Bitcoincharts Information for exchanges

IOTA URI scheme and metadata exchange format

The QR code in the Trinity wallet contains a string of 81 characters indicating an address. Only to people familiar to IOTA, this has a meaning and even then, no one will quickly recognize the exact length of 81 characters.
Other information in QR codes contains a URI, like a web URL, mailto, contact data in VCF, etc. Any QR code scanner will directly know what to do with that information. Even Bitcoin has a URI: https://en.bitcoin.it/wiki/BIP_0021
I think that IOTA could also benefit from having a proper URI scheme, like:
iota://pay/address/
?tag=,amount=
iota://pay/use..
iota://mam/
/read
iota://mam/
/post?message=
iota://listen/

Items in stores could then be provided with tags for automatic payment or reading of a URL with information about the authenticity.
Applications in the IOTA ecosystem can then work seamlessly together, the step to introducing IOTA can be transparent for most users and services can be built on top of IOTA more easily.
The next step would then of course be an exchange format, where distributed wallets can communicate with each other, contact data that can be exchanged over the Tangle, etc.
I think the first step to this would be a clean URI scheme, but I haven't found anything and seeing that the Trinity wallet does not even include this, I doubt that this idea was considered before. I also do not think that the community can define a good scheme, as only the IF knows what's in the pipeline and are at the forefront of standardization.
Is anyone aware of efforts in this direction or reasons why this does not seem to have been done yet?
submitted by stephanahpets to Iota [link] [comments]

Admins: Implement the Onion Mirror Guidelines to remain listed on dark.fail

Admins, To reduce the impact of phishing and to ease automatic PGP verification of mirrors, dark.fail is now defining the Onion Mirror Guidelines. (“OMG”) Admins that implement this standard show a commitment to user safety by proving ownership of all URLs associated with their site, and by committing to regularly prove control of their PGP key. Sites which do not implement these guidelines by Dec 1, 2019 will be marked as "unverified" on dark.fail and listed below all other sites. DarkDotFail ========= Onion Mirror Guidelines ("OMG") Version alpha You must host these text files at all of your .onion URLs: /pgp.txt - Required - HTTP 200 text/plain - A list of all PGP public keys allowed to announce your official mirrors. - May contain multiple PGP keys. - All keys must be ASCII armored. - Do not list a key here unless it is trusted to sign official .onion URLs. - Example: http://darkfailllnkf4vf.onion/pgp.txt /mirrors.txt - Required - HTTP 200 text/plain - PGP SIGNED list of all official mirrors of your site. - Mirrors must be signed by a PGP key which is in /pgp.txt hosted at all of your URLs. - Any line in this file which begins with “http://“ or “https://“ is an official mirror of your site. - Mirrors must all host the same content. No related forums, no link lists. Place forums, other sites in /related.txt instead. - All valid mirrors must only contain a scheme and domain name, no ports or paths. - /pgp.txt and /mirrors.txt must have the same content on all of your URLs. - Text which is not intended to be parsed as an official mirror must be commented out with a “#” as the first character on the line. - Example: http://darkfailllnkf4vf.onion/mirrors.txt /canary.txt - Required - HTTP 200 text/plain - PGP SIGNED message MUST be updated every 14 days. - Can be signed by any key specified in /pgp.txt - The message must contain the latest Bitcoin block hash and the current date in YYYY-MM-DD format, with string “I am in control of my PGP key.” and must also include the string "I will update this canary within 14 days." - If you cannot do this you should not be running a darknet market. - Example: http://darkfailllnkf4vf.onion/canary.txt /related.txt - Optional - HTTP 200 text/plain - PGP SIGNED list of all .onion sites related to your site. - This is where you list forums, link lists, related services. - Follow the same rules as /mirrors.txt 
Signed message: https://dark.fail/spec/omg.txt
submitted by DarkDotFail to DarkDotFail [link] [comments]

ShionCoin Console Basics

The following is a brief overview of the commands provided by the "shc" utility console program.
The utility program "shc" communication with the server (shcoind) are restricted to the local host that the service is running. You must use the stratum API in order to access the server from a remote machine.
A sub-set of all the commands are provided here. This guide attempts to concentrate on commonly used commands that are useful. Run "shc help" for a full list of commands. Run "shc help " for details about running that particular command.
You can enter an interactive mode by running "shc --prompt".
Run the daemon with "shcoind --debug" in order to print additional information to the log file (on linux, "/valib/share/shcoind.log") for diagnostic purposes.
ShionCoin "pub-key" coin addresses typically starts with "S" or "R". A "script address" will start with "1" and a seg-wit address will start with "3". Coin addresses are verified when entered on the command-line in order to ensure that the address is prudent in respect to the coin interface.
All fees for extended transactions, such as creating context and aliases, are either stored (for update purposes) in a local extended account and/or are provided as mining fees. You can use the "wallet.donate" command to intentionally create a transaction which includes a specified mining reward value.

Wallet Commands

The wallet commands provides capabilities to transfer funds and manage accounts. Each account can contain several coin addresses and has a counter-part "extended account" that is not visible.
Wallet Info: wallet.info
Display statistical and runtime information on wallet operations.
shc wallet.info { "version": 3010000, "walletversion": 60000, "balance": 658, "keypoololdest": 1517000561, "keypoolsize": 101 }
Create Coin Address: wallet.new
The "wallet.new" command is used to create a normal (non seg-wit) coin address and associate it with an account name. Coin addresses may be automatically generated for accounts, for example in order to return "change" in a fund transfer transaction. All change is directly returned to the associated account.
shc wallet.new test S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci
List Accounts: wallet.list
The "wallet.list" command provides a balance of all accounts in the coin wallet.
shc wallet.list { "": 0, "bank": 658, "system": 0 }
Three accounts are created by default. The "" account receives coinbase rewards which are then distributed to users based on their stratum stats. The "bank" account is a 0.1% cut of the rewards received from the stratum mining pool. The "system" account is currently reserved for a cpu-miner which attempts a single mining operation each time new task work is assigned to miners. The frequency of how often this occurs is based on tracking the "luck" of past attempts.
List Coin Addresses: wallet.listaddr
The "wallet.listaddr" command will list all of the coin addresses associated with an account.
shc wallet.listaddr test ["S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci"]
Create Transaction: wallet.send
The "wallet.send" command is the primary method of sending funds.
All ShionCoin transactions are sent with at least the 0.0001 SHC minimum fee. Providing the minimum fee is provided, any fee can is permitted and affects the priority of the transaction.
shc wallet.send bank S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci 10 307711dace8c0583b744af8acd1df2073e36b0c7a54b8830a15ae146f8c22ddb
Test Create Transaction: wallet.tsend
You can "test send" a transaction in order to determine the aproximate fee and size that would result.
shc wallet.tsend bank SLbnKamvSx8FhaBNpHUwffFDLZ16J8phdX 10 { "amount": 10, "tx-amount": 98.999900, "size": 300, "virt-size": 226, "fee": 0.000100, "inputs": 1, "priority": 1085539000000 }
Create Batch Transaction(s): wallet.bsend
The "wallet.bsend" command allows you to transfer funds that are more complicated than would be permitted in a single transaction. Multiple transactions will be created, as neccessary, in order to send the specified coin value. The total value commited to be sent may be lower than the value requested under certain circumstances.
Create Certified Transaction: wallet.csend
The "wallet.csend" associated a pre-created certificate with the coin transfer. The certificate may be used to associate with the certificate, or provide a method to identity the source of the funds.
shc wallet.csend bank SLbnKamvSx8FhaBNpHUwffFDLZ16J8phdX 10
Create Stamp Transaction: wallet.stamp
The "wallet.stamp" command allows you to create a short message (up to 135 characters), or reference a geodetic location, to associate with a local coin address. The stamp transaction is the exclusive method of claiming spring matix location coins. Creating a stamp in the format "geo:," will result in a single SHC coin, once processed on the network, being rewarded for all locations not yet discovered in the spring matrix. A minimum transaction fee (0.0001) is applied for each stamp transaction created.
Use the "ctx.findloc" command in order to search for locations active in the sprint matrix.
Validate Address: wallet.donate
Donated coins are added to the upcoming block reward. Donations may be optionally associated with a certificate. The maximum donation value in a single transaction is 500 coins. Donations are associated with the coin address that generates them, and may contain a geodetic stamp depending on configuration and availability.
The total cost will include the donation coin value specified plus a minimum transaction fee (0.0001 SHC).
{ "version": 1, "flag": 1025, "txid": "ace04609d0eca593b73a3f1afb1dcfeb10049c4ab4098ff9b17e01da65bf2ec6", .. "ident": { "version": 3, "expire": " ", "geo": "46.770000,113.980000", "addr": "SFrXpo9ykcSeycTdMaFu3xWwJFxN5gkUH4" } }
Validate Address: wallet.validate
The "wallet.validate" command returns general information about the coin address specified, including whether the coin address is contained in the local wallet.
shc wallet.validate SLbnKamvSx8FhaBNpHUwffFDLZ16J8phdX { "isvalid": true, "address": "SLbnKamvSx8FhaBNpHUwffFDLZ16J8phdX", "ismine": true, "account": "system" }
Validate Address: wallet.key
Obtain a code that identifies the private key of a coin address.
Validate Address: wallet.setkey
Create a new coin address, for the specified account, with a private key code.
Validate Address: wallet.keyphrase
Obtain a set of phrases that identify the private key associated with a coin address.
Validate Address: wallet.setkeyphrase
Create a coin address in the wallet given a key phrase.
Export Wallet (json): wallet.export
Creates a JSON formatted backup of all the accounts managed.
Export Wallet (datafile): wallet.exportdat
Creates a binary backup, in the tradition bitcoin wallet format, of all the accounts in the wallet.
Import Wallet (json): wallet.import
Creates a JSON formatted backup of all the accounts managed.
Scan Wallet: wallet.rescan
Cycle through all known wallet transactions and verify their state in the block-chain.

Block Commands

BlockChain Info: block.info
Print summarized information about the block-chain.
shc block.info { "version": 2000000, "blockversion": 2, "walletversion": 60000, "blocks": 77029, "difficulty": 0.000488, "pooledtx": 0, "currentblockhash": "5c4e3a637d857c7df925dda1c017dd3864c0fb95c1421276619810f5b95fc8c5", "errors": "" }
Print Block (hash): block.get
Print detailed information about the specified block hash.
shc block.get bc157eefd48e18152c70ad2937bd44e6bb38d218bf13c262a844a3d0ae9264d6 { "blockhash": "bc157eefd48e18152c70ad2937bd44e6bb38d218bf13c262a844a3d0ae9264d6", "version": 536870912, "merkleroot": "5bda555d945bc36806f1eb4913a47a2ecad4569133cce1d59bd82ad94e7be1c6", "time": 1521898215, "stamp": "03/24/18 07:30:15", "nonce": 4422421, "bits": "1e07ffff", "previousblockhash": "3312abddb29aea55f44a0e3c52d397d3041b9e2deaa160f2ac415cdca05057b9", .. }
Print Block Hash (height): block.hash
Obtain the block hash for a specified block height.
shc block.hash 77022 bc157eefd48e18152c70ad2937bd44e6bb38d218bf13c262a844a3d0ae9264d6
Export BlockChain: block.export
Export an entire block-chain to a binary file. The actual export of data is performed asynchronously (in the background), and the log file should be reviewed to determine when the operation is actually done.
shc block.export /root/.shc/block.bin { "mode": "export-block", "minheight": 0, "maxheight": 0, "path": "/root/.shc/block.bin", "state": "init" }
tail /valog/share/shcoind.log ..
[03/24/18 07:47:14] info: shc: PerformBlockChainOperation: saved 77105 blocks to path "/root/.shc/block.bin".
Import BlockChain: block.import
Import a previously exported block-chain into the live system. The imported file will only over-write block records that do not previously exist.
BlockChain Scan: block.verify
Perform an integrity check against the last X blocks in the block-chain.

Transaction Commands

Print Transaction: tx.get
Print details for a particular transaction from it's transaction hash.
shc tx.get 307711dace8c0583b744af8acd1df2073e36b0c7a54b8830a15ae146f8c22ddb { "version": 1, "flag": 1, "txid": "307711dace8c0583b744af8acd1df2073e36b0c7a54b8830a15ae146f8c22ddb", .. }
Print Transaction: tx.pool
Print details for all transaction currently pending in the active "mempool" queue. These are transactions that are actively being inserted into mined blocks.
Print Transaction: tx.validate
Validate a transaction hash associated with the local wallet. Prints summarized information about all local coin addresses associated with the transaction.
shc tx.validate 307711dace8c0583b744af8acd1df2073e36b0c7a54b8830a15ae146f8c22ddb [{ "spent": "false", "ismine": "true", "address": "S7viXBKwUZKy4aPCby3oXzWFDxhZKjGipA" }, { "spent": "false", "ismine": "true", "address": "S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci" }]

Peer Commands

Import Peers: peer.info
Display a summary of information relating to connected peers.
{ "clientversion": 3010000, "protocolversion": 2000000, "socketport": 24104, "connections": 3, "networkhashps": 11609, "errors": "" }
Import Peers: peer.list
Display information about each node peer currently connected to the coin interface.
Export Peers: peer.export
Export all of the known peers to a JSON file.
shc peer.export /root/.shc/peer.json { "mode": "peer.export", "path": "/root/.shc/peer.json", "state": "finished" }
Import Peers: peer.add
Import a JSON file containing node peer information.
Remove Peer: peer.remove
Disconnect and remove the specified peer from the system.

