181
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 17, 2015, 03:52:13 pm »
@rgcrypto, we are aiming for mid-february.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
182
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 13, 2015, 06:21:02 am »Thank you ElMato. So until [1] is resolved, there is a potential for a 'man-in-the-middle' attack? What vulnerability is there without [1] resolved?
No, MITM attacks are not possible since we are talking with an https service.
Put in another way, we have the same risk as a the Coinbase wallet.
The vulnerability until [1] is resolved will only arise if our api server is compromised.
But even in that case the attacker can't steal your private keys, he can only modify the destination of your transaction.
Remember the server doesn't know about your private keys, he only knows your public keys.
[1] will be soon added to the client.
183
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 11, 2015, 05:29:32 pm »How much trust is involved with using a central server? What kind of vulnerabilities are exposed with this?He's basically running an api server. Unless the wallet itself is malware and sends him the private keys all the server is doing is processing signed and encrypted transactions.
Brilliant.
Sent from my Timex Sinclair
@fluxer555 i find your concerns very important because those are the same questions i ask before using any kind of wallet.
So let me explain a little more how the wallet works.
As far as i know, every BitShares lightweight client will need the assistance of a central server.
The alternative will be to implement something like this
https://blog.ethereum.org/2015/01/10/light-clients-proof-stake/
in the core.
Mobile wallet
1) The first time the client runs private keys are generated in the phone.
(in Android we use bitcoinj => SecureRandom [with PRNGFixes], basically /dev/urandom)
(in iOS we are using CoreBitcoin => /dev/random)
2) Every time the client wants to make a transaction he asks the server something like this.
- I want to transfer 10 USD from A,B,C to Z
3) The server returns an UNSIGNED transaction [1] that fulfills the client requirement (10 USD to Z)
4) The client using his local private keys signs the transaction, and ask the server to forward it to the network.
This is the basic usage.
[1] The client is NOT validating yet that the transaction built by the server is in fact what i asked the server to do.
If the server is compromised and we have [1] resolved, there is no much harm that an attacker could possible do in terms of stolen funds. (Of course it will disrupt normal operation)
The code is open, so you can take a look at it and build your own binaries if you don't trust ours!
184
Stakeholder Proposals / Re: Delegate Proposal: Mobile Wallet - elmato
« on: January 09, 2015, 08:24:10 pm »
Hi everyone!
We have been elected!!
I want to thank everyone in this thread for the support and to everyone who has voted, really i don't have much to say, i just want to focus on the development to speed up the release cycle, so going back to work.
Thanks again to everyone!
We have been elected!!
I want to thank everyone in this thread for the support and to everyone who has voted, really i don't have much to say, i just want to focus on the development to speed up the release cycle, so going back to work.
Thanks again to everyone!
185
General Discussion / Re: Are we forking?
« on: January 09, 2015, 02:34:04 am »Ok, it seems that we are NOT forking at a global level.
But, the node in the server continued doing the same until i deleted peers-db and restarted.
Now its staying on the main chain (100% delegate participation).
The question is, how is possible that a node in a minority fork force my node to switch to that invalid fork?
I was in the main chain!!
It happened to me once and the client (v0.4.27.2) managed to get back to the main chain without restarting... . (if you had v0.4.27 It would be definitely worst...you would stay on the minority fork)
edit:
from skype group: "BitShares | Delegates Coordination"
Saturday, December 20, 2014
[11:26:16 AM] Emil Velichkov: as we saw even 0.4.27.1 forks occassionaly (even if it corrects itself)
[11:26:27 AM] Emil Velichkov: it is possible for a fork to be kept alive by delegates on prior versions
[11:26:32 AM] Dan Notestein: that doesn't necessarily indicate a bug, however
[11:26:48 AM] Emil Velichkov: well the issue with the users is that they cannot be sure if they are on a fork or not
[11:27:06 AM] Dan Notestein: a working client can temporarily move to a fork if it doesn't have all the info from each side of the fork
[11:27:10 AM] Emil Velichkov: how could one spend money if he cant verify he is on the right fork ?
[11:27:30 AM] Dan Notestein: you can tell if you're on the right side of the fork by your delegate participation
Thanks liondani.
What we are going to do is don't allow any transfer/buy/sell if we are below 90% delegate participation rate.
186
General Discussion / Re: Are we forking?
« on: January 08, 2015, 06:34:44 am »
Ok, it seems that we are NOT forking at a global level.
But, the node in the server continued doing the same until i deleted peers-db and restarted.
Now its staying on the main chain (100% delegate participation).
The question is, how is possible that a node in a minority fork force my node to switch to that invalid fork?
