across a network of independent data centers that allows software to run anywhere on the internet rather than in server farms that are increasingly controlled by large firms, such as Amazon Web Services or Google Cloud. This week Dfinity is releasing its software to third-party developers, who it hopes will start making the internet computer’s killer apps. It is planning a public release later this year.
At its core, the DFINITY consensus mechanism is a variation of the Proof of Stake (PoS) model, but offers an alternative to traditional Proof of Work (PoW) and delegated PoS (dPoS) networks. Threshold Relay intends to strike a balance between inefficiencies of decentralized PoW blockchains (generally characterized by slow block times) and the less robust game theory involved in vote delegation (as seen in dPoS blockchains). In DFINITY, a committee of “miners” is randomly selected to add a new block to the chain. An individual miner’s probability of being elected to the committee proposing and computing the next block (or blocks) is proportional to the number of dfinities the miner has staked on the network. Further, a “weight” is attributed to a DFINITY chain based on the ranks of the miners who propose blocks in the chain, and that weight is used to choose between competing chains (i.e. resolve chain forks).
A decentralized random beacon manages the random selection process of temporary block producers. This beacon is a Variable Random Function (VRF), which is a pseudo-random function that provides publicly verifiable proofs of its outputs’ correctness. A core component of the random beacon is the use of Boneh-Lynn-Shacham (BLS) signatures. By leveraging the BLS signature scheme, the DFINITY protocol ensures no actor in the network can determine the outcome of the next random assignment.
Dfinity is introducing a new standard, which it calls the internet computer protocol (ICP). These new rules let developers move software around the internet as well as data. All software needs computers to run on, but with ICP the computers could be anywhere. Instead of running on a dedicated server in Google Cloud, for example, the software would have no fixed physical address, moving between servers owned by independent data centers around the world. “Conceptually, it’s kind of running everywhere,” says Dfinity engineering manager Stanley Jones.
DFINITY also features a native programming language, called ActorScript (name may be subject to change), and a virtual machine for smart contract creation and execution. The new smart contract language is intended to simplify the management of application state for programmers via an orthogonal persistence environment (which means active programs are
not required to retrieve or save their state). All ActorScript contracts are eventually compiled down to WebAssembly instructions so the DFINITY virtual machine layer can execute the logic of applications running on the network. The advantage of using the WebAssembly standard is that all major browsers support it and a variety of programming languages can compile down to Wasm (not just ActorScript).
Dfinity is moving fast. Recently, Dfinity showed off a TikTok clone called CanCan. In January it demoed a LinkedIn-alike called LinkedUp. Neither app is being made public, but they make a convincing case that apps made for the internet computer can rival the real things.

2.1 DFINITY CORE APPLICATIONS

The DFINITY cloud has two core applications:
  1. Enabling the re-engineering of business: DFINITY ambitiously aims to facilitate the re-engineering of mass-market services (such as Web Search, Ridesharing Services, Messaging Services, Social Media, Supply Chain, etc) into open source businesses that leverage autonomous software and decentralised governance systems to operate and update themselves more efficiently.
  2. Enable the re-engineering of enterprise IT systems to reduce costs: DFINITY seeks to re-engineer enterprise IT systems to take advantage of the unique properties that blockchain computer networks provide.
At present, computation on blockchain-based computer networks is far more expensive than traditional, centralised solutions (Amazon Web Services, Microsoft Azure, Google Cloud Platform, etc). Despite increasing computational cost, DFINITY intends to lower net costs “by 90% or more” through reducing the human capital cost associated with sustaining and supporting these services.
Whilst conceptually similar to Ethereum, DFINITY employs original and new cryptography methods and protocols (crypto:3) at the network level, in concert with AI and network-fuelled systemic governance (Blockchain Nervous System — BNS) to facilitate Corporate adoption.
DFINITY recognises that different users value different properties and sees itself as more of a fully compatible extension of the Ethereum ecosystem rather than a competitor of the Ethereum network.
In the future, DFINITY hopes that much of their “new crypto might be used within the Ethereum network and are also working hard on shared technology components.”
As the DFINITY project develops over time, the DFINITY Stiftung foundation intends to steadily increase the BNS’ decision-making responsibilities over time, eventually resulting in the dissolution of its own involvement entirely, once the BNS is sufficiently sophisticated.
DFINITY consensus mechanism is a heavily optimized proof of stake (PoS) model. It places a strong emphasis on transaction finality through implementing a Threshold Relay technique in conjunction with the BLS signature scheme and a notarization method to address many of the problems associated with PoS consensus.