Context Commands

Context Info: ctx.info
Print the current fee to create a context transaction and the total number of context records in the system.
{ "fee": 25, "total": 1 }
Print String Context: ctx.getstr
Prints the ASCII value associated with a particular context name.
shc ctx.getstr "test name" test value
Print Context: ctx.get
Prints detailed information about a context record given it's context hash.
shc ctx.get ab5b128ce3674f81f0271efbbbb191fed56e9a80 { "version": 3, "label": "ab5b128ce3674f81f0271efbbbb191fed56e9a80 test name (1zgfTHd5BQA)", "expire": "Mar 23 08:28:39 2020", "flags": 10244, "signature": "e0539d3ecb54c5c0a29ccd69f0b03dfdfb58bc24", "hash": "ab5b128ce3674f81f0271efbbbb191fed56e9a80", "valuesize": 10, "valuecrc": "1zgfTHd5BQA", "tx": "0dbf21191091e33ad7be3b1ce1983ffffdbedeb804e3ce934021f0fad038d50e" }
Create String Context: ctx.findloc
Search for a location by it's name or with geodetic cordinates.
The "ctx.findloc" will scan an area and attempt to find a location within it. This area includes a span of about 100 sq. miles. The closest location with the smallest precision found will be returned. In addition, geodetic information provided by the share library is also utilized.
shc ctx.findloc "geo:46.9,114.2" { "name": "missoula, mt", "summary": "Montana", "zone": "America/Denver", "code": "MUNI", "country": "US", "geo": "46.94000,114.04000", "type": "Municipal Zone", "springable": "false" } shc ctx.findloc "Missoula, MT" { "name": "missoula, mt", "summary": "Montana", "zone": "America/Denver", "code": "MUNI", "country": "US", "geo": "46.94000,114.04000", "type": "Municipal Zone", "springable": "false" }
Note: The "springable" value denotes whether the geodetic location can be claimed in the SHC spring matrix (see "wallet.stamp").
Create String Context: ctx.getloc
Print detailed information about a particular location by it's name or geodetic cordinates.
The "ctx.getloc" command requires specific cordinates to be specified when a latitude and longitude is specified.
ctx.getloc "Missoula Creek" ctx.getloc geo:46.9846,114.1213
Note: The "springable" value denotes whether the geodetic location can be claimed in the SHC spring matrix (see "wallet.stamp").
Create String Context: ctx.setstr
Create a text format context value. This establishes a simple name=value relationship.
Context names are stored as hash keys. Therefore, the string name of the context key must be known before-hand in order to perform the lookup. A small label is also provided as part of the context record which includes a snippet (or all of) the context name.
Context records are signed against the coin address that paid to generate the transaction. Context transaction typically cost about 25 SHC or less to create. A context will expire two years after the date at which it is either created or updated. The owner can update a context by creating a new one with the same name as a pre-existing one. The "context hash" that identifies a context is also the key hash of it's label. The context is shown as part of the transaction details.
shc ctx.setstr test "test name" "test value" { "version": 3, "label": "ab5b128ce3674f81f0271efbbbb191fed56e9a80 test name (1zgfTHd5BQA)", "expire": "Mar 23 08:28:39 2020", "flags": 10244, "signature": "e0539d3ecb54c5c0a29ccd69f0b03dfdfb58bc24", "hash": "ab5b128ce3674f81f0271efbbbb191fed56e9a80", "valuesize": 10, "valuecrc": "1zgfTHd5BQA", "tx": "0dbf21191091e33ad7be3b1ce1983ffffdbedeb804e3ce934021f0fad038d50e" }
Create Geodetic Context: ctx.setloc
The "ctx.setloc" command creates contextual information about a specific place.
The command includes information about a location zipcode, name, and description. In addition, an optional place type code, country code, and web-url can be specified.
The place type corrosponds to one of the codes returned from the "ctx.loctypes" command.
This command has two different modes. One corrosponds to giving a name to a particular geodetic latitude and longitude corindate, and the other includes providing details about that particular location. A single location (as specified by latitude and longitude) may have multiple names, but it limited to a single set of details. Although some common places may be reserved from use (such as common city names), the application of detailed information to a geodetic location comes on a first-come-first-serve basis. Note that context information expires after two years.
The size of the area being referenced is dependent on the place type specified. For example, "AREA" spans roughly 30 sq. miles, while "SPOT" only spans 8 sq. feet. This precision is used in relation to geodetic lookups performed.
shc ctx.setloc test geo:46.9846,114.1213 "Bitterroot Creek" STM US shc ctx.setloc test "Missoula Creek" geo:46.9846,114.1213
Create Identity Context: ctx.setid
Create a binary context from the raw command-line argument specified.
Create Binary Context (raw): ctx.setbin
Create a binary context from the raw command-line argument specified.
Create Binary Context (file): ctx.setfile
Create a binary context from the absolute path specified.
Print Location Types: ctx.loctypes
Print out all suported location type codes for use with the "ctx.setloc" command.
[{ "name": "AREA", "desc": "General Area", "prec": 1 }, { "name": "MT", "desc": "Mountain", "prec": 1 }, .. }

Address Alias Commands

Alias Info: alias.info
Print the current fee to create an alias transaction and the total number of alias records in the system.
shc alias.info { "fee": 31.250000, "total": 1 }
Create Address Alias: alias.pubaddr
Create a persistent public association with a name and a coin address. Once confirmed, the coin address can be referenced as "@" in command-line operations.
When a coin address is specified the alias label will be published onto the block chain in reference. If the alias label already exists, then a transfer will occur providing you are the original owner.
A coin address will be automatically created if none is specified. Only "pub-key" coin addresses are currently supported. An alias will expire after 12 years.
An alias cost around 30 SHC to create and will decrease over time.
shc alias.pubaddr test S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci { .. "alias": { "version": 1, "label": "test", "expire": "Mar 21 09:37:40 2030", "type": 30, "addr": "S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci", "type-name": "pubkey" } }
shc wallet.send bank @test 2 d438fea502b7113f155617fc1b400161bb3045645094df5423ce7e484fadf7f2
List Address Alias: alias.list
Print all aliases that match the keyword provided.
shc alias.list { "test": { "block": "79b04f63fe5602f40bc559b1c5b39b730a2d6ea2d6b4ab491904d6054b1add71", "tx": "abb12ed2f4a74c58432afa9e19c08afad1d3dd84052f23be534e96ed53e11d4f", "alias": "77135966b271a06928cdff5548dbbaed61ee7250", "addr": "S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci" } }
Print Address Alias: alias.getaddr
Print details about a particular coin address alias given it's name.
shc alias.getaddr test { "version": 1, "label": "test", "expire": "Mar 21 09:37:40 2030", "type": 30, "addr": "S2fzfzf1SStvaMzjGpCtYKxY3t8PXus9Ci", "type-name": "pubkey" }

Certificate Commands

Certificate Info: cert.info
Prints the current certificate transaction fee and the total number of certificates created on the block-chain.
shc cert.info { "fee": 14.750000, "total": 1 }
Certificate Info: cert.list
Search for a certificate given the provided keyword.
shc cert.list test { "test certificate": "8069f1bbfb435cfa1efdb454684446528343b809" }
Certificate Info: cert.new
The "cert.new" command is used to create a new certificate on the block-chain. The certificate than may be used to derive other certificates or dispense licences. The certificate may have an optional fee specified that will be required to derive or license it.
A certificate can either be designated for issueing other certificates or granting licenses, but not both. Either form of the certificate may be used in order to donate or send a certified coin transfer.
A certificate is signed against a private key that is generated from the associated extended account coin address. You may optionally specify a hexadecimal seed to use for generating the private key. The certificate's private key is not stored in a database or a transaction, and requires the original coin address to be present in the local wallet to be determined. The public key is provided as part of the certificate transaction, and can be used in order to verify the integrity of the associated signature.
The average fee for registering a new certificate is initially about 15 SHC and will decrease over time. The details of the certificate are visible in the underlying transaction that it was generated in.
The frame-work of the certificate is designed to be compatible with the x509 format. See the "shcert" share library utility program for more information on exporting x509 certificate created on the ShionCoin block-chain. Certificates may also be used to provide licensing authentication to run or provide features to programs using the share library "esig" functionality (see the "shesig_verify()" function).
Note that the certificate may contain identifying information such as the originating coin address and, when available, the geodetic location.
shc cert.new test "test certificate" { "version": 1, "flag": 17, "txid": "18d0a73c96af3dd211f27e4ada898e13b4cf25223da2591289edb8a1e86f1129", .. "certificate": { "version": 3, "label": "test certificate", "expire": "Mar 24 04:13:46 2066", "geo": "46.770000,113.980000", "addr": "SC2j6kxbrKzfpxsGqBQSrxeDh2CdPn1TLJ", "certhash": "8069f1bbfb435cfa1efdb454684446528343b809", "issuer": "0000000000000000000000000000000000000000", "serialno": "0c96a132d74df2522f38babf0733224c", "flags": 10244, "signature": "0d5a4e6c7d4975ee443cfc2e057d3d76070bd2f5", "sigpubkey": "0334d9f89253fa0837a1524266414509bdce478368" } }
Certificate Info: cert.get
Print the details of a certificate record given the certificate hash.
{ "version": 3, "label": "test certificate", "expire": "Mar 24 04:13:46 2066", "geo": "46.770000,113.980000", "addr": "SC2j6kxbrKzfpxsGqBQSrxeDh2CdPn1TLJ", "certhash": "8069f1bbfb435cfa1efdb454684446528343b809", "issuer": "0000000000000000000000000000000000000000", "serialno": "0c96a132d74df2522f38babf0733224c", "flags": 10244, "signature": "0d5a4e6c7d4975ee443cfc2e057d3d76070bd2f5", "sigpubkey": "0334d9f89253fa0837a1524266414509bdce478368", "txid": "18d0a73c96af3dd211f27e4ada898e13b4cf25223da2591289edb8a1e86f1129" }
Certificate Info: cert.derive
Derive a certificate from another certificate. You can optionally specify a fee to be associated with the new certificate, and a fee may be required if one is associated with the parent certificate.
Certificate Info: cert.license
Generate a license from a certificate. A license represents authorization to use a particular product and typically requires a fee to be paid. You can optionally specify a hexadecimal seed to be used when creating the certificate's private key.
Certificate Info: cert.export
Exports the private key information from the extended account that is used to claim ownership over a particular certificate.
Ownership and management of a certificate depends on having specific coin address key(s) in the coin wallet. Exporting a certificate provides JSON formatted content which can be used with "wallet.import" command to attain ownership of a certificate.
submitted by shioncoin to u/shioncoin [link] [comments]

"Samourai is the most private and anonymous bitcoin wallet " is false.

First thing we see on the network when we open the app:
 DNS 75 Standard query 0xfae0 A blockchain.info 
Samourai Wallet not private, decentralized, or secure. The backend exclusively talks to Blockchain.info's API, uses their websockets for real time notifications, and has no other communication with the Bitcoin network. Here's the function which is used to grab details about addresses in your wallet, which links every single one of them together as owned by one entity.
public JSONObject getAddressInfo(String string2) { try { StringBuilder stringBuilder = new StringBuilder("https://blockchain.info/"); stringBuilder.append("address/"); stringBuilder.append(string2); stringBuilder.append("?format=json"); string2 = new JSONObject(WebUtil.getInstance(null).getURL(stringBuilder.toString())); return string2; } catch (Exception var1_2) { var1_2.printStackTrace(); return null; } } 
The most private wallet in the world is directly revealing your money and your transactions to a member of the Blockchain Alliance, a consortium of Bitcoin companies who have the goal of getting your information to law enforcement before they even think of requesting it.
Did nobody else check this before buying into their story of being crusaders against the tyranny of terrible privacy? The binaries from the play store decompile just fine, you can verify this for yourself.
submitted by poop_wallet_narwhal to Bitcoin [link] [comments]