I was in the main chain!!
But, the node in the server continued doing the same until i deleted peers-db and restarted.
Now its staying on the main chain (100% delegate participation).
The question is, how is possible that a node in a minority fork force my node to switch to that invalid fork?
I was in the main chain!!
187
Follow My Vote / DemocracyOS + VOTE?
« on: January 08, 2015, 12:34:17 am »
Is there a PDF/Paper or something that exactly says what VOTE will do?
I can introduce BitShares and VOTE to the creator of DemocracyOS (that happens to be a Bitcoin advocate) and i think the concept of voting in a blockchain could be the spearhead.
I can introduce BitShares and VOTE to the creator of DemocracyOS (that happens to be a Bitcoin advocate) and i think the concept of voting in a blockchain could be the spearhead.
188
General Discussion / Are we forking?
« on: January 08, 2015, 12:04:32 am »
- Desktop node was in a 100% delegate participation chain.
- Server node was in a low participation chain (about 12% or 0.12% don't remember well), 2hs behind.
I wanted to get in the main chain again, so i added hosts listed (in the client) by network_get_peer_info to the server.
Quickly the server was again in the main chain (info returned 100% participation rate)
But suddenly the participation rate started to drop (in the server).
As i'm writing this is at 66% and going down.
Last block in the server 1466059.
Last block in the client 1466114.
--- update
Participation rate in the server node stopped at ~61%.
Added a new node to the server and we are back on the main chain ... :|
- Server node was in a low participation chain (about 12% or 0.12% don't remember well), 2hs behind.
I wanted to get in the main chain again, so i added hosts listed (in the client) by network_get_peer_info to the server.
Quickly the server was again in the main chain (info returned 100% participation rate)
But suddenly the participation rate started to drop (in the server).
As i'm writing this is at 66% and going down.
Last block in the server 1466059.
Last block in the client 1466114.
--- update
Participation rate in the server node stopped at ~61%.
Added a new node to the server and we are back on the main chain ... :|
189
General Discussion / Re: The Future of Crypto Currency Exchanges [BLOG POST]
« on: January 06, 2015, 06:04:19 am »
Great post! and nice timing also.
I published it in the Argentina Facebook Group and engaged in some discussions.
I know that the post was mainly to gain attention and to show what Bitshares is ... but if centralized exchanges becomes mere gateways, how we discover the price of BTS?
Inside the bitUSD/BTS book?
I published it in the Argentina Facebook Group and engaged in some discussions.
I know that the post was mainly to gain attention and to show what Bitshares is ... but if centralized exchanges becomes mere gateways, how we discover the price of BTS?
Inside the bitUSD/BTS book?
190
中文 (Chinese) / Re: 安卓版手机钱包测试报告2 (Andoid mobile wallet test round 2 )
« on: January 06, 2015, 03:19:17 am »今天是圣诞节,祝海外的外国朋友圣诞快乐,祝比特股的关注者圣诞快乐。
首先在这谢谢作者的30bitcny,谢谢社区的200bts奖励,谢谢翻译君的翻译,我会持续测试手机钱包。
说明:上一个测试帖子中,4.1内容的翻译理解错了我的意思,我说的点击返回键是指点击手机的通用返回键,而非软件顶部的“<”这个返回图标,点击返回图标是没有问题的,这个是我没有表述清楚,十分抱歉,请帮忙改正一下。
https://bitsharestalk.org/index.php?topic=12597.0
因为有了作者给我的bitcny,我又测试了一遍,有以下几个体验不是很好的地方:
1)在主页,金额和交易记录是你账户中默认选择的货币,现在我默认选择的是cny,但是如果有人给我发送了usd,我能知道吗?如果按照现在的设计,我希望在货币页面,在每种货币后面能显示该货币的金额,以便我能知道我的资产到底有哪些,又分别有多少。
2)发送的资金的时候,能不能附带消息
3) 交易细节中,数量没有值。
4)地址本的地址可以添加到收藏夹,但是没有找到收藏页面。
5)现在备份钱包加密后显示的是钱包的json文件内容,然后可以对内容进行复制和分享。我认为这不是一种很好的体验,非程序员的普通用户对json文件的内容是不理解的,也不知道是json格式,或者他还可能误删除一些json内容。我认为应该保存json文件到手机中,直接显示json文件名和存储地址,并且可以查看json文件内容。这样普通用户就知道钱包就是一个json文件。
同理,恢复钱包也应该是导入json文件,而不是粘贴json文件的内容,因为粘贴还有粘贴内容不完全的可能性。我认为导入json文件是更便利的,也和bts客户端的操作一致。
6)首页显示的金额就是所有账户的默认货币金额总和,以cny为例,我的账户默认选择的是一个没有cny的地址,发送转账依然能成功,交易详情显示是从有钱的地址发出的。我觉得这种方式也可以,但是当转账的地址没钱而扣其他地址的时候应该提示一下。
7)在账户页面,可以创建多个地址,每个有钱的地址应该显示所有资产金额(各种货币金额)。首页进来获取数据失败后无法再次刷新。
Translation :
Thanks for the 30 BitCNY that ElMato sent me . Thanks for the 200 BTS the community tipped me . Thanks for the translation . I’ll continue to test the mobile wallet .