2.2 THRESHOLD RELAY

As a public cloud computing resource, DFINITY targets business applications by substantially reducing cloud computing costs for IT systems. They aim to achieve this with a highly scalable and powerful network with potentially unlimited capacity. The DFINITY platform is chalk full of innovative designs and features like their Blockchain Nervous System (BNS) for algorithmic governance.
One of the primary components of the platform is its novel Threshold Relay Consensus model from which randomness is produced, driving the other systems that the network depends on to operate effectively. The consensus system was first designed for a permissioned participation model but can be paired with any method of Sybil resistance for an open participation model.
“The Threshold Relay is the mechanism by which Dfinity randomly samples replicas into groups, sets the groups (committees) up for threshold operation, chooses the current committee, and relays from one committee to the next is called the threshold relay.”
Threshold Relay consists of four layers (As mentioned previously):
  1. Notary layer, which provides fast finality guarantees to clients and external observers and eliminates nothing-at-stake and selfish mining attacks, providing Sybil attack resistance.
  2. Blockchain layer that builds a blockchain from validated transactions via the Probabilistic Slot Protocol driven by the random beacon.
  3. Random beacon, which as previously covered, provides the source of randomness for all higher layers like the blockchain layer smart contract applications.
  4. Identity layer that provides a registry of all clients.

2.2.1 HOW DOES THRESHOLD RELAY WORK?

Threshold Relay produces an endogenous random beacon, and each new value defines random group(s) of clients that may independently try and form into a “threshold group”. The composition of each group is entirely random such that they can intersect and clients can be presented in multiple groups. In DFINITY, each group is comprised of 400 members. When a group is defined, the members attempt to set up a BLS threshold signature system using a distributed key generation protocol. If they are successful within some fixed number of blocks, they then register the public key (“identity”) created for their group on the global blockchain using a special transaction, such that it will become part of the set of active groups in a following “epoch”. The network begins at “genesis” with some number of predefined groups, one of which is nominated to create a signature on some default value. Such signatures are random values — if they were not then the group’s signatures on messages would be predictable and the threshold signature system insecure — and each random value produced thus is used to select a random successor group. This next group then signs the previous random value to produce a new random value and select another group, relaying between groups ad infinitum and producing a sequence of random values.
In a cryptographic threshold signature system a group can produce a signature on a message upon the cooperation of some minimum threshold of its members, which is set to 51% in the DFINITY network. To produce the threshold signature, group members sign the message
individually (here the preceding group’s threshold signature) creating individual “signature shares” that are then broadcast to other group members. The group threshold signature can be constructed upon combination of a sufficient threshold of signature shares. So for example, if the group size is 400, if the threshold is set at 201 any client that collects that many shares will be able to construct the group’s signature on the message. Other group members can validate each signature share, and any client using the group’s public key can validate the single group threshold signature produced by combining them. The magic of the BLS scheme is that it is “unique and deterministic” meaning that from whatever subset of group members the required number of signature shares are collected, the single threshold signature created is always the same and only a single correct value is possible.
Consequently, the sequence of random values produced is entirely deterministic and unmanipulable, and signatures generated by relaying between groups produces a Verifiable Random Function, or VRF. Although the sequence of random values is pre-determined given some set of participating groups, each new random value can only be produced upon the minimal agreement of a threshold of the current group. Conversely, in order for relaying to stall because a random number was not produced, the number of correct processes must be below the threshold. Thresholds are configured so that this is extremely unlikely. For example, if the group size is set to 400, and the threshold is 201, 200 or more of the processes must become faulty to prevent production. If there are 10,000 processes in the network, of which 3,000 are faulty, the probability this will occur is less than 10e-17.