Ravencoin Open Developer Meeting - 1/4/2019

[14:04] Hi everyone! [14:04] :dabbitwave: [14:04] Hey Everybody! [14:04] Hello 😃 [14:04] Sorry we're getting started a bit late. [14:04] Topics: SLC Meetup (March 15th) [14:04] 👋 [14:04] Roadmap breakdown - posted to github [14:05] IPFS (integration) [14:05] greetings 👋 [14:05] So, SLC Meetup on the 15th! [14:05] Great! [14:05] Hi! [14:06] Hi all — a special thanks to the developers and congratulations on an amazing first year!!! # [14:06] <[Dev] Blondfrogs> Hello Everyone! [14:07] We have a tentative agenda with @Tron , @corby speaking. [14:08] We would like to have nice walkthrough of the Raven DevKit for the meetup. [14:08] We are planning on hosting a meetup in SLC at the Overstock building on March 15th from 6:00pm-9:00pm. It is free admission, but there is a page on meetup.com where people can rsvp so that we have a somewhat accurate headcount for food. [14:08] sup guys [14:08] hey russ [14:09] We are planning on having a few speakers and have allotted a bit of time at the end for people to meet and greet each other. [14:09] can you guys link us to the page somewhere when thats available? 😄 [14:10] free food?! [14:10] todays topic? [14:10] yeah can we indicate pepperoni pizza [14:10] Sounds good to me @Jeroz Nothing ordered yet though. 😃 [14:10] only pepperoni pizza is served at true blockchain meetings right [14:10] :blobhide: [14:10] Absolutely. The itinerary just needs to be finalized and then I'll make a broad post about the rest of the details. [14:11] https://www.meetup.com/Salt-Lake-City-salt-lake-city-Meetup/ [14:11] 😭 so far away [14:11] West Coast! [14:11] @MTarget But there's pizza, so worth the travel time. [14:11] lol [14:12] I'll be watching the stream if its available since i'm from montreal/canada 😛 [14:12] Ah yes, I love $300 pizza 😉 [14:12] as long as I get to see your smiling faces @Tron @RavencoinDev then it's worth the time [14:12] We'll be there. [14:12] We'll be messaging additional details as they get finalized. [14:12] Greeting and salutations! [14:12] sup [14:13] Hey, $300 is considerably cheaper than 2 $3,700,000 pizzas. [14:14] Ok, switching topics... [14:14] yeah its a way to fly, [14:14] question is whether those piza's will be paid for in RVN coin or not :ThinkBlack: [14:14] Roadmap [14:14] It hasn't changed, just added some detail. [14:14] https://github.com/RavenProject/Ravencoin/tree/masteroadmap [14:15] nice [14:15] This now links to a breakdown for messaging, voting, anti-spam, and rewards (dividends) [14:15] will there be any additional RPC functionality coming in the future, thinking in terms of some functions that are only available in ravencore-lib [14:15] apologies if now is not time to ask questions, i can wait for later [14:15] "Phase 7 - Compatibility Mode" - that's new 😮 [14:15] The protocol for messaging is pretty well established, but the rest isn't in stone (code) yet. [14:16] can you give us details on compatibility mode? [14:16] In broad brush strokes. [14:17] The idea is to allow ravend to act as a daemon that looks like a single coin. [14:17] so ravend that only works with the bitcoin asset? [14:18] interesting [14:19] So you start it with an option to only work with a single asset/token account or something? [14:19] hmm compelling what is the reason for this? some kind of scale or performance? [14:19] ^ [14:19] Example: Configure ravend to listen for transfer RPC call for senttoaddress or sendfrom, but for a specific asset. This would allow easy integration into existing system for assets. [14:20] Only the daemon or the whole wallet UI? [14:20] yeah thats great, rpc functions dont allow us to do this yet, if i recall [14:20] or at least we depend more on ravencore lib [14:20] so like asset zmq [14:20] that's smart [14:20] @Tron it also sounds like it makes our life easier working with RPC, instead of core all the time for some functionality [14:21] if i understand correctly anyways [14:21] So you could run numerous instances of ravend each on their own network and RPC port, each configured for a different asset. You would need some balance of RVN in each one to cover transaction fees, then. [14:21] id be curious to know what all the advantages are of this [14:21] one more question, how would i decentralize the gateway between bitcoin mainnet/ravencoin mainnet? in the current RSK implementation they use a federated gateway, how would we avoid this? [14:21] it sounds neato [14:21] Just the daemon. The alternative is to get exchanges to adapt to our RPC calls for assets. It is easier if it just looks like Bitcoin, Litecoin or RVN to them, but it is really transferring FREE_HUGS [14:22] That makes sense. Should further increased exchange adoption for each asset. [14:22] hmm yeah its just easier for wallet integration because its basically the same as rvn and bitcoin but for a specific asset [14:22] so this is in specific mind of exchange listings for assets i guess [14:23] if i understand rightly [14:23] @traysi Gut feel is to allow ravend to handle a few different assets on different threads. [14:23] Are you going to call it kawmeleon mode? [14:23] Lol [14:23] I read that as kaw-melon mode. [14:24] same lol [14:24] so in one single swoop it possible to create a specific wallet and server daemon for specific assets. great. this makes it easier for exchanges, and has some added advantages with processing data too right? [14:24] Still keeping a RVN balance in the wallet, as well, Tron. How will that work is sendtoaddress sends the token instead of the RVN? A receive-RVN/send tokens-only wallet? [14:25] @traysi Yes [14:25] sendtoaddress on the other port (non RVN port) would send the asset. [14:25] This will be a hugely useful feature. [14:25] ^ [14:26] @Tron currently rpc function not support getaddresses senttowallet and this has to be done in ravencore lib, will this change you propose improve this situation [14:26] Config might look like {"port":2222, "asset":"FREE_HUGS", "rpcuser":"hugger", "rpcpass":"gi3afja33"} [14:26] how will this work cross-chain? [14:28] @push We'd have to go through the rpc calls and work out which ones are supported in compatibility mode. Obviously the mining ones don't apply. And some are generic like getinfo. [14:28] ok cool 👍 cheers [14:29] for now we continue using ravencore lib for our plans to keep track i just wondering if better way [14:29] as we had some issue after realising no rpc function for getting addresses of people who had sent rvn [14:29] @push | ravenland.org all of the node explorer and ravencore-lib functionality is based on RPC (including the addressindex-related calls). Nothing you can't do with RPC, although I'm not sure of the use cases you're referring to.. [14:29] interesting, so ravencore lib is using getrawtransaction somehow [14:29] i thought this may be the case [14:29] that is very useful thankyou for sharing this [14:30] look into addressindex flag and related RPC calls for functions that operate on addresses outside your wallet [14:30] thank you that is very useful, tbh i am not very skilled programmer so just decoding the hex at the raven-cli commandline was a challenge, i shall look more into this, valued information thanks as this was a big ? for us [14:31] Ok, things have gone quiet. New topic. [14:31] IPFS (integration) [14:31] GO [14:33] ... [14:33] <[Dev] Blondfrogs> So, we have been adding ipfs integration into the wallet for messaging. This will allow the wallets to do some pretty sweet stuff. For instance, you will be able to create your ipfs data file for issuing an asset. Push it to ipfs from the wallet, and add the hash right into the issuance data. This is going to allow for a much more seamless flow into the app. [14:34] <[Dev] Blondfrogs> This ofcourse, will also allow for users to create messages, and post them on ipfs and be able to easily and quickly format and send messages out on the network with ipfs data. [14:34] It will also allow optional meta-data with each transaction that goes in IPFS. [14:34] will i be able to view ipfs images natively in the wallet? [14:34] <[Dev] Blondfrogs> Images no [14:34] We discussed the option to disable all IPFS integration also. [14:35] @russ (kb: russkidooski) Probably not. There's some risk to being an image viewer for ANY data. [14:35] No option in wallet to opt into image viewing? [14:35] cool so drag and drop ipfs , if someone wanted to attach an object like an image or a file they could drag drop into ui and it create hash and attach string to transaction command parameters automatically [14:35] We could probably provide a link -- with a warning. [14:35] nomore going to globalupload.io [14:35] :ThinkBlack: [14:35] I understand that the wallet will rely on globalupload.io. (phase 1). Is it not dangerous to rely on an external network? Or am I missing something? [14:36] hmm [14:36] interesting, i suppose you could hash at two different endpoints and compare them [14:36] if you were that worried [14:36] and only submit one to the chain [14:36] You will be able to configure a URL that will be used as an IPFS browser. [14:36] Oh ic [14:36] you wont flood ipfs because only one hash per unique file [14:36] <[Dev] Blondfrogs> There are multiple options for ipfs integration. We are building it so you can run your own ipfs node locally. [14:36] <[Dev] Blondfrogs> or, point it to whatever service you would like. e.g. cloudflare [14:36] this is very cool developments, great to see this [14:37] Just like the external block explorer link currently in preferences. [14:37] @[Dev] Blondfrogs what about a native ipfs swarm for ravencoin only? [14:37] We have discussed that as an option. [14:37] @push | ravenland.org Considering having a fallback of upload through globalupload.io and download through cloudflare. [14:37] <[Dev] Blondfrogs> @russ (kb: russkidooski) We talked about that, but no decisions have been made yet. [14:37] yeah, i would just use two endpoints and strcompare the hash [14:37] as long as they agree good [14:37] submit tran [14:38] else 'potentially mysterious activity' [14:38] ? [14:38] if you submitted the file to ipfs api endpoints [14:38] Will the metadata just be a form with text only fields? [14:39] and then you would get 2 hashes, from 2 independent services [14:39] that way you would not be relying on a central hash service [14:39] and have some means of checking if a returned hash value was intercepted or transformed [14:39] i was answering jeroz' question [14:40] about relying on a single api endpoint for upload ipfs object [14:40] We have also kicked around the idea of hosting our own JSON only IPFS upload/browse service. [14:41] I have a service like this that is simple using php [14:41] we only use it for images right now [14:41] but fairly easy to do [14:41] Yup [14:42] Further questions about IPFS? [14:43] contract handling? file attach handling? or just text fields to generate json? [14:44] trying to get an idea of what the wallet will offer for attaching data [14:44] Probably just text fields that meet the meta-data spec. [14:44] ok noted [14:44] What do you mean by contract handling @sull [14:45] We won't prevent other hashes from being added. [14:45] asset contract (pdf etc) hash etc [14:45] <[Dev] Blondfrogs> also, being able to load from a file [14:45] got it, thanks [14:47] Let's do some general Q&A [14:48] Maybe just a heads up or something to look for in the future but as of right now, it takes roughly 12 hours to sync up the Qt-wallet from scratch. Did a clean installation on my linux PC last night. [14:48] Any plans or discussions related to lack of privacy of asset transfers and the ability to front run when sending to an exchange? [14:48] ^ [14:48] Is there a way to apply to help moderate for example the Telegram / Discord, i spend alot of time on both places, sometimes i pm mods if needed. [14:49] Any developed plans for Asset TX fee adjustment? [14:49] also this^ [14:49] @mxL86 We just created a card on the public board to look into that. [14:49] General remark: https://raven.wiki/wiki/Development#Phase_7_-_Compatible_Mode = updated reflecting Tron's explanation. [14:49] @mxL86 That's a great question. We need to do some profiling and speed it up. I do know that the fix we added from Bitcoin (that saved our bacon) slowed things down. [14:50] Adding to @mxL86 the sync times substantially increased coinciding with the asset layer activation. Please run some internal benchmarks and see where the daemon is wasting all its cycles on each block. We should be able to handle dozens per second but it takes a couple seconds per block. [14:50] @BW__ no plans currently for zk proofs or anything if that's what you're asking [14:50] You are doing a great job. Is there a plan that all this things (IPFS) could be some day implemented in mobile wallet? Or just in QT? [14:50] i notice also that asset transactions had some effect on sync time as we were making a few. Some spikes i not analysed the io and cpu activity properly but will if there is interest [14:51] we are testing some stuff so run into things i am happy to share [14:51] @BW__ Might look at Grin and Beam to see if we can integrate Mimble Wimble -- down the road. [14:51] yeees [14:51] @J. | ravenland.org work with the telegram mods. Not something the developers handle. [14:51] i love you [14:51] @J. | ravenland.org That would be best brought up with the operators/mods of teh telegram channel. [14:51] @corby @Tron thnx [14:51] @S1LVA | GetRavencoin.org we're planning on bumping fees to... something higher! [14:51] no catastrophic failures, just some transaction too smals, and mempool issues so far, still learning [14:52] @corby i thought that this may happen :ThinkBlack: [14:52] @corby x10? 100x? 1000x? Ballpark? [14:52] Definitely ballpark. [14:52] 😃 [14:52] 😂 [14:52] Is a ballpark like a googolplex? [14:53] @push | ravenland.org asset transactions are definitely more expensive to sync [14:53] yes yes they are [14:53] they are also more expensive to make i believe [14:53] 10,000x! [14:53] as some sync process seems to occur before they are done [14:53] @traysi ★★★★★ thanks for the suggestions we are going to be looking at optimizations [14:53] But, it is way slower than we like. Going to look into it. [14:53] i do not understand fully its operation [14:53] 1000x at minimum in my opinion [14:53] its too easy to spam the network [14:54] yes there has been some reports of ahem spam lately [14:54] :blobhide: [14:54] 😉 [14:54] cough cough ravenland [14:54] @russ (kb: russkidooski) we're in agreement -- it's too low [14:54] default fee 0.001 [14:54] ^ something around here [14:54] @corby yep we all are i think [14:55] waaay too low [14:55] meaningful transactions start with meaningful capital expense [14:55] though there is another scenario , there are some larger volume, more objective rich use cases of the chain that would suffer considerably from that [14:55] just worth mentioning, as i have beeen thinking about this a lot [14:55] there are some way around, like i could add 1000 ipfs hashes to a single unique entity, i tested this and it does work [14:56] @russ (kb: russkidooski) What would you suggest. [14:57] I had a PR for fee increase and push back. [14:57] Ignore the push back. 0.001 RVN is not even a micro-farthing in fiat terms [14:57] definitely around 1000x [14:57] Vocal minority for sure [14:57] ^ yep [14:57] @russ (kb: russkidooski) That sounds reasonable. [14:57] Couple hundred Fentons [14:58] right now an asset transaction is 0.01 of a penny essentially [14:58] 1 RVN would work now, but not when RVN is over $1. [14:58] yes exactly [14:58] Hi. Late to the party. [14:58] We are also talking about a min fee. The system will auto-adapt if blocks fill up. [14:58] im thinking tron, some heavy transaction use cases would fall out of utility use if that happened [14:58] so whats the thinking there [14:59] is there a way around the problem, bulked ipfs hash transactions? [14:59] 1000x would put us around btc levels [14:59] maybe a minimum 500x? [14:59] @russ (kb: russkidooski) Agreed. [14:59] <[Dev] Blondfrogs> It is time to wrap it up here. Everyone. Thank you all for your questions and thoughts. We will be back in 2 weeks. 😃 [14:59] Small increase and review. [14:59] Thanks all! [14:59] Cheers. [15:00] yeah sorry for 1 million questions guys hope i didnt take up too much time [15:00] cheers all 👍 [15:00] Thanks everyone [15:00] Thanks everyone for participating!!! [15:00] That is what we are here for [15:00] 100x-500x increase, 1000x maximum [15:00] 🍺

submitted by Chatturga to Ravencoin [link] [comments]

[2015-08-19] Challenge #228 [Intermediate] Use a Web Service to Find Bitcoin Prices

Desciption

Modern web services are the core of the net. One website can leverage 1 or more other sites for rich data and mashups. Some notable examples include the Google maps API which has been layered with crime data, bus schedule apps, and more.
Today's a bit of a departure from the typical challenge, there's no puzzle to solve but there is code to write. For this challenge, you'll be asked to implement a call to a simple RESTful web API for Bitcoin pricing. This API was chosen because it's freely available and doesn't require any signup or an API key. Furthermore, it's a simple GET request to get the data you need. Other APIs work in much the same way but often require API keys for use.
The Bitcoin API we're using is documented here: http://bitcoincharts.com/about/markets-api/ Specifically we're interested in the /v1/trades.csv endpoint.
Your native code API (e.g. the code you write and run locally) should take the following parameters:
The API call you make to the bitcoincharts.com site will yield a plain text response of the most recent trades, formatted as CSV with the following fields: UNIX timestamp, price in that currency, and amount of the trade. For example:
1438015468,349.250000000000,0.001356620000 
Your API should return the current value of Bitcoin according to that exchange in that currency. For example, your API might look like this (in F# notation to show types and args):
val getCurrentBitcoinPrice : exchange:string -> currency:string -> float 
Which basically says take two string args to describe the exchange by name and the currency I want the price in and return the latest price as a floating point value. In the above example my code would return 349.25.
Part of today's challenge is in understanding the API documentation, such as the format of the URL and what endpoint to contact.

Note

Many thanks to adrian17 for finding this API for this challenge - it doesn't require any signup to use.
submitted by jnazario to dailyprogrammer [link] [comments]

Does the Ledger Wallet Bitcoin desktop application support the Bitcoin Payment Protocol as a receiving address?

So far, whenever I move money, I provide that long alpha-numeric string as the receiving address. But I just tried to buy the BitPay Card and was given something like the following to be the receiving address - bitcoin:?r=https://bitpay.com/i/8nXJxvuMCHwM2oLz41Bi7A
Note - I changed the actual URL for privacy but this format is the same.
BitPay's site listed some wallets that are known to support this protocol but Ledger wasn't mentioned. Does anyone know if I can use my Ledger Wallet Bitcoin app? If I can't, is this an upgrade coming soon? Or does Ledger provide a workaround to this when trying to pay someone that doesn't provide the old alpha-numeric address?
PS - here's the site that explains the new protocol: https://github.com/bitcoin/bips/blob/mastebip-0070.mediawiki
submitted by mkuraja to ledgerwallet [link] [comments]

Transcript from Ravencoin Open Developer Meeting - Nov. 16, 2018

Tron at 2:03 PM

Topics: Messaging (next phase) UI 2.2 - Build from develop - still working out a few kinks Mobile - Send/Rcv/View Assets - In progress Raven Dev Kit -Status

RavencoinDev at 2:04 PM

Hey Everybody! Let's get started!Thanks Tron for posting the topics.Tron is going talk about Messaging Plans.Let's start there.

Chatturga at 2:06 PM

It looks like this channel is not connected to the IRC. One moment

RavencoinDev at 2:07 PM

Well, we going to move forward as the tech guys fix the IRC connections.

Tron at 2:07 PM

I wanted to have a doc describing the messaging, but it isn't quite ready.I understand this isn't going to IRC yet, but I'm starting anyway.

RavencoinDev at 2:08 PM

Look for it soon on a Medium near you.

Tron at 2:08 PM

Summary version: Every transaction can have an IPFS hash attached.

Vincent at 2:09 PM

any plans for a 'create IPFS' button?

RavencoinDev at 2:09 PM

Yes

Vincent at 2:09 PM

on asset creatin window also?

RavencoinDev at 2:09 PM

Yes

Vincent at 2:09 PM

sweet

Tron at 2:09 PM

IPFS attachments for transactions that send ownership token or channel token back to the same address will be considered broadcast messages for that token.The client will show the message.Some anti-spam measures will be introduced.If a token is in a new address, then messages will be on by default.The second token in an address, the channel will be available, but muted by default.

RavencoinDev at 2:11 PM

That way I can't spam out 21b tokens and then start sending messages to everybody.

Tron at 2:11 PM

We'd like to have messaging in a reference client on all six platforms.

corby at 2:11 PM

Hi!

Tron at 2:11 PM

Photos will not be shown. Messages will be "linkified"

RavencoinDev at 2:12 PM

and plain text.We'll start with the QT wallet support

Tron at 2:12 PM

Any other client is free to show any IPFS message they choose.The messaging is fully transparent.