https://bitsharestalk.org/index.php?topic=12597.0
In the thread above (section 4.1 ), I actually meant the “return” function on the android tray instead of the “<” button on top of the mobile wallet .
After I received the BitCNY that ElMato sent me , I performed another test . This are some issues in the design that affects the user experience .
1)I want to know the exact amount of each currency that I own in the currency page .
2)There should be a Memo available when transferring funds .
3) There is no specific amount in the “transaction detail” .
4)I can add the address from the address book to “favorite” , but I couldn’t find this “favorite” anywhere .
5) There should be a .json file when dealing the json instead of providing bunch of “json content” that none of the ordinary users would feel easy to use . Import and export the .json file , plain and simple .
6)The balance displayed in the main page is the total amount of default currency belong to all of the accounts .
If you have several account , such as a , b and c , only c has money . If you choose a to pay , it would automatically charge the c account to transfer the fund . That seems reasonable to me , but may be there should be a hint before doing that ? Or let the users decide if they want to do it this way ?
7) Multiple address can be created in the “account” page . There should be a detailed balance of all kinds of funds of those address displayed in that page if the address wasn't empty .
Dear 小宝马2014,
Thanks again for your review!
Its very helpful for us to have this kind of feedback.
Again, we are aware of most of the issues you mentioned but anyway let me address some of your points.
2)There should be a Memo available when transferring funds .
When sending non-TITAN transactions (As we are doing today), its not possible to specify a memo.
4)I can add the address from the address book to “favorite” , but I couldn’t find this “favorite” anywhere .
True. They will show first when you click in the "Address book" icon in the "Send" windows.
6)The balance displayed in the main page is the total amount of default currency belong to all of the accounts .
If you have several account , such as a , b and c , only c has money . If you choose a to pay , it would automatically charge the c account to transfer the fund . That seems reasonable to me , but may be there should be a hint before doing that ? Or let the users decide if they want to do it this way ?
This is a great point.
What we are going to do (i don't know if it will be by-default) is let the user choose from which accounts he wants to withdraw in order to fulfill his transaction.
This will allow the user to not mix their source accounts giving him a way to enhance their privacy.
This issues will be addressed in alpha-4.
More news soon as we are working in the alpha-3 version.
Thanks again!
For everyone that is reading this and want to support us, please vote for our 100% pay delegate!
delagate name: elmato
https://bitsharestalk.org/index.php?topic=12494.0
191
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 05, 2015, 09:44:54 pm »@Rune in the beta version you will be able to register your name as soon as you install the app. @dargonar is working on it right now.
Sounds great, is the free registration through faucet.bitshares.org?
Also do you have any ideas for how to link identities in the future? Users will want to have the same hot account on both their laptop and their phone. I was thinking maybe simply sharing private keys by scanning a QR code on the windows client. But I guess there's an even bigger issue that it's difficult to sync between several clients.
Maybe you could simply register separate names under the same top level name for each device, like laptop.username, mobile.username, coldwallet.username. Then they could have separate keys but stay unified for bitshares login. I actually like this also because it would make for excellent 2 FA security if you have a multisig address that requires signature from both laptop.username and mobile.username.
There was a discussion about how mobile/laptop clients would sync for bitshares login in the thread on reddit and I've been thinking about it since because it's an area where all other local authentication systems have failed in the past, including bitID.
No, the registration wont go through faucet.bitshares.org.
We will pay it from our own BTS funds.
- Regarding identities, login, wallets, etc.
We also have in mind the "scan private key" to load your identity in the mobile wallet.
But as you know, the wallet isn't just the identity of the user.
The wallet keep track of many things.
- Unspent balances.
- Destination names of TXs you have made.
- Etc, etc.
The ideal approach (ideal != best) will be to have something like Ripple's Blob Vault (+reliable, +distributed).
Then, with your identity (signature) you get all your wallet information that is stored encrypted.