2.3 DFINITY TOKEN

The DFINITY blockchain also supports a native token, called dfinities (DFN), which perform multiple roles within the network, including:
  1. Fuel for deploying and running smart contracts.
  2. Security deposits (i.e. staking) that enable participation in the BNS governance system.
  3. Security deposits that allow client software or private DFINITY cloud networks to connect to the public network.
Although dfinities will end up being assigned a value by the market, the DFINITY team does not intend for DFN to act as a currency. Instead, the project has envisioned PHI, a “next-generation” crypto-fiat scheme, to act as a stable medium of exchange within the DFINITY ecosystem.
Neuron operators can earn Dfinities by participating in network-wide votes, which could be concerning protocol upgrades, a new economic policy, etc. DFN rewards for participating in the governance system are proportional to the number of tokens staked inside a neuron.

2.4 SCALABILITY

DFINITY is constantly developing with a structure that separates consensus, validation, and storage into separate layers. The storage layer is divided into multiple strings, each of which is responsible for processing transactions that occur in the fragment state. The verification layer is responsible for combining hashes of all fragments in a Merkle-like structure that results in a global state fractionation that is stored in blocks in the top-level chain.

2.5 DFINITY CONSENSUS ALGORITHM

The single most important aspect of the user experience is certainly the time required before a transaction becomes final. This is not solved by a short block time alone — Dfinity’s team also had to reduce the number of confirmations required to a small constant. DFINITY moreover had to provide a provably secure proof-of-stake algorithm that scales to millions of active participants without compromising any bit on decentralization.
Dfinity soon realized that the key to scalability lay in having an unmanipulable source of randomness available. Hence they built a scalable decentralized random beacon, based on what they call the Threshold Relay technique, right into the foundation of the protocol. This strong foundation drives a scalable and fast consensus layer: On top of the beacon runs a blockchain which utilizes notarization by threshold groups to achieve near-instant finality. Details can be found in the overview paper that we are releasing today.
The roots of the DFINITY consensus mechanism date back to 2014 when thair Chief Scientist, Dominic Williams, started to look for more efficient ways to drive large consensus networks. Since then, much research has gone into the protocol and it took several iterations to reach its current design.
For any practical consensus system the difficulty lies in navigating the tight terrain that one is given between the boundaries imposed by theoretical impossibility-results and practical performance limitations.
The first key milestone was the novel Threshold Relay technique for decentralized, deterministic randomness, which is made possible by certain unique characteristics of the BLS signature system. The next breakthrough was the notarization technique, which allows DFINITY consensus to solve the traditional problems that come with proof-of-stake systems. Getting the security proofs sound was the final step before publication.
DFINITY consensus has made the proper trade-offs between the practical side (realistic threat models and security assumptions) and the theoretical side (provable security). Out came a flexible, tunable algorithm, which we expect will establish itself as the best performing proof-of-stake algorithm. In particular, having the built-in random beacon will prove to be indispensable when building out sharding and scalable validation techniques.

2.6 LINKEDUP

The startup has rather cheekily called this “an open version of LinkedIn,” the Microsoft-owned social network for professionals. Unlike LinkedIn, LinkedUp, which runs on any browser, is not owned or controlled by a corporate entity.
LinkedUp is built on Dfinity’s so-called Internet Computer, its name for the platform it is building to distribute the next generation of software and open internet services.
The software is hosted directly on the internet on a Switzerland-based independent data center, but in the concept of the Internet Computer, it could be hosted at your house or mine. The compute power to run the application LinkedUp, in this case — is coming not from Amazon AWS, Google Cloud or Microsoft Azure, but is instead based on the distributed architecture that Dfinity is building.
Specifically, Dfinity notes that when enterprises and developers run their web apps and enterprise systems on the Internet Computer, the content is decentralized across a minimum of four or a maximum of an unlimited number of nodes in Dfinity’s global network of independent data centers.
Dfinity is an open source for LinkedUp to developers for creating other types of open internet services on the architecture it has built.
“Open Social Network for Professional Profiles” suggests that on Dfinity model one can create “Open WhatsApp”, “Open eBay”, “Open Salesforce” or “Open Facebook”.
The tools include a Canister Software Developer Kit and a simple programming language called Motoko that is optimized for Dfinity’s Internet Computer.
“The Internet Computer is conceived as an alternative to the $3.8 trillion legacy IT stack, and empowers the next generation of developers to build a new breed of tamper-proof enterprise software systems and open internet services. We are democratizing software development,” Williams said. “The Bronze release of the Internet Computer provides developers and enterprises a glimpse into the infinite possibilities of building on the Internet Computer — which also reflects the strength of the Dfinity team we have built so far.”
Dfinity says its “Internet Computer Protocol” allows for a new type of software called autonomous software, which can guarantee permanent APIs that cannot be revoked. When all these open internet services (e.g. open versions of WhatsApp, Facebook, eBay, Salesforce, etc.) are combined with other open software and services it creates “mutual network effects” where everyone benefits.
On 1 November, DFINITY has released 13 new public versions of the SDK, to our second major milestone [at WEF Davos] of demoing a decentralized web app called LinkedUp on the Internet Computer. Subsequent milestones towards the public launch of the Internet Computer will involve:
  1. On boarding a global network of independent data centers.
  2. Fully tested economic system.
  3. Fully tested Network Nervous Systems for configuration and upgrades