Rikki RATTOE at 2:13 PM

ok, so messaging isn't private

Tron at 2:13 PM

Anyone could read the chain and see the messages.

RavencoinDev at 2:13 PM

No, never was planned to be private

MSFTserver-mine more @ MinerMore at 2:13 PM

irc link should be fixed

Tron at 2:13 PM

It is possible to put encrypted content in the IPFS, but then you'd have to distribute the key somehow.

RavencoinDev at 2:13 PM

Thanks MSFT!

Chatturga at 2:13 PM

Negative

Tron at 2:14 PM

Core protocol changes Extend the OP_RVN_ASSET to include for any transfer: RVNT <0xHH><0x12><0x20><32 bytes encoding 256 bit IPFS hash> 0xHH - File type 0x00 - NO data, 0x01 - IPFS hash, 0x02 through 0xFF RESERVED 0x12 - IPFS Spec - Using SHA256 hash 0x20 - IPFS Spec - 0x20 in hex specifying a 32 byte hash. …. (32 byte hash in binary)

corby at 2:14 PM

By it's nature nothing on chain is private per se. Just like with wallets you'd need to use crypto to secure messaging between parties.

Tron at 2:14 PM

Advantages: This messaging protocol has the advantage of not filling up the blockchain. The message information is public so IPFS works as a great distributed store. If the messages are important enough, then the message sender can run nodes that "PIN" the message to keep a more durable version. The message system cannot be spoofed because any change in the message will result in a different hash, and therefore the message location will be different. Only the unique token holder can sign the transaction that adds the message. This prevents spam. Message clients (wallets), can opt-in or opt-out of messages by channel. Meta-message websites can allow viewing of all messages, or all messages for a token. A simple single channel system is supported by the protocol, but a channel could be sub-divided by a client to have as many sub-channels as desired. There are no limits on the number of channels per token, but each channel requires the 5 RVN fee to create the channel.

RavencoinDev at 2:14 PM

So, somebody could create their own client and encrypt the data on the blockchain if they wished.

corby at 2:15 PM

Wow Tron types fast

Rikki RATTOE at 2:15 PM

yeah there was some confusion in the community whether messaging would be private and off chain

Tron at 2:15 PM

Anti-Spam Strategy One difficulty we have is that tokens can be sent to any Ravencoin asset holder unsolicited. This happens on other asset platforms like Counterparty. In many cases, this is good, and is a way for asset issuers to get their token known. It is essentially an airdrop. However, combined with the messaging capabilities of Ravencoin, this can, and likely will become a spam strategy. Someone who wants to send messages (probably scams) to Ravencoin asset holders, which they know are crypto-savvy people, will create a token with billions of units, send it to every address, and then message with the talking stick for that token. Unless we preemptively address this problem, Ravencoin messaging will become a useless spam channel. Anyone can stop the messages for an asset by burning the asset, or by turning off the channel. A simple solution is to automatically mute the channel (by default) for the 2nd asset sent to an address. The reason this works is because the assets that you acquire through your actions will be to a newly generated address. The normal workflow would be to purchase an asset on an exchange, or through a ICO/STO sale. For an exchange, you'll provide a withdrawal address, and best practice says you request a new address from the client with File->'Receiving addresses…'->New. To provide an address to the ICO/STO issuer, you would do the same. It is only the case where someone is sending assets unsolicited to you where an address would be re-used for asset tokens. This is not 100% the case, and there may be rare edge-cases, but would allow us to set the channels to listen or silent by default. Assets sent to addresses that were already 'on-chain' can be quarantined. The user can burn them or take them out of quarantine.

RavencoinDev at 2:18 PM

Okay, let me know when/if you guys read through all that. 📷📷2

corby at 2:18 PM

To be clear this is a client-side issue -- anyone will be able to send anything (including messages) to any address on chain..

RavencoinDev at 2:18 PM

It'll be in the Medium post later.

Tron at 2:19 PM

@corby The reference client will only show messages signed by the issuer or designated channels.Who is ready for another wall of text? 📷

corby at 2:19 PM

I hear that's the plan 📷 just pointing out that it is on the client in these cases..

Tron at 2:20 PM

Yes, any client can show anything gleaned from the chain.Goal: A simple message format without photos. URL links are allowed and most clients will automatically "linkify" the message for valid URLs. For display, message file must be a valid json file. { "subject":"This is the optional subject", "message": "This is required.", "expires": 1578034800 } Only "message" is required {"message":"Hello world"}

bhorn at 2:21 PM

expires?

Vincent at 2:21 PM

discount coupon?

Tron at 2:21 PM

If you have a message that worthless (say after a vote), just don't show the message.

bhorn at 2:21 PM

i see - more client side operation

corby at 2:21 PM

/expires

Tron at 2:22 PM

Yep. And the expiration could be used by IPFS pinners to stop worrying about the message. Optional

RavencoinDev at 2:22 PM

If the client sees a message that is expired it just won't display it.

Vincent at 2:23 PM

will that me messaged otherwise may cause confusion?"expired'

RavencoinDev at 2:23 PM

YesWe'll do our best to make it intuitive.

Tron at 2:24 PM

Client handling of messages Pop-up messages or notifications when running live. Show messages for any assets sent to a new address - by default Mute messages for assets sent to an address that was already on-network. Have a setting to not show messages older than X IPFSHash (or 8 bytes of it) =

Rikki RATTOE at 2:25 PM

will there be a file size limit for IPFS creation in the wallet?

RavencoinDev at 2:25 PM

We'll also provide updated documentation.

Tron at 2:26 PM

Excellent question Rikki. Here are some guidelinesGuidelines: Clients are free to show or not show poorly formed messages. Reference clients will limit message display to properly formed messages. If subject is missing, the first line of the message will be used (up to 80 chars). Standard JSON encoding for newlines, tabs, etc. https://www.freeformatter.com/json-escape.html Expiration is optional, but desired. Will stop showing the message after X date, where X is specified as Unix Epoch. Good for invites, voting requests, and other time sensitive messages that have no value after a specific date. By default clients will not show a message after X blocks (default 1 year) Amount of subject shown will be client dependent - Reference client may cut off at 80 chars. Messages longer than 15,000 (about 8 pages) will not be pinned to IPFS by some scanners. Messages longer than 15,000 characters may be rejected altogether by the client. Images will not be shown in reference clients. Other clients may show any IPFS content at their discretion. IPFSHash is only a "published" message if the Admin/Owner or Channel token is sent from/to the same address. This allows for standard transfers with metadata that don't "publish".Free Online JSON Escape / Unescape Tool - FreeFormatter.comA free online tool to escape or unescape JSON strings

RavencoinDev at 2:26 PM

We're hoping to add preferences that will allow the user to customize their messaging experience.

Tron at 2:27 PM

Also, happy to receive feedback from everyone.

corby at 2:27 PM

In theory though if you maintain your own IPFS nodes you should be able to reference files of whatever size right?

Steelers at 2:27 PM

How about a simple Stop light approach - Green (ball) New Message, Yellow (Ball) Expiring Messages, Red (Ball) Expired Messages

RavencoinDev at 2:27 PM

Yes please! That's the point of sharing it here

Chatturga at 2:27 PM

Fixt

push | ravenland.org at 2:28 PM

Thanks @Tron can you provide any details of the coming 'tooling' at the end of november, and what that might enable (apologies as I am a bit late to meeting if this has been asked already)

VeronicaBOT at 2:28 PM

sup guys

Tron at 2:28 PM

Sure, that's coming.

RavencoinDev at 2:28 PM

That's the Raven WebDev Kit topic coming up in a few mins.

push | ravenland.org at 2:29 PM

oki 📷 cheers

RavencoinDev at 2:29 PM

Questions on messaging?

Jeroz at 2:30 PM

Not sure if I missed it, but how fast could you send multiple messages in succession?

BruceFenton at 2:30 PM

Some kind of sweep feature or block feature for both tokens and messages could be useful Certain messages will be illegal to possess in certain jurisdictions If someone sends a picture of Tiennneman tank man in China or a message calling for the overthrow of a ruler it could be illegal for someone to have There’s no way for that jurisdiction to censor the chain So some users might want the option to purge messages or not receive them client side / on the wallet

Tron at 2:30 PM

Messages are a transaction.

RavencoinDev at 2:30 PM

So it'll cost you to spam messages.They can only send a hash to that picture and the client won't display anything not JSON

corby at 2:31 PM

purge/block is the age old email spam

Tron at 2:31 PM

The Reference client - other clients / web sites, etc can show anything they wish.

RavencoinDev at 2:31 PM

You can also burn a token if you never want to receive messages from that token owner.

UserJonPizza|MinePool.com|Mom at 2:32 PM

Can't they just resend the token?

Tron at 2:33 PM

Yes, but it would default to mute.📷2

RavencoinDev at 2:33 PM

meaning it would show up in a spam foldetab

bhorn at 2:33 PM

is muting available for the initial asset as well?

RavencoinDev at 2:33 PM

Something easy to ignore if muted.

Tron at 2:33 PM

@bhorn Yes

BruceFenton at 2:33 PM

Can users nite some assets and not others?

Tron at 2:33 PM

@bhorn It just isn't the default.

BruceFenton at 2:33 PM

Mute

RavencoinDev at 2:33 PM

YesYou can mute per token.

BruceFenton at 2:34 PM

Great

Tron at 2:34 PM

And per token per channel.

Jeroz at 2:34 PM

channels are the subtokens?

BruceFenton at 2:34 PM

What’s per token per channel mean ?

Tron at 2:34 PM

The issuer sends to the "Primary" channel.Token owner can create channels like "Alert", "Emergency", etc.These "talking sticks" are similar to unique assets.📷1ASSET~Channel

RavencoinDev at 2:37 PM

Okay, we have a few more topics to cover today.Tron will post more details on Medium and we can continue discussions there.

Jeroz at 2:38 PM

Ah, I missed channel creation bit for each token with the 5 RVN / channel cost. It makes more sense to me now.

RavencoinDev at 2:38 PM

The developers are working towards posting a new version 2.2 that has the updated UI shown on twitter.

Vincent at 2:39 PM

twit link?

RavencoinDev at 2:39 PM

The consuming of large birds (not ravens) might slow the release a bit.So likely the week after Thanksgiving.

[Dev] Blondfrogs at 2:39 PM

The new UI will contain: - New menu layout - New icons - Dark mode - Added RVN colors

Dan1666 at 2:39 PM

+1 Dark mode

RavencoinDev at 2:39 PM

DARK MODE!

Dan1666 at 2:40 PM

so pleased about that

RavencoinDev at 2:40 PM

I can honestly say it'll be the nicest crypto wallet out there.

[Dev] Blondfrogs at 2:40 PM

A little sneak peak, but this is not the final project📷📷6📷3

!S1LVA | MINEPOOL at 2:40 PM

Outstanding

Dan1666 at 2:41 PM

reminds me of Sub7 ui for those that might remember

UserJonPizza|MinePool.com|Mom at 2:41 PM

Can we have an asset count at the top?

[Dev] Blondfrogs at 2:41 PM

Icons will be changing

Vincent at 2:41 PM

does the 'transfer assets' have a this for that component?

Tron at 2:41 PM

Build from develop to see the sneak preview in action.There may be small glitches depending on OS. These are being worked on.

Rikki RATTOE at 2:41 PM

No plans for the mobile wallet to show an IPFS image I'm assuming? Would be a nice feature if say a retail store could send a QR coupon code to their token holders and they could scan the coupon using their wallet in store

[Dev] Blondfrogs at 2:42 PM

@Vincent That will probably be a different section added later📷1

RavencoinDev at 2:42 PM

Yes, Rikki we do want to support messaging.Looking into how that would work with Apple and Google push.

push | ravenland.org at 2:42 PM

sub7📷1hahaoldschoolit so is similar aswell

[Master] Roshii at 2:43 PM

Messages are transactions no need for any push

Tron at 2:43 PM

@Rikki RATTOE There's a danger in showing graphics where anyone can post anything without accountability for their actions. A client that only shows tokens for a specific asset could do this📷1

RavencoinDev at 2:43 PM

True, unless you want to see the messages even if you haven't opened your wallet in a week.

Rikki RATTOE at 2:44 PM

the only thing I was thinking was if you simply linked the image, somebody could just copy the link and text it off to everyone and the coupon isn't all that exclusive

UserJonPizza|MinePool.com|Mom at 2:44 PM

Maybe a mobile link-up for a easy way to see messages by just importing pubkey(edited)

RavencoinDev at 2:45 PM

Speaking of mobileWe are also getting close to a release of mobile that includes the ability to show assets held, and transfer them.Roshii has been hard at work.📷6📷1

Vincent at 2:46 PM

can be hidden also?

RavencoinDev at 2:47 PM

We're still finalizing the UI design but that is on the list of todos📷1

Under at 2:47 PM

Could we do zerofee mempool messaging that basically gets destroyed after it expires out of the mempool for real-time stealth mode messaging

corby at 2:48 PM

That's interesting!

RavencoinDev at 2:49 PM

There are other solutions available for stealth messaging, that's not what the devs had intended to build. It does sound cool though @Under

Under at 2:50 PM

📷 we’ll keep up the good work. Looking forward to the db upgrades. Will test this weekend

RavencoinDev at 2:50 PM

Thanks!That leaves us with 10 minutes for the Dev Kit!Corby has been working on expanding some of the awesome work that @Under has been doing.

corby at 2:52 PM

Yes -- all of the -addressindex rpc calls are being updated to work with assets

RavencoinDev at 2:52 PM

Hopefully we'll be able to post the source soon once the initial use cases are all working.

corby at 2:52 PM

so assets are being tied into transaction history, utxos, etc

RavencoinDev at 2:52 PM

The devs want to provide a set of API's that make it easy for web developers to build solutions on top of Ravencoin.VinX is investigating the possibility of using Ravencoin to power their solution.

corby at 2:53 PM

will be exposed via insight-api which we've forked from @Under

[Master] Roshii at 2:53 PM

Something worth bringing up is that you will be able to get specific asset daba from full nodes with specific message protocols.

corby at 2:54 PM

also working on js lib for client side construction of asset transactions

Tron at 2:55 PM

Dev Kit will be an ongoing project so others can contribute and extend the APIs and capabilities of the 2nd layer.📷3📷3

RavencoinDev at 2:55 PM

Will be posted soon to the RavenProject GitHub.

corby at 2:55 PM

separate thing but yes Roshii that is worth mentioning -- network layer for getting asset data

RavencoinDev at 2:55 PM

Again want to give thanks to @Under for getting a great start on the project

push | ravenland.org at 2:56 PM

Yes looking forward to seeing more on the extensive api and capabilities, is there a wiki on this anywhere tron?(as to prevent other people replicating eachothers work?)