But the software wallet has to sync it every time there is a change …
We need to think more about this … but for the time being we will let to the user the responsibility to backup his wallet. (We will do automatic backup [as the desktop wallet], but the user need to upload it to a safe place or backup to his dropbox/gdrive folder)
192
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 05, 2015, 09:22:20 pm »- iOS testing
We will be using testflightapp.com to test the iOS version, so if you want to help us test follow the instructions in this link.
http://tflig.ht/1vUyctu
Just requested access to the beta. Is this a live functioning app, with real funds?
Yes it is, its an alpha version, so don't put significants amount of money in it.
193
General Discussion / Re: Mobile Wallet - Testers needed
« on: January 05, 2015, 09:01:11 pm »
Hi everyone, we are getting back from the new year holidays, i wish everyone here a happy 2015.
Im posting to update everyone were we are at the moment.
- Delegate election.
I want to thank everyone who has voted so far, we are in the middle (~3.6% -> 7.5% to position 101) of the necessary votes to being elected and if you haven't voted yet you can do it now!
(BTW: is there a simple tutorial on how to vote?, something like http://bytemaster.bitshares.org/tutorial/2015/01/03/How-to-Register-a-BitShares-Account/ ?)
- What we have done before new year.
* We have moved all the crypto stuff from JS to "native" (with a cordova plugin), the performance gain has been notable in Android.
https://github.com/latincoin-com/cordova-plugin-bitwallet
* We started to use the latest version of the UI framework that (i hope) will enhance the experience thanks to the improvements in view transition and caching system.
- What are we working now.
* Moving to latest UI framework.
* Backend infrastructure for BTC <-> bitUSD
* User account registration.
- What is next.
* Design / Usability / Navigation improvements.
* Backend optimization (using new api call from bitshares daemon)
(I have a pending task that its o make the roadmap available for everyone to see)
- iOS testing
We will be using testflightapp.com to test the iOS version, so if you want to help us test follow the instructions in this link.
http://tflig.ht/1vUyctu
Im posting to update everyone were we are at the moment.
- Delegate election.
I want to thank everyone who has voted so far, we are in the middle (~3.6% -> 7.5% to position 101) of the necessary votes to being elected and if you haven't voted yet you can do it now!
(BTW: is there a simple tutorial on how to vote?, something like http://bytemaster.bitshares.org/tutorial/2015/01/03/How-to-Register-a-BitShares-Account/ ?)
- What we have done before new year.
* We have moved all the crypto stuff from JS to "native" (with a cordova plugin), the performance gain has been notable in Android.
https://github.com/latincoin-com/cordova-plugin-bitwallet
* We started to use the latest version of the UI framework that (i hope) will enhance the experience thanks to the improvements in view transition and caching system.
- What are we working now.
* Moving to latest UI framework.
* Backend infrastructure for BTC <-> bitUSD
* User account registration.
- What is next.
* Design / Usability / Navigation improvements.
* Backend optimization (using new api call from bitshares daemon)
(I have a pending task that its o make the roadmap available for everyone to see)
- iOS testing
We will be using testflightapp.com to test the iOS version, so if you want to help us test follow the instructions in this link.
http://tflig.ht/1vUyctu
194
General Discussion / "distributed/redundant/reliable privacy preserving message bus"
« on: December 31, 2014, 08:19:44 am »
https://twitter.com/jonmatonis/status/549976223980744704
https://www.cryptocoinsnews.com/stealth-payments-create-anonymous-bitcoin-transactions/#comment-1764405685
I think this is what we are achieving with BitShares Mail.
Maybe someone more fluent can comment best or upvote.
https://www.cryptocoinsnews.com/stealth-payments-create-anonymous-bitcoin-transactions/#comment-1764405685
I think this is what we are achieving with BitShares Mail.
Maybe someone more fluent can comment best or upvote.
195
中文 (Chinese) / Re: 安卓版bts手机钱包测试报告(Translation:Test result for Android BTS wallet)
« on: December 24, 2014, 09:44:34 pm »
@cn-members, thanks for the quick translation!!
@small BMW 2014
Thanks for the app review, we are aware of the bugs+enhancements you mention and they will be fixed in next releases.
30 bitCNY has been sent to you address BTSEjZpZX4etq7Xy1pSeUMFfFjj3wAGYiRoW as a tip and for you test send/receive.
Thanks!
@small BMW 2014
Thanks for the app review, we are aware of the bugs+enhancements you mention and they will be fixed in next releases.
30 bitCNY has been sent to you address BTSEjZpZX4etq7Xy1pSeUMFfFjj3wAGYiRoW as a tip and for you test send/receive.
Thanks!