2.7 WHAT IS MOTOKO?

Motoko is a new software language being developed by the DFINITY Foundation, with an accompanying SDK, that is designed to help the broadest possible audience of developers create reliable and maintainable websites, enterprise systems and internet services on the Internet Computer with ease. By developing the Motoko language, the DFINITY Foundation will ensure that a language that is highly optimized for the new environment is available. However, the Internet Computer can support any number of different software frameworks, and the DFINITY Foundation is also working on SDKs that support the Rust and C languages. Eventually, it is expected there will be many different SDKs that target the Internet Computer.
Full article
submitted by CoinEx_Institution to u/CoinEx_Institution [link] [comments]

How to install a litecoin miner on a VPS - YouTube How to Hack bitcoin server mining app - YouTube Cryptocurrency Mining with SERVER Power Suppiles - YouTube DIY Bitcoin Mining: Hardware (part1) - YouTube Bitcoin Mega Miner 3 0 Public Version Demo - YouTube

For this part of the Bitcoin mining guide we will use the current top miner on the market the Bitmain AntMiner S9. Bitcoin mining has gotten so high powered with the race to be the winner to solve a block that it has evolved into pooled mining where a group of miners want to have as much hash power as possible to get a share of the Bitcoin ... Download Bitcoin Server Mining PC for free at BrowserCam. Loomoon published the Bitcoin Server Mining App for Android operating system mobile devices, but it is possible to download and install Bitcoin Server Mining for PC or Computer with operating systems such as Windows 7, 8, 8.1, 10 and Mac. The server miner has no accountability or website. Its possibly a simulator as stipulated in the app description.i think adverts pay him. A credible app doesnt need adverts for such a lucrative use. U cant even buy the app to remove ads. Your account doesnt even have a name. U lose your phone then what you lose a 2 year worth of mined Bitcoin ... Here you can find the changelog of Bitcoin Server Mining since it was posted on our website on 2019-06-20 21:26:39. The latest version is 3.1.243 and it was updated on 2020-08-02 12:59:28. Using any computer, go to the Bitcoin Core download page and verify you have made a secure connection to the server. In the “Linux (tgz)” section of the Download page, choose the appropriate file for your Linux install (either 32-bit or 64-bit) and download the file. If necessary, move the file to the computer you want to use to run Bitcoin ...

[index] [1064] [13655] [33184] [23939] [6641] [14520] [2293] [19255] [28675] [28769]

How to install a litecoin miner on a VPS - YouTube

Do subscribe and share Hello I recommend mining in the cloud because mining bitcoins with VPS does not work anymore here is a great mining company Http://bit.ly/1rUbc3y Free dedicated server Another entry in the Crypto Mining Pool Server Vlog. Featuring re-purposed Dell Poweredge R720xd Google Search Appliances. My Rig Parts: Asrock H110 Pro BTC+... hello friends today we learn about blockchain mining /bitcoin . in this video we are reviewing a best tool to hack btc ! DISCLAIMER :we are not responsible for any crime and illegal activity ... How to install a litecoin miner on a VPS Debian OpenVZ. It won't generate lots of coins, but if we have a server that's not fully used, we can make some mone...

#