RavencoinDev at 2:56 PM

The wiki will be in the project on GitHub

push | ravenland.org at 2:56 PM

im guessing when the kit is released, something will appear, okok cool

RavencoinDevat 2:57 PM

Any questions about the Web DevKit?

push | ravenland.orgToday at 2:57 PM

well, what kind of support will it give us, that would be nice, is this written anywhereI'm still relatively new to blockchain<2 yearsso need some hand holding i suppose 📷

bhorn at 2:58 PM

right, what are initial use cases of the devkit?

push | ravenland.org at 2:58 PM

i mean im guessing metamask like capabilitysome kind of smart contract, some automation capabilitiesrpc scriptsstuff like thiseven if proof of concept or examplei guess im wondering if my hopes are realistic 📷

RavencoinDev at 2:59 PM

You can see the awesome work that @Under has already don that we are building on top of.

push | ravenland.org at 2:59 PM

yes @Under is truly a herooki, cool

RavencoinDev at 2:59 PM

https://ravencoin.network/Ravencoin Block ExplorerRavencoin Insight. View detailed information on all ravencoin transactions and blocks.

push | ravenland.org at 2:59 PM

ok, sweet, that is very encouragingthanks @Under for making that code public

corby at 3:00 PM

It will hopefully allow you to write all sorts of clients -- depending on complexity of use case you might just have js lib (wallet functions, ability to post txs to gateway) or a server side project (asset explorer or exchange)..(edited)

Tron at 3:00 PM

Yeah, thanks @Under .

RavencoinDev at 3:00 PM

What's your GitHub URL @Under ?

push | ravenland.org at 3:00 PM

https://github.com/underdarkskies/ i believeGitHub· GitHubunderdarkskies has 31 repositories available. Follow their code on GitHub.📷

RavencoinDev at 3:00 PM

Yup!

push | ravenland.org at 3:00 PM

he is truly a hero(edited)

RavencoinDev at 3:00 PM

LOL

push | ravenland.org at 3:00 PM

damn o'sgo missing everywhere

RavencoinDev at 3:01 PM

teh o's are hard... Just ask @Chatturga

push | ravenland.org at 3:01 PM

📷

Chatturga at 3:01 PM

O's arent the problem...

push | ravenland.org at 3:01 PM

📷📷

RavencoinDev at 3:02 PM

Alright we're at time and the devs are super busy. Thanks everybody for joining us.

push | ravenland.org at 3:02 PM

thanks guys

RavencoinDev at 3:02 PM

Thank you all for supporting the Raven community.📷6

corby at 3:02 PM

thanks all!

push | ravenland.org at 3:02 PM

keep up the awesome work, whilst bitcoin sv and bitcoin abc fight, another bitcoin fork raven, raven thru the night📷5

Vincent at 3:02 PM

piece!!

RavencoinDev at 3:03 PM

We're amazingly blessed to have you on this ride with us.📷5📷9📷5

Dan1666 at 3:03 PM

gg

BruceFenton at 3:03 PM

📷📷12📷4

UserJonPizza|MinePool.com|Mom at 3:55 PM

Good meeting! Excited for the new QT!!
submitted by Chatturga to u/Chatturga [link] [comments]

On Proof: A Confession about Satoshi?

The monster paragraph below, which is titled "On Proof", was taken from a website/blog I found while searching for a paper authored by CSW. The site I found appears to be some sort of confessional-tell-all CV authored by CSW to prove his identify. The text doesn't prove anything about CSW's work in bitcoin if true, but its possibly relevant to his ability to design bitcoin, his overall genius, and credibility. I have no position on whether Craig Wright is Satoshi at the moment.
I have no information about whether the wall-o-text contains anything true, who runs the site I found, or what the site is exactly. However, the text-wall contains plenty of info about CSW that can be cross-checked with official records.
In addition to the text (the wall is his, not mine), I've provided a link to the site, taken and an imgur album of my screen-captures. Some of the pictures show the browser tabs I had open when they were taken for time-stamping purposes.
WARNING. There is a downloader thing on the site, and I'm not sure about the funky URL. Be careful if you do visit.
http://bvde.cba.pl/9178.html (Text below)
http://imgur.com/a/NCfdt
It seems that I have to do this every couple years and each time it is generally worse as I have added to the list. In recent months I have been causing trouble again and as such there are always those who choose not to believe me or to engage in an attack on my character as a solution to not addressing the issue at hand. Let us start with career and that I am the VP of GICSR in Australia. Other than using an email address at GICSR, I am listed on the board as a director. Next, I am a trustee with the Uniting Church Trust Fund and am otherwise involved with the UC. That is me on page two of the funds newsletter where I had been accepted in the appointment. I have shaved, but it is still me in the photo. My role at Charles Sturt University is noted below and I have staff ID 11293457 if you want to actually check that. On certifications. I hold the three platinum certifications GSE, GSE-Malware and GSE-Compliance from GIAC. I will add my SANS/GIAC certs. I have more than any other person globally (not a boast, it is a fact). This is 37 Certs from GIAC alone. Click the link if you do not believe me. The answer is not just to believe this, validate it. All up, with Cisco and others I have over 100 certifications. Now, do you really care if you believe the total? Not really, and does it matter, not really. Some of those will start to disappear as I cannot maintain them and actually have a life anymore. I have 27 recertification’s next year that I will do at a cost of over $11,000. I will let some lapse. Degrees and more I am not going to cover all of my degrees any more. I will not discuss more than post graduate and a list of the papers associated with my doctoral work and I will simply cover those related to my profession here. I will not discuss my role as a lay pastor or theology degree other than face to face and only whit those I choose to discuss it with. There is enough to know I am involved with the Uniting Church and I am not here to convert people. If you are an atheist, that is your choice and I will not try to sway you at all. The thing is, atheism is also a belief. It is not and cannot be proven with science and hence is in a way also a religion even if in the negative. I do not wish to debate this (unless it is face to face, I like you and there is wine involved). If you are not happy with my post graduate qualifications, adding undergraduate qualifications right down to the associate degree level will add little. Then, does my having an Associate degree in Science (Organic Chemistry, Fuel sciences) add anything to my role in digital forensics and information security. If you really want to know what these are, there are old posts that searching will eventually uncover. As for the bio and claim that I am “a perpetual student with numerous post graduate degrees including an LLM specializing in international commercial law and ecommerce law, a Masters Degree in mathematical statistics from Newcastle as well as working on his 4th IT focused Masters degree (Masters in System Development) from Charles Sturt University where he lectures subjects in a Masters degree in digital forensics. He is writing his second doctorate, a PhD on the quantification of information system risk at CSU.” Charles Sturt University The masters degrees from CSU are: MMgmt(IT) – Masters of Management (IT) MNSA – Master of Network and System Admin MInfoSysSec – Master of Master Information Systems Security MSysDev – Master of System Development (nearly complete… I am just running out of subjects to do at the University. I even needed to take one where I was the author of the text just to have the credit points). Next year I complete my second doctorate. I also have two other Masters degrees not from CSU (the 4 they note in the link are those listed above), a Masters in Statistics (Newcastle AU) as well as a Masters in Law (Northumbria, UK). I am also doing the SANS Masters degree and have one more thing to complete this. That will give me 2 doctorates, 7 masters degrees and 8 other degrees. It is not too difficult to check that I am enrolled in the MSISE at the SANS Technology Institute (Master of Information Systems Engineering). Other than having presentations on the site (see this link) it would be crazy for me to state this. I have 37 GIAC certifications (which is most of either of the STI masters degrees. If I was to misrepresent my status at SANS/GIAC, the ethics policy means I will lose them all. So, first it is simple to actually check AND I have too much to lose in lying. I do this every couple years. Here is a link to a past time I had to do the same. Northumbria University I completed a Masters in Law in a UK based University. This is: LLM Northumbria – Master of Law (International Commerce Law, Ecommerce Law with commendation). PG Diploma in Law My dissertation was on "Internet Intermediary Liability". I received a commendation. If you need to check, I had Student Number: 05024288 Newcastle University MSTAT – Master of Statistics I was student number 3047661 at the University of Newcastle here in Australia. My thesis that I wrote to complete this degree was on “The homogeneity of Variances”. I analysed and tested many of the common statistical methods used in homogeneity tests in statistics (such as the Levene tests). Why? The links are associated with universities and others, so it is not too difficult to check me out. I am not stopping you. The only thing I do not wish to discuss openly is my role with the Uniting Church. My theological belief is one of the few things that remains personal and more than the stuff the church posts publically about me (which I attempt to minimise) I will not discuss. If you believe that my trying to maintain one personal and private thing in my life means I am lying, believe as you will. It does not impact my chosen career in information security and nor does it detract from this. Contrary to the believe structure some hold, one CAN be a doctor of the church as well as a scientist. Religion and Science do not overlap and nor should one seek to make them do so. We can never prove nor disprove the existence of any religion or other spiritual belief structure. This is why I also preach tolerance. I believe I am correct as far as I can be (and that is about zero as the human mind is too small to comprehend the infinite in any extent and any person who tells you differently is a liar or a fool). I comprehend and believe in my way, others in their own. Is Islam, Catholicism, Judaism etc right? Yes and no. Am I right, yes and know. Basically, we see a small aspect of the infinite and that is all we ever will. We can be right and wrong at the same time and will never be completely right as we cannot hold the concept of an infinite in our heads (and I have studied large number theory). In a way, I hate having to do this each few years. In this, I have scratched the surface of what I have done and that leaves many in disbelief. That stated, I fail in humility for this as well as other reasons. On Sanity I guess that the final aspect of this is on sanity. I have been accused of being insane for doing all I do. To take a quote from one of my doctoral supervisors: “Craig, you have a doctorate, why on earth would you want to go through this again. It is insane.” I love study. I can do it and I am good at it. I do not need to do formal study, but I like it. I enjoy the structure. I like the process and it means that I do more. I do not watch sport (I do play sport but there is a distinction) and I do not watch TV. Formal study is MY form of relaxation. To those people (usually without degrees) who keep attacking me and saying I cannot have done this, I offer you the chance to validate all of it. Now, the answer is that you can do something. Instead of engaging in an exercise designed to cut down tall poppies and to attack those who have done something, why not do something yourself? I will (and have in the past) helped others. I will do this for nearly anyone (none of us are not perfect and that includes me). There are ways that anyone can study these days. In fact, I am more than happy to help all I can to have people achieve this. Instead of attacking the character of others you see as frightening (and this really is what this is about), how about you spend the time doing a qualification yourself? Really, my email is public. I keep offering, instead of attacking the accomplishments of others, add to your own. I offer this and from time to time, people take me up on it. This is, I offer to help others improve their education. Not for money, not for fame, but as I want to have a better aware and education world. In this, I also benefit as a more educated (practically) world is one that will have fewer (though always some) issues and which could be more tolerant. Certification and membership numbers A limited subset of certifications I hold is listed below: CISSP # 47302 (ICS)2 Certified Information Systems Security Professional ISSMP # 47302 (ICS)2 Information Systems Security – Management Professional ISSAP # 47302 (ICS)2 Information Systems Security – Architecture Professional CISA # 0542911 IS Audit and Control Association – Certified Information Systems Auditor CISM # 0300803 IS Audit and Control Association – Certified Information Security Manager CCE # 480 ISFCE – Certified Computer Examiner ISSPCS # 051 International Systems Security Professional Certification Scheme MCSA # 3062393 Microsoft Certified Systems Administrator MCSE # 3062393 Microsoft Certified Systems Engineer MCSE # 3062393 Microsoft Certified Systems Engineer (Mail) MCSE # 3062393 Microsoft Certified Systems Engineer (Security) MCDBA # 3062393 Microsoft Certified Database Administrator MIEEE # 87028913 Member IEEE AFAIM # PM133844 Associate Fellow Aust Inst. Management (lapsed now as I have been culling memberships – they cost too much to maintain) MACS # 3015822 Senior Member Aust Computer Society GIAC… NOT ALLL GSE-Compliance #0001 [Platinum] GIAC Security Compliance (GSE-Compliance) GSEC # 10506 [Gold] GIAC Security Essentials Certification (GSEC) GCIH # 06896 [Silver] GIAC Certified Incident Handler GCIA # 02913 [Silver] GIAC Certified Intrusion Analyst GCFW # 01891 [Silver] GIAC Certified Firewall Analyst GCWN # 01234 [Silver] GIAC Certified Windows Security Administrator GAWN # 00894 [Silver] GIAC Assessing Wireless Networks GCUX # 00587 [Silver] GIAC Certified UNIX Security Administrator GNET # GIAC .Net GSLC # GIAC Security Leadership Certification GHTQ # 00368 [Silver] GIAC Cutting Edge Hacking Techniques G7799 # 0039 [GOLD] GIAC Certified ISO-17799 Specialist (G7799) GCFA # 0265 [GOLD] GIAC Certified Forensics Analyst (GCFA) GSNA # 0571 [GOLD] GIAC Systems and Network Auditor (GSNA) GSAE # 00141 [Silver] GIAC Security Audit Essentials (GSAE) GLEG # 0006 [GOLD] GIAC Legal Issues (GLEG) GLEG Incorporates GIAC Business Law and Computer Security (GBLC) GLEG Incorporates GIAC Contracting for Data Security (GCDS) GLIT GLEG Incorporates GIAC Legal Issues in Information Technologies (GLIT) GLFR # 0016 GIAC Law of Fraud (GLFR) GREM # 0586 GIAC Reverse Engineering Malware (GREM) GPCI # 0086 GIAC Payment Card Industry (GPCI) GSPA # 0101 GIAC Security Policy and Awareness (GSPA) GLDR # 0101 GIAC Leadership (GLDR) GWAS # 0535 GIAC Web Application Security (GWAS) GIPS # 0036 GIAC Intrusion Prevention (GIPS) SSP-MPA # 0416 Stay Sharp Program – Mastering Packet Analysis (SSP-MPA) SSP-GHD # 0246 Stay Sharp Program – Google Hacking and Defense (SSP-GHD) SSP-DRAP # 0171 Stay Sharp Program – Defeating Rogue Access Points (SSP-DRAP) Papers / Publications: Peer Reviewed Papers Right now, I have a further 8 papers in peer review. The following are all accepted and/or published. 2012 (Accepted) 1. Wright, C. (2012, February). Hacktivism, terror and the state: The Importance of Effectively Enforcing Cyber Security Legislation. Paper to be presented at the 10th Anniversary National Security Australia Conference. 2011 2. Wright, C. (2011, December) Who pays for a security violation? An assessment into the cost of lax security, negligence and risk, a glance into the looking glass. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. . 3. Wright, C. (2011, December) Current issues and liability facing Internet Intermediaries. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 4. Wright, C. (2011, December) Criminal Specialization as a corollary of Rational Choice. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. Wright, C. (2011, December) A preamble into aligning Systems engineering and Information security risk measures. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 5. Wright, C. & Via, T. (2011, December) Modeling System Audit as a Sequential test with Discovery as a Failure Time Endpoint. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. 6. Wright, C. (2011) “Exploiting format Strings with Python” Hakin9 7. Wright, C. (2011) “More Exploits with Python” Hakin9 8. Wright, C. (2011, September)Of Black Swans, Platypii and Bunyips. The outlier and normal incident in risk management. Paper presented at CACS2011 Australia. 9. Wright, C. & Zia, T. (2011, July)Compliance or Security, what cost? (Poster)” Australasian Conference on Information Security and Privacy. 10. Wright, C. (2011) “A comparative study of attacks against Corporate IIS and Apache Web Servers” Sans Technology Inst, USA 11. Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA 12. Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA 13. Wright, C. & Zia T (2011)”Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” CISIS Spain 14. Wright, C. & Zia T (2011)”A Quantitative Analysis into the Economics of Correcting Software Bugs” CISIS Spain 2010 15. Wright, C. (2010) “Software, Vendors and Reputation: an analysis of the dilemma in creating secure software” Intrust 2010 China 16. Wright, C. & Zia T (2010) “The Economics of Developing Security Embedded Software” SecAU Australia 17. Wright, C. (2010) “The not so Mythical IDS Man-Month: Or Brooks and the rule of information security” ISSRE USA 18. Wright, C. (2010) “Packer Analysis Report – Debugging and unpacking the NsPack 3.4 and 3.7 packer.” Sans Technology Inst, USA 2009 19. Wright, C. (2009) “Effective Patch Management – Saving Time and Getting Better Security” MISTI USA 20. Wright, C. (2009) “Database Auditing” Testing Experience, Germany 21. Wright, C. (2009) “SaaS Security” MISTI USA 22. CISecurity (Multiple) (2009) CIS BIND Benchmarks” Centre For Internet Security, USA 2008 23. Wright C, Kleiman D & Sundhar R.S. (2008) “Overwriting Hard Drive Data: The Great Wiping Controversy” Lecture Notes in Computer Science (Springer Berlin / Heidelberg) 24. Wright, C. (2008) “Detecting Hydan: Statistical Methods For Classifying The Use Of Hydan Based Stegonagraphy In Executable Files” Sans Technology Inst USA 25. Wright, C. (2008) “Using Neural Networks” Google 26. Wright, C. (2008) “Ensuring secure data transfer and data sharing” DQ Asia Pacific 27. Wright, C. (2008) “Record and Document Destruction in a Digital World” IT Security World, USA 28. Wright, C. (2008) “Managing Security in a Global Company” IT Security World, USA 29. Wright, C. (2008) “A Quick and Nasty overview of finding TrueCrypt Volumes” Sans Technology Institute 30. Wright, C. (2008) “Exploring Data Visualisation” Strategic Data Mining 31. Wright, C. (2008) “Statistical Methods to Determine the Authenticity of Data” CACS2008, Au 32. Wright, C. (2008) “Text Data Mining, the future of Digital Forensics” Hex Journal USA 33. Wright, C. (2008) “Compliance, law and Metrics: What you need to meet and how you prove it” SANS ACT 34. Wright, C. (2008) “Current Issues in DNS” Sans Technology Inst, USA 35. Wright, C. (2008) “Advanced Methods to Remotely Determine Application Versions” NS2008 LV, USA 36. Wright, C. (2008) “An in-depth review of the security features inherent in Firefox 3.0 Compared to IE 8.0” iDefense, USA 2007 37. Wright, C. (2007) “The Problem With Document Destruction” ITAudit, Vol 10. 10 Aug 2007, The IIA, USA 38. Wright, C. (2007) “Requirements for Record Keeping and Document Destruction in a Digital World” Sans Technology Inst, USA 39. Wright, C. (2007) “Electronic Contracting in an Insecure World” Sans Technology Inst, USA 40. Wright, C. (2007) “The Problem with Document Destruction” IRMA UK (Republished) 41. Wright, C. (2007) “Ethical Attacks miss the point!” System Control Journal ISACA 42. Wright, C. (2007) “Where Vulnerability Testing fails” System Control Journal ISACA 43. Wright, C. (2007) “Application, scope and limits of Letters of Indemnity in regards to the International Law of Trade” Internal Publication, BDO Aug 2007 44. Wright, C. (2007) “UCP 500, fizzle or bang” Internal Publication, BDO July 2007 2006 45. Wright, C. (2006) “Port Scanning A violation of Property rights” Hakin9 46. Wright, C. (2006) “A Taxonomy of Information Systems Audits, Assessments and Reviews” SANS Technology Inst USA 47. Wright, C. (2006) “RISK & Risk Management” 360 Security Summit AU 48. Wright, C. (2006) “A QUANTITATIVE TIME SERIES ANALYSIS OF MALWARE AND VULNERABILITY TRENDS” Ruxcon AU 2005 49. Wright, C. (2005) “Analysis of a serial based digital voice recorder” Published 2006 SANS Technology Inst USA 50. Wright, C. (2005) “Implementing an Information Security Management System (ISMS) Training process” SANS Darling Harbour AU 51. Wright, C. (2005) “Beyond Vulnerability Scans — Security Considerations for Auditors” ITAudit, The IIA, USA 52. Wright, C. (2005) “PCI Payment Card Industry Facts” Retail Industry journal, July 2005 2001 53. Multiple Authors (1999) “Windows NT Security Step by Step” SANS Technology Inst USA 2000 54. Ashbury A & Wright, C. (2000) “DNS Security in Australia” Net Security, June 2000. 1999 55. Wright, C. (1999) “A Comparative analysis of Firewalls” in “The Internet Hot Sheet” ATT Sept 1999 Books / Book Chapters 1. Wright, C. (2008) “0123456789The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments0123456789” Syngress USA 2. Litchko, J; Lang, D; Hennell , C; Wright, C & Linden, M V (2011) ““0123456789Official (ISC)2 Guide to the CISSP(R)-ISSMP(R) CBK0123456789” CRC Press, ISC2 USA 3. Kleiman, D; Wright, C; Varsalone, V& Clinton, T (2007) “0123456789The Official CHFI Study Guide0123456789” (Exam 312-49) (Paperback)” Syngress, USA 2007 This book is used as a text for ITE-513 at Charles Sturt University 4. Multiple Authors (2009) “0123456789Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity0123456789”, Syngress Press 5. Multiple Authors (2009) “0123456789Mobile Malware Attacks and Defense0123456789”, Syngress Press 6. Multiple Authors (2008) “0123456789Check Point NGX R65 Security0123456789” Syngress, USA This book is used as a text at Charles Sturt University 7. Multiple Authors (2008) “0123456789Mobile Malicious Code0123456789” Syngress, USA 8. Multiple Authors (2008) “0123456789Best Forensic Book0123456789” Syngress, USA In 2012 the following book will be published by Taylor Francis Academic press: SCADA Security. I am the author of the Forensic chapter Chapter 16: Forensics Management
submitted by veintiuno to Bitcoin [link] [comments]

Hardware Wallet Standard | Jonas Schnelli | Aug 16 2016

Jonas Schnelli on Aug 16 2016:
Hi
Unfortunately, there is no standard in how desktop- or mobile-wallets
can interact with a hardware device resulting in wallet vendors adding
plugins with proprietary code for non-standardized interfaces.
I started a BIP (extreme draft, feel free to improve language, grammar
and content) to address this missing part of the ecosystem.
I think it would be extremely helpful if @ledger, @trezor,
@voisin/@breadwallet, @electrum, @bitpay (and more?!) would help working
on a such standard.
The BIP describes two approaches how to communicate (pipe and
URI-scheme) with the signing-devices app, although, in my opinion, all
major platform do support the URI approach (maybe we could drop the pipe
approach then).
The URI approach means that there is no need to configure the
application location in order to start a inter-process(-app) communication.
Mediawiki:
https://github.com/jonasschnelli/bips/blob/8abb51f0b21b6664388f6e88f6fd642c90d25dca/bip-undef-0.mediawiki
---- BIP (rough early stage draft)
BIP: ???
Title: Detached Signing
Author: Jonas Schnelli
Status: Draft (early stage!)
Type: Standards Track
Created: 2016-08-02
== Abstract ==
This BIP describes a way how wallet applications can decouple sensitive
privatekeys from the internal keychain and interact with a
signing-devices (hardware wallet, "cold" storage) over a generic
interface in order to get signatures.
== Motivation ==
It seems like that the current approach for allowing signing-devices to
interact with third party wallets is to build a plugin [1][2][3]. Adding
plugins for each hardware wallet type will increase possible security
issues and result in multiple proprietary-third-party code within the
wallet application with very similar structures.
A generic interface how wallets can interact with signing-devices would
result in better user experience, less critical code and simpler
adaption for various signing-devices.
== Specification ==
In order to support desktop- and smartphone-wallet-applications, this
BIP describes two slightly different approaches (process pipe and URI
call) in how to interact with the signing-devices. If possible, the
modern URI approach should be chosen.
=== Signing-Device-Controller-Application ===
To allow a generic interface while still allowing different ways how to
internally communicate with the signing device itself (USB, TCP/IP,
air-gapped Qr-Code scanning, etc.) a controller-application is required.
=== General signing process ===
The wallets signing process must be according the following principal:
or message together with metadata (scriptPubKey, hd-keypath of the inputs)
signing-device-controller-application
signing-request-object, eventually shows UI, user can sign or cancel
signing-response-object with signatures or an error
creating process (example: add signatures to transaction and broadcast)
=== Desktop Process Intercommunication ===
Desktop wallets can interact with a signing device over process
intercommunication (pipe) together with a
signing-device-controller-application.
As specified below, the signing-request-object is a URI string passed
through the pipe. The desktop wallet needs to wait (with a recommended
timeout between 1 and 5 minutes) until the signing-response-object will
be sent back by the signing-device-controller-application.
=== Smartphone/URI App Intercommunication ===
Smartphones and modern operating systems are trying to sandbox
applications and interprocess communication (on pipe level) is mostly
disallowed.
On smartphones, we must use URI-schemes.
The wallet can pass information to the
signing-device-controller-application by using a predefined URI scheme.
detatchedsigning://?&returnurischeme;=
The querystring must be URI encoded.
RFC 2616 does not specify a maximum length of URIs (get request). Most
modern smartphone operating system allow URIs up to serval megabytes.
Signing complex data-structure is therefore possible.
The returnurischeme must contain a URI schema where the
result of the signing process should be returned to.
The returnurischeme must be populated and "opened" once the signing
process has been completed (or cancled).
=== Signing Request ===
The signing request is a flexible URI-Query-String that will be used by
the Signing-device-controller-application for user confirmation as well
as for creating the signature.
The URI-query-string must conform to the following format:
detatchedsigning://sign?type=&data;=&inputscripts;=,,...&inputhdkeypath;=,,...&returnscheme;=
type = type of the data to sign
data = raw unsigned bitcoin transaction or text-message
(optional)inputscripts = scriptPubKey(s) of the inputs in exact order
(optional)inputhdkeypath = hd-keypath of the inputs in exact order
(optional)returnscheme = a URI scheme where the response must be sent to
(smartphone approach)
  • inputhdkeypath or inputscripts must be provided.
=== Signing Response ===
The signing response is a flexible URI-Query-String that will be sent
back to the wallet application and must contain the signatures or an
error code.
The URI-query-string can be opened (smartphone approach) or will be sent
back though the interprocess pipe.
://signresponse?errorcode=&signatures;=,,...
In case of ECDSA, the returned signatures must be normalized compact
signatures with the size of 64bytes (128 hex chars).
==== Possible error code ====
0 = no error
1 = user canceled
2 = timeout
10 = missing key identifier (missing HD keypath or input scriptpubkey)
11 = unsupported signing type
12 = could not resolve script
50 = unknown internal error
==== Examples ====
===== Simple p2pkh transaction =====
Unsigned raw transaction:
0100000001fd3cd19d0fb7dbb5bff148e6d3e18bc42cc49a76ed2bfd7d760ad1d7907fd9ce0100000000ffffffff0100e1f505000000001976a9149062e542a78d4fe00dcf7cca89c24a8013c381a388ac00000000
(input ced97f90d7d10a767dfd2bed769ac42cc48be1d3e648f1bfb5dbb70f9dd13cfd
vout:1, output: P2PKH mtgQ54Uf3iRTc9kq18rw9SJznngvF5ryZn 1 BTC)
signing-request URI must be:
detatchedsigning://sign?type=bitcoin-p2pkh&data=0100000001fd3cd19d0fb7dbb5bff148e6d3e18bc42cc49a76ed2bfd7d760ad1d7907fd9ce0100000000ffffffff0100e1f505000000001976a9149062e542a78d4fe00dcf7cca89c24a8013c381a388ac00000000&inputscripts=76a914531148ad17fdbffd4bac72d43deea6c7cf0387d088ac&inputhdkeypath=m/0'/0'/1&returnscheme;=myapp
The inputhdkeypath is optional in this case
signing-response URI must be:
detatchedsigning://signresponse?error=0&signatures=<128hex-chars>
===== Simple a bitcoin message =====
Message: Lorem ipsum dolor sit amet
signing-request URI must be:
detatchedsigning://sign?type=bitcoinmsg&data=Lorem+ipsum+dolor+sit+amet&inputhdkeypath=m/0'/0'/2
signing-response URI must be:
detatchedsigning://signresponse?error=0&signatures=<128hex-chars>
=== Support for multiple signing-devices ===
Must operating systems allow only one registered application per
URI-scheme. To support multiple signing-devices, wallets and
signing-devices can optional add support for brand based URI-schemes.
In addition to the standard URI scheme,
signing-devices-controller-applications can register an additional URI
scheme (with the identical request/response syntax and logic) including
a brand-identifier.
Registering a brand-identifier based URI scheme without registering the
default URI scheme is not allowed.
Wallets can detect if a certain brand based URI scheme is supported and
therefore gives user a selection if multiple signing-devices where
detected [4][5].
detatchedsigning://
Supported brand-identifiers are:
  • trezor
  • ledger
  • keepkey
  • digitalbitbix
== References ==
[1] https://github.com/spesmilo/electrum/pull/1662
[2] https://github.com/spesmilo/electrum/pull/1391
[3] https://github.com/bitpay/copay/pull/3143
[4]
https://developer.apple.com/library/ios/documentation/UIKit/Reference/UIApplication_Class/
[5]
https://developer.android.com/reference/android/content/pm/PackageManager.html
== Acknowledgements ==
== Copyright ==
This work is placed in the public domain.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160816/fe4471a9/attachment.sig
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013008.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Public contract code review. CHAINY — aeon short links and Proof Of Existing.

Hi everybody!
Everex team is almost finished moving https://Chainy.link project from Bitcoin blockchain to Ethereum DAPP and would like to collect your feedback about the contract code.
In short words, Chainy is the independent DAPP with (optional) online interface which
a) creates authentic irreplaceable short URLs
b) permanent proof of existence of the document (file) together with link to the file
c) public text message on the [Ethereum] blockchain.
Essentially, Chainy is a simple independent smart contract, which exists for as long as blockchain lives, and it's independent from anybody. Even if we abandon this project, and it will be impossible to look up the data using other viewers or blockchain explorers or scanners, all previously stored proofs and data will be available via the Ethereum API, for example through Mist. Just as we all like it :))
To create new proof entry, the user must request a call contract method addChainyData with JSON string. It will return unique short code index entry, encoded from a block number and a few characters of the sender address (in case if few records will fall into the same block at the same time).
To get your entry using short code, user must call method getChainyData with the code. The data format is simple to understand, so in general even with Mist wallet, it is enough to store and see the data.
Data types:
  1. AEON permanent links. Similar to bit.ly, but impossible to replace or switch the destination of the url, unlike conventional URL shorteners. If a moderator has checked that the link leads to e.g. Ethereum.org, he can be absolutely sure that tomorrow and in any other day it won’t lead to a phishing site or to other malicious content nest.
  2. File signatures follow already well-known method, where sha256 of the file is stored in the blockchain.
  3. File signatures along with a link to a file is a combination of 1 and 2. This allows you to refer to the proof of existence with a link only that will show page with proof and link to the (external) file, which the user can download and check its identity with the signature.
  4. The signed text. Just a text message stored in blockchain. "Bob borrowed 100 bitcoins from me”
  5. File with signatures and file content in blockchain. (May be later, after SWARM is released).
Each entry, besides the data itself, also contains stored timestamp and the address of the creator of the entry. Timestamp can also be calculated by the block, but we left it like that for additional convenience
Note that if you need to retain the sender’s address as yours, you must create transaction yourself (through Mist) or it may show different address, like the one provided by online service. However, for convenience, we also did an online form that creates JSON in the right format. You will only have to send it to a contract from your address.
Using only Mist without external services is not easy for users. Chainy provides user friendly web interface, which will take and organize the data submitted from the user and broadcast it into the contract.
Storage format is open source, so anybody can develop a viewer. Even if the viewer is not available, a contract will always be live and you can always get proof of existence of your data by simply referring to the contract through Mist or Ethereum API. Or through the Chainy viewer, which is an open source.
So, anybody have interest are welcome to review the Chainy contract link and send us your comments.
Link to contract source: https://github.com/EverexIO/Chainy/tree/develop/contract
Deployed contract: 0x923c6c916B74495eA0aFf9C19384D225473dB11c
Test form to create JSON data and post into contract: http://test.chainy.info/add
Sample short code data: gdy2z
Also look short manual about using contract in mist in comment below
submitted by alexnsk to ethereum [link] [comments]

Bitcoin at POS using BIP70, NFC and offline payments - implementer feedback | Jan Vornberger | Feb 22 2015

Jan Vornberger on Feb 22 2015:
Hi everyone,
I am working on a Bitcoin point of sale terminal based on a Raspberry Pi, which
displays QR codes, but also provides payment requests via NFC. It can optionally
receive the sender's transaction via Bluetooth, so if the sender wallet
supports it, the sender can be completely offline. Only the terminal needs an
internet connection.
Typical scenario envisioned: Customer taps their smartphone (or maybe smartwatch
in the future) on the NFC pad, confirms the transaction on their phone
(or smartwatch) and the transaction completes via Bluetooth and/or the phone's
internet connection.
You can see a prototype in action here:
https://www.youtube.com/watch?v=P7vKHMoapr8
The above demo uses a release version of Schildbach's Bitcoin Wallet, so it
works as shown today. However, some parts - especially the Bluetooth stuff - are
custom extensions of Schildbach's wallet which are not yet standard.
I'm writing this post to document my experience implementing NFC and offline
payments and hope to move the discussion forward around standardizing some of
this stuff. Andy Schroder's work around his Bitcoin Fluid Dispenser [1,2]
follows along the same lines, so his proposed TBIP74 [3] and TBIP75 [4] are
relevant here as well.

NFC vs Bluetooth vs NFC+Bluetooth

Before I get into the implementation details, a few words for why I decided to
go with the combination of NFC and Bluetooth:
Doing everything via NFC is an interesting option to keep things simple, but the
issue is, that one usually can't maintain the connection while the user confirms
the transaction (as they take the device back to press a button or maybe enter a
PIN). So there are three options:
  1. Do a "double tap": User taps, takes the device back, confirms, then taps
again to transmit the transaction. (I think Google Wallet does something like
this.)
  1. Confirm beforehand: User confirms, then taps and everything can happen in one
go. The disadvantage is, that you confirm the transaction before you have seen
the details. (I believe Google Wallet can also work this way.)
  1. Tap the phone, then establish a Bluetooth connection which allows you to do
all necessary communication even if the user takes the device back.
I feel that option 3 is the nicest UX, so that is what I am focusing on right
now, but there are pros and cons to all options. One disadvantage of option 3 in
practice is, that many users - in my experience - have Bluetooth turned off, so
it can result in additional UI dialogs popping up, asking the user to turn on
Bluetooth.
Regarding doing everything via Bluetooth or maybe BLE: I have been following the
work that Airbitz has done around that, but personally I prefer the NFC
interaction of "I touch what I want to pay" rather than "a payment request comes
to me through the air and I figure out whether it is meant for me/is legitimate".

NFC data formats

A bit of background for those who are not that familiar with NFC: Most Bitcoin
wallets with NFC support make use of NDEF (NFC Data Exchange Format) as far as I
am aware (with CoinBlesk being an exception, which uses host-based card
emulation, if I understand it correctly). NDEF defines a number of record types,
among them 'URI' and 'Mime Type'.
A common way of using NFC with Bitcoin is to create a URI record that contains a
Bitcoin URI. Beyond that Schildbach's wallet (and maybe others?) also support
the mime type record, which is then set to 'application/bitcoin-paymentrequest'
and the rest of the NFC data is a complete BIP70 payment request.

Implementation

To structure the discussion a little bit, I have listed a number of scenarios to
consider below. Not every possible combination is listed, but it should cover a
bit of everything.
Scenarios:
1) Scan QR code, transmit transaction via Bitcoin network
Example QR code: bitcoin:1asdf...?amount=42
2) Touch NFC pad, transmit transaction via Bitcoin network
Example NFC URI: bitcoin:1asdf...?amount=42
3) Scan QR code, fetch BIP70 details via HTTP, post transaction via HTTP
Example QR code: bitcoin:1asdf...?amount=42&r;=https://example.org/bip70paymentrequest
4) Touch NFC pad, fetch BIP70 details via HTTP, post transaction via HTTP
Example NFC URI: bitcoin:1asdf...?amount=42&r;=https://example.org/bip70paymentrequest
5) Touch NFC pad, receive BIP70 details directly, post transaction via HTTP
Example NFC MIME record: application/bitcoin-paymentrequest + BIP70 payment request
6) Scan QR code, fetch BIP70 details via Bluetooth, post transaction via Bluetooth
Example QR code: bitcoin:1asdf...?amount=42&bt;=1234567890AB
Payment request has 'payment_url' set to 'bt:1234567890AB'
7) Touch NFC pad, fetch BIP70 details via Bluetooth, post transaction via Bluetooth
Example NFC URI: bitcoin:1asdf...?amount=42&bt;=1234567890AB
Payment request has 'payment_url' set to 'bt:1234567890AB'
Scenarios 1 and 2 are basically the 'legacy'/pre-BIP70 approach and I am just
listing them here for comparison. Scenario 3 is what is often in use now, for
example when using a checkout screen by BitPay or Coinbase.
I played around with both scenarios 4 and 5, trying to decide whether I should
use an NFC URI record or already provide the complete BIP70 payment request via
NFC.
My experience here has been, that the latter was fairly fragile in my setup
(Raspberry Pi, NFC dongle from a company called Sensor ID, using nfcpy). I tried
with signed payment requests that were around 4k to 5k and the transfer would
often not complete if I didn't hold the phone perfectly in place. So I quickly
switched to using the NFC URI record instead and have the phone fetch the BIP70
payment request via Bluetooth afterwards. Using this approach the amount of data
is small enough that it's usually 'all or nothing' and that seems more robust to
me.
That said, I continue to have problems with the NFC stack that I'm using, so it
might just be my NFC setup that is causing these problems. I will probably give
the NXP NFC library a try next (which I believe is also the stack that is used
by Android). Maybe I have more luck with that approach and could then switch to
scenario 5.
Scenarios 6 and 7 is what the terminal is doing right now. The 'bt' parameter is
the non-standard extension of Andreas' wallet that I was mentioning. TBIP75
proposes to change 'bt' into 'r1' as part of a more generic approach of
numbering different sources for the BIP70 payment request. I think that is a
good idea and would express my vote for this proposal. So the QR code or NFC URI
would then look something like this:
bitcoin:1asdf...?amount=42&r;=https://example.org/bip70&r1=bt:1234567890AB/resource
In addition the payment request would need to list additional 'payment_url's. My
proposal would be to do something like this:
message PaymentDetails { ... optional string payment_url = 6; optional bytes merchant_data = 7; repeated string additional_payment_urls = 8; // ^-- new; to hold things like 'bt:1234567890AB' } 
TBIP75 proposes to just change 'optional string payment_url' into 'repeated
string payment_url'. If this isn't causing any problems (and hopefully not too
much confusion?) I guess that would be fine too.
In my opinion a wallet should then actually attempt all or multiple of the
provided mechanisms in parallel (e.g. try to fetch the BIP70 payment request via
both HTTP and Bluetooth) and go with whatever completes first. But that is of
course up to each wallet to decide how to handle.
TBIP75 furthermore proposes to include an additional 'h' parameter which would
be a hash of the BIP70 payment request, preventing a MITM attack on the
Bluetooth channel even if the BIP70 payment request isn't signed. This would
have also been my suggestion, although I know that Mike Hearn has raised
concerns about this approach. One being, that one needs to finalize the BIP70
payment request at the time the QR code and NFC URI is generated.

Questions

My questions to the list:
1) Do you prefer changing 'optional string payment_url' into 'repeated string
payment_url' or would you rather introduce a new field 'additional_payment_urls'?
2) @Andreas: Is the r, r1, r2 mechanism already implemented in Bitcoin Wallet?
3) Are there other comments regarding 'h' parameter as per TBIP75?
4) General comments, advice, feedback?
I appreciate your input! :-)
Cheers,
Jan
[1] http://andyschroder.com/BitcoinFluidDispense
[2] https://www.mail-archive.com/bitcoin-development%40lists.sourceforge.net/msg06354.html
[3] https://github.com/AndySchrodebips/blob/mastetbip-0074.mediawiki
[4] https://github.com/AndySchrodebips/blob/mastetbip-0075.mediawiki
original: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-February/007556.html
submitted by bitcoin-devlist-bot to bitcoin_devlist [link] [comments]

BIP proposal, Pay to Contract BIP43 Application | omar shibli | Aug 14 2017

omar shibli on Aug 14 2017:
Hey all,
A lot of us familiar with the pay to contract protocol, and how it uses
cleverly the homomorphic property of elliptic curve encryption system to
achieve it.
Unfortunately, there is no standard specification on how to conduct such
transactions in the cyberspace.
We have developed a basic trade finance application that relies on the
original idea described in the Homomorphic Payment Addresses and the
Pay-to-Contract Protocol paper, yet we have generalized it and made it
BIP43 complaint.
We would like to share our method, and get your feedback about it,
hopefully this effort will result into a standard for the benefit of the
community.
Abstract idea:
We define the following levels in BIP32 path.
m / purpose' / coin_type' / contract_id' / *
contract_id is is an arbitrary number within the valid range of indices.
Then we define, contract base as following prefix:
m / purpose' / coin_type' / contract_id'
contract commitment address is computed as follows:
hash document using cryptographic hash function of your choice (e.g. blake2)
map hash to partial derivation path
Convert hash to binary array.
Partition the array into parts, each part length should be 16.
Convert each part to integer in decimal format.
Convert each integer to string.
Join all strings with slash /.
compute child public key by chaining the derivation path from step 2 with
contract base:
m//
compute address
Example:
master private extended key:
xprv9s21ZrQH143K2JF8RafpqtKiTbsbaxEeUaMnNHsm5o6wCW3z8ySyH4UxFVSfZ8n7ESu7fgir8imbZKLYVBxFPND1pniTZ81vKfd45EHKX73
coin type: 0
contract id: 7777777
contract base computation :
derivation path:
m/999'/0'/7777777'
contract base public extended key:
xpub6CMCS9rY5GKdkWWyoeXEbmJmxGgDcbihofyARxucufdw7k3oc1JNnniiD5H2HynKBwhaem4KnPTue6s9R2tcroqkHv7vpLFBgbKRDwM5WEE
Contract content:
foo
Contract sha256 signature:
2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae
Contract partial derivation path:
11302/46187/26879/50831/63899/17724/7472/16692/4930/11632/25731/49056/63882/24200/25190/59310
Contract commitment pub key path:
m/999'/0'/7777777'/11302/46187/26879/50831/63899/17724/7472/16692/4930/11632/25731/49056/63882/24200/25190/59310
or
/11302/46187/26879/50831/63899/17724/7472/16692/4930/11632/25731/49056/63882/24200/25190/59310
Contract commitment pub key:
xpub6iQVNpbZxdf9QJC8mGmz7cd3Cswt2itcQofZbKmyka5jdvQKQCqYSDFj8KCmRm4GBvcQW8gaFmDGAfDyz887msEGqxb6Pz4YUdEH8gFuaiS
Contract commitment address:
17yTyx1gXPPkEUN1Q6Tg3gPFTK4dhvmM5R
You can find the full BIP draft in the following link:
https://github.com/commerceblock/pay-to-contract-protocol-specification/blob/mastebip-draft.mediawiki
Regards,
Omar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170814/73720ef5/attachment.html
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-August/014827.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Potential Information

Potential Information
I'm going to try and demonsrate, in Natural Language, why there is a Revolution occuring in Information Science. The question I wish to Address is: "How much Information is there in a give Container?". As modern Computer Scientists see things, the amount of Information in a given container is precisely the number of possible discrete states of that conainer. So a nibble can be in 16 possibles states, a byte can be in 256 possible states, and so on. I'd to coin the term "Potential Information" and make an explicit Parallel with Potential Energy. So for a byte, the Potential Information is 256. It's interesting that we don't use Units for Potential Information, though it is a well studied concept, if newly named. Conctpetually, we understand the Units as 256 pieces of "Potential Discrete Information", so let us use name the Units pdi.
Let's extend the Parallel with Potential Energy. A Boulder at the Top of a Mountain is said to have a Potential Energy Relative to it's height, weight and the Gravitational Constant that is tranfered to Kinetic Energy if it Rolls down the Mountain. For Argument's sake let us Suppose a Flat Earth, then at the Bottom of the Mountain, the Boulder is said to have Zero Potential Energy (certinaly regarding its Potential to fall under Gravity but but I expect there are other ways Squeeze Enery out of Rock!). In a Computer I would say that a byte in a Switch On Computer is like the Boulder at the top of the Mountain with Maximum Potential Information (256pdi) and in a Switch of Computer, it has Minimum Potential Information.
So here's a Question first of all: "What is Minimum Potential Information?". Let's now do a thought experiment to help aswer the question at hand. Consider the concept of a "Broken Bit"; a bit that is fixed in either the 0 or 1 state and can't be changed. So, Information Theorists? What is the pdi of a Broken Bit? We now a working bit has 2pdi, but do we say the Broken Bit has 1pdi or 0pdi? 1pdi seems reasonable because it has a single Discrete State, but then 0pdi it seems we can't draw any information from it. If 0 is your answer, then I think you've jumped the gun, becuase I never told you what state it was locked in. What if I tell you it is locked in the 1 state? Well certainly we can draw no further information from it, but I say we still have the information that it is in the 1 state. So, I would say that before observation, the bit has 1pdi, but after observation, it has 0 pdi.
Now let us consider another possible unit of Information Measure "Discrete Information" or "di". So what is the di of a Broken Bit? Before we Observe it, we know we are going to read 1 Discrete Piece of information, and afterwards, we have read 1 Discrete Piece of Information. So I would say that the di of a Broken Bit is 1 in any Eventuality.
So you could interpret that as meaning that pdi is Time dependent and di is not Time dependent, which is a reasonable way to look at it. A more precise Way to look at it from a Computer Scientists point of view woud be to say that pdi is dependent on the number of "Reads" or "Potential Reads" where as di is not. This certainly holds for the Broken Bit. But, let us consider a working bit.
Let's get side tracked a bit and analyze a couple of common Computer Science Abstracts: Programs and Operations. Here's a suggestion for the definition of a "Program": A "Program" be an initial value for a container, and a series of well defined operations that manipulate the information of the container.
But this begs the question, what is an Operation... actually there's no obvious answer, it is thought of differently at different levels of the Computer Stack. To a user, Typing in a url and hitting Enter might be thought of as an Operation. The Web-Browser Software Developer, might consider an Operation to flag that the user has clicked in the url bar, an operation to read the string, operation(s) to analyis it, and operation(s) to send it to the DNS server. How about the guy who programmed the "String Read" operation, perhaps Scanf in C. That probably entails rather a few operations in Software alone, though it is a single operation in C. Then how many operations in Hardware were performed in this situation?
Here's a good Analogy for this type of thinking that any programmer will understand. Imagine you meansure Operations number of function calls. So how many operations in a "hello world application"? Well in C, it's One function call (not including main). Ok, but what about in Assembler? Rather a many function calls I would think. Then how did it get on your screen? Imagine the vast quatities of Function Calls that translate printf("hello world"); into a pattern of illuminated LEDs on the screen in a Terminal Window. Beyond that, how about the vast Edifices of Abstractions that lead to these LEDs glowing? Pixels, resolution, then colour of pixel which is represented as four bytes and needs Computer Software to interpret, then convert into a format correct to the monitor, then the monitor probably has more software to apply any colour correction and convert it into an Electrical Charge through some sort of Digital to Analog Converster that will eventually make a pixel glow with a certain colour. So how many operations in a "hello world" program? One could probably write countless Volumes analysing every operation that takes place from the flow of electrons through through Logic Gates, in the CPU, through the interupt mechanism on the chip to read you keystrokes, the abtraction of a bit and the operations of each ALU, the interpretation of the bits at each state of the ALUs computation etc. In fact, I think if you fully Analysed Everything that takes place inside a Computer in writing, compiling and executing a simple "hello world" program on a modern computer, you could probably chart pretty much the entire History of Computer Science.
For a moment, let us consider programs with no inputs, and et me suggest a definition of an Operation that may seem a little left field: "A Single Operation is the Space between two outputs", and "an output is any piece of information that it is a requirement that the program produce to satisfy its operation to the user". Let us assume for a moment that the only output device for a program is a Screen, and we a running a tech demo of the latest video game. As far as the user (i.e. viewer) is concerned, the only output they need is each frame. So long as the frame rate ticks over, the user is happy regardless of what is going on inside the computer. Then, the rate of Operations is Solely Dependent on how often the Screen updates, and 1 Operation takes place in the Computer inbetween each frame under this definition. So why use this seemingly bizarre Abstraction? What I'm seeking is an Absolute Measure of Compute Speed or Proficiency, and it seems to me, it is dependent on the program that is running. I'm sure those ASCII chips for mining bitcoin are dyamite at mining bitcoin, but your not going to get world of Warcraft running on them. I'm not sure you can really compare the Compute Speed of a ASCII bitcoin mining Rig to an XBox to example, certainly not simply by measuring Clock Speed and memory access rates anyway. What would be considered an "output" for a bitcoin miner? Hashrate is the standard measure of a bitcoin miners speed, and it is a most beautifully simple and perfect measure. Considering Compute Speed as "Numer of Operations per Second", then my definition of Operations and Outputs gives the Hashrate on a bitcoin miner. What about when an output is a frame on a Screen? Then on a game tech demo, for example, the Compute Speed would be the frame rate using the definitions I have already give. Again, probably the best know measure of Compute Speed for that type of Software. So perhaps I beginning to hit on a good generaization. I've actually conned you a little bit... in fact, under this definition of an operation as the "space between" outputs, my measure of compute speed of a video game is actually framerate-1 and my bitcoin mining measure is Hashrate-1. Here's another interesting consequence, with framerate, if my Computer is outputing a 30 frames per second, then I am running at 29 operations per second, but if I am running at 59 operations per 2 seconds... Actually very important with this measure of speed, which I'll write about another time. Those that have been studying O-Cycles may well have just spotted a Parallel! I want to consider another type of program also. Some programs (and in my opinion usually wise ones) don't necessarilly seek to operate as fast as possible. Take "metronome" program for example and let an "output" be one metronome "click". If you just tried to run it as fast as possible, you would have hyper speed noisy and irregular metronome. i.e. not really a metronome at all. So what would satisfy the user in a metronome program? Ignoring issues of software design, the main anwer would be accuracy of timing; usually not directly proportional to compute speed. Let us coin a new phrase, "Compute Proficiency" and say that for a metronome, Compute Proficiecy is measured by the accuracy of the metronome's timing. So Compute proficiency could be measured the deviation of the click, from some standar norm. i.e. deviation (perhaps in milliseconds) away from some target timing. Now, in my experience as a skilled bedroom music producer and Computer Scientist, this has precisely no relationship to the clock speed of any electronic/computer musical intrument I use. Consider measuring time in Beats and consider the Cartesian Plane with Time Measured on the x axis and Time Modulus 1 on the y axis. Then the beats will be series of points with y = around the line y = 0. Then we can do all sorts of Statistics to Measure Compute Profiency based on each point's deviation from (0, n) where n is an Integer...
[...a brief digression for those that have been following my other work, if we map the timing of each beat to the Complex Plane as follows: y = time and x = (time modulus 1) + 1/2, then let c = x + yi, then we have a rather recognizable line through the Complex Plane. For a Perfectly accurate Metronome, the line Re(c) = 1/2, i.e. what most think and hope are the Zeros of the Zeta Function... honestly, I'm still investigating whether this is True... I'm pretty sure that either the Sum of 0s divided by the number of Zeros Summed = 1/2 as i o-o, or they are all 1/2. Curiously, for the purposes I like to use this Science for, it wouldn't matter one jot which was True... So far anyway...]
So, if you'll exuse my digression, let's get back to measures of information. So I would propose the following definition of "rate of information": number of discrete pieces of information per output, with output defined per computer program. Let's take an example of Video playing software, and assuming so sound, say it out puts a grey scale image of 1024 x 1024 pixels every 100 milliseconds. Then assuming 1 byte per pixel, the program outputs 1 Megabyte memory per 100 milliseonds. So how much Discrete Information is it outputting per 100 milliseconds? Most people would say 1 Megabyte... How about per second? Again, most people would say 10 Megabytes. Here is how I would analyse the situation. I might say that a Megabyte, in a particular state, would constitute 1 Discrete piece of information (though not the only way of looking at it). Then I might day that the Potential Discrete Information of that Megabyte was 1024 * 1024 Discrete Pieces of information. So I would say the program is outputting at 10 Discrete Pieces of Information per Second- of course this doesn't consider Container Size of the Information. Let's look at it under a different lense, why would I consider 1 Megabyte in a particular state, a single piece of information? We could just as easily see it as 1024 * 1024 Discrete Pieces of Information if we consider the value of each pixel (byte) as a single piece of Information. Finally, I could consider it as 1024 *1024 * 256 Discrete Pieces of Information if we consider each bit individually. Here's a useful Equivolance Relationship:
Assume that the number of bits in a Sub-Container is a Power of 2 and the number of bits in a Container is a larger power of 2.
letting:
S = the Sub-Contain's Potential Discrete Information
C = the Container's Potential Discrete Information
s = number of bits in the Sub-Container
c = number of bits in the Container
then:
S / 2c = 2s / C
This is nothing to Computer Scientists, as Potential Discrete Information is what they usually consider. The above Relation is just a need formalization relating the number of bits and Potential Information in a Storage Container with a Sub-Container. Such as Total RAM to words or words to bytes etc.
Now what if we relate this to Discrete Pieces of information. Considering the situation, it seems that a single output should generally be considered a single Discrete Piece of Information. Then the goal of reducing the memory foot-print of Software Might be to make a Single Piece of Discrete Information have as little Potential Information as possible. How about an example: Consider out video game Tech Demo again, where we considered a single frame to be a single output and found that a single frame had 1 Megabyte of Potential Information. So by standard Information flow calculations, we are outputting information at 10 Megabytes per Second (One frame every 100 milliseconds). Now let's consider another situation, suppose we could stream a the output data to the screen without storing the whole frame. Let's say we could output it in 10 kilobyte chunks every 1 millisecond. Then our rate of information flow hasn't changed, however out memory footprint has reduced 100 fold. I'm still a little Wooly on the notion of an output, but it would now seem sensible to model an output as one of these 10 kilobyte chunks and therefore a discrete piece of information as a single output. So what do we have now:
1000 Discrete Pieces of Information per second 1 kilobyte of Potential Information per Discrete Piece of Information Therefore: 1 Megabyte of Potetial Discrete Pieces of Information per Second...
thus: Speed = pdi di/s
i.e Data Rate = Potential Discrete Pieces of Information per Discrete Piece of Information Per Second
So we may consider di/s purely a measure of speed of data trasfer, without considering size... e.g.
30 or 60 di/s for a 60 frames per second game for example, (treating each frame as 1 discrete piece of information). Then if it is outputting on 1024x1024 screen with 4 bytes per pixel, then we could say the Output Rate of the Game is:
Output Rate = 4Mb * 60 di/s or
Output Rate = 4Mb * 30 di/s
In visual Programs such as Graphical Programs, the di/s is VERY slow in comparison to a CPUs clock speed as humans rarely perceive quality improvements in animation about about 60fps (don't believe anyone who tell you that it's 30fps!).
Now consider the Polar Opposite in Modern Day Computing, a program than generates audio. an audio output device may ouput at 44,100 frames per second (for CD Quality) and the frames will usually be 16 bits for this kind of audio. So, such a pieces of Hardware/Software has the following output rate:
Output Rate = 16bits * 44,100 di/s
So some tell me, what is the Theoretical Minimum Memory footprint for such devices? The Theoretical Minimum is to create a program who's memory footprint is less that or equal to the Potetial Discrete Information Per frame. That doesn't help you with how to achieve this, but you certainly could not beat that minimum. I'm in the process of designing programs that can do this kind of this using the Tick operation.
Now, what's the minimum Discrete Pieces of Information per frame. The Answer is actually very Surpising, even for interesting programs. The answer is 1 bit. Let me explain. EVERY output of a Computer is Analog bar none. Very obviously so in Audio Devices and and old Televisions, but even Digital Information transfer is a Wave that is interpreted Digitally. Now how many bits does it take to produce a Wave? Well let's say I flick a bit at 500Hz and output it down a cable and send it into an Amp. Then I've just created a 500Hz Square Wave and I didn't need any software to Store anything, interpret what was stored, convert to packets, decode and send to the audio device. I wont speak much more about this now because I lack the Language of an Electrical EngineeEnergy Scientist to Describe my supositions, but one thing I do know, from an information persective, is that you can generate a Vast Quantity of Waves simply by flicking a single bit with the correct timing and sequence. Finally, when it gets to the point of directly outputting an Analog Signal direct from Code, what does this Discrete Pieces of Information per Second thing mean that I'd talking about earlier? You might say that the speed was the rate at which we flicked the bit, which is probably reasonable, but by the same token, the output itself does not have a discrete quality if it is a smooth Wave...
Here's the idea... you know those ugly annoying Computer Noises that sometimes leak from Speakers, like the Insidious Machinations of some Digital Monster? That is the Amplified noise of a Computer's Brain Pattern. We send that brain Data, our Digital Firend Mulls it over using His/Her Digital Brain Wave, then sends us back data. My thinking is to try to manipulate the Computer's Brain Waves Directly, then Amplify the result to use for whatever purposes...
Finally, what happens if you amplify the signal of [a] bit[s] ‘ticking itself in an O-Cycle? That’s kind of where I’m going with this...
...hmmm... Mysterious...
Nishikala
submitted by PotentiallyNishikala to mathematics [link] [comments]

bitcoin wallet - bitcoin for beginners - learn how to mine ... A simple Format String exploit example - bin 0x11 - YouTube How to Trade Bitcoin using MACD Crosses on BITSEVEN - Beginner Tutorial Unbekannte oder ungültige Adresse bei Bitcoin? Adressformate (Legacy & Segwit). Nano S 1.6.0! Using a custom format to parse numeric strings - YouTube

So I have converted an NSURL to a String.So if I println it looks like file:///Users/... etc.. Later I want this back as an NSURL so I try and convert it back as seen below, but I lose two of the forward slashes that appear in the string version above, that in turn breaks the code as the url is invalid.. Why is my conversion back to NSURL removing two forward slashes from the String I give it ... I am trying to use String.Format to help with building a URL that will hold a parameter from a local variable. I think i'm close, but not sure where to go from here. Thanks, Jason string link=st... Bitcoincharts is the world's leading provider for financial and technical data related to the Bitcoin network. It provides news, markets, price charts and more. 3. Providing API Url: The API Url is provided by the getUrl method. The simplest implementation is to just return the URL field. Sometimes, the Url requires some additional parameters (like currency names) - then you have to provide them using String.format() method. See examples below: Example without parameters: Executes a CURL request to bitcoin ticker APIs, gets the JSON reply, formats it as an output string - Bitcoin.ticker.php

[index] [21123] [16442] [10735] [28143] [44466] [18178] [11435] [46503] [49043] [2989]

bitcoin wallet - bitcoin for beginners - learn how to mine ...

An introduction to the Bitcoin JSON-RPC tutorial series. BTC: 1NPrfWgJfkANmd1jt88A141PjhiarT8d9U Meet this Bitcoin Trader who Says BITCOIN Price could hit $2500 as he introduces us to GANN THEORY! - Duration: 1:02:42. Jim of All Trades 1,566 views Bitcoin explained and made simple Guardian Animations - Duration: 3:25. The Guardian 1,635,517 views. 3:25. Former CIA Officer Will Teach You How to Spot a Lie l Digiday - Duration: 47:47. ... Das Legacy Format, welches in der Regel mit einer eins (1.....) beginnt. Dies ist das erste Adresse-Format seit es bitcoin gibt. Dies ist das erste Adresse-Format seit es bitcoin gibt. 2. HOW TO BUY BITCOIN 2019 - EASY Ways to Invest In Cryptocurrency For Beginners! Get $10 of free Bitcoin when you buy or sell at least $100 of cryptocurrency o...

#