Bitcoin Forum
May 09, 2016, 01:08:11 AM *
News: New! Latest stable version of Bitcoin Core: 0.12.1 [Torrent]
 
  Home Help Search Donate Login Register  
  Show Posts
Pages: « 1 ... 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 [79] 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 »
1561  Bitcoin / Development & Technical Discussion / Re: [PATCH] UPnP on: March 14, 2011, 08:33:25 PM
So every bitcoin connection must use asymmetric cryptography and conform a so-called normal distribution. Or else everyone will be statistically detected and...

Preventing that type of statistical network analysis attack is what Tor and i2p are for.  If you require that level of anonymity, run bitcoin via a proxy to communicate over those networks.
1562  Bitcoin / Development & Technical Discussion / Re: Wallet import/export: bitkeys format on: March 14, 2011, 05:21:35 PM
I'd suggest using a standard, existing format instead of inventing a new one.

Either get rid of the version number and do standard CSV:
Code:
91iwnurxhWmDF9gqwc4CbuLCB4HxuMXf5B2vEhTPDftY3rkMgDY,10806,moura6ybHvwzMtrWdyqiEN6n2mMakf8HxD,"50.01 BTC"
92JsNVMJgG4RiC2ARxpduJp8DXKgdDMj9WREE5jo66Hg8UMdr3L,10870,mmFPR1oaDExBfJqpRohWBvbE2aCg86Kwcx,"0.00 BTC"
 ... etc (always 4 columns)

Or maybe .ini-format, with each private key a different section:
Code:
version=1
[91iwnurxhWmDF9gqwc4CbuLCB4HxuMXf5B2vEhTPDftY3rkMgDY]
block=10806
publickey=moura6ybHvwzMtrWdyqiEN6n2mMakf8HxD
amount=50.01
[92JsNVMJgG4RiC2ARxpduJp8DXKgdDMj9WREE5jo66Hg8UMdr3L]
block=10870
  ... etc
(bitcoin already contains .ini-file-parsing code, from boost)


I think there are lots of advantages to using an already-standard file format.
1563  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 14, 2011, 05:13:56 PM
PHP 5.3.3. on my mac gives:
Code:
object(stdClass)#1 (1) {
  ["e"]=>
  float(5.01)
}

Please be specific about what platform you're running on, what version of PHP are you running, are you running with a standard php.ini or have you tweaked it, etc.
1564  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 14, 2011, 11:55:07 AM
It does not work that way ..  printf("%.8f") behaviour is inconsistent across platform. If you don't believe, try

Code:
printf("%.2f", -999.04)

-- some platform give  -999.03, some give -999.04.

I tried it... got -999.04 on my Mac and Linux machines.  What platform gives the wrong answer?
1565  Bitcoin / Development & Technical Discussion / Re: Bitcoin "From" address, can i change it? on: March 13, 2011, 12:19:24 AM
As far as getting started, I'd like to see a sticky walking through the steps to create a pull request. But yeah, you can check out from sourceforge using svn, get your changes working, and post the output of svn diff as a patch.

Sticky for creating a pull request:  good idea.

JollyGreen: if you know, or are willing to learn, git then working from the git repo ( https://github.com/bitcoin/bitcoin )is smoother.  github has built-in support for turning a development branch into a pull request.
1566  Bitcoin / Project Development / Re: Bitcoin.org Redesign (mockups inside) on: March 12, 2011, 11:58:31 PM
Who's that woman:
  Anna Lee

I don't know nuthin 'bout changing video default images.

If anybody does, I'd be happy to replace or tweak the link to the video at bitcoin.org.

1567  Bitcoin / Bitcoin Discussion / Re: How to prove that the sender for a payment was truly me? on: March 12, 2011, 08:27:32 PM
Let's say there is a scenario where I am one of two different people who claim to be responsible for sending bitcoins for a purchase.  How could I prove to the merchant that those bitcoins came from my wallet and nobody else's?

Something like this is possible (I've been thinking about doing it, although I have higher priority things on my TODO list):

  • Sophisticated user runs a tool on her computer that, giving the bitcoin address payment was sent to and "here's a description of me or what I paid for" string.  Tool looks in the wallet.dat and figure out which keypair(s) were used to pay.  Then it does some openssl magic and exports a file that contains the string, the public keys and ECDSA signatures using the private keys of the "description of me or what I paid for" string.
  • Sophisticated user uploads that file to a "Prove I Paid" website, which checks the signatures and adds info to the database.
  • Unsophisticated user goes to website and pastes the receiving address.  The public key corresponding to that address is looked up, and all the "here's a description of me or what I paid for" strings for that public key are shown.

bitcointools+openssl (see grondilu's thread about "a shell-script implementation of bitcoin) are enough to do all all the public/private key, file-creation, and signature generation/checking stuff.
1568  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 12, 2011, 05:35:32 PM
All serious institutions (like banks) never use floats for currency calculations because they know the dangers.
If we want to be seen as "serious", float is not an option.

You know, I was looking at the PayPal payment API yesterday, and $1.01 is sent as... 1.01

"transmitting" != "calculations"
1569  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 12, 2011, 04:12:07 PM
Then we can make nAPIVersion 0.5 supporting the int64 with appended .0 as luke-jr has done in his gitorious branch.

That's just dumb.

If the problem is jsonrpc-supporting-environments that don't support double-precision floats, then multiplying and slapping a zero on the end won't fix the problem-- you'll just either lose precision as it gets squeezed into a 32-bit float or get a 32-bit-integer-overflow error.

1570  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 12, 2011, 03:24:51 PM
Is there a PHP implementation that does not use double-precision floating point?
After doing a little googling I couldn't figure out the answer to that.  I will be MUCH more sympathetic to changing the JSON-RPC api if there is.

And mizerydearia:  re: the witcoin issue:  You say:
"I see the transaction as 0.94 However, http://json-rpc.org/ retrieves the data as 0.93999999999999994671"

So why when you display that value are you truncating it instead of rounding it to 8 decimal places?
For example:
Quote
> php -r "printf('%.8f', 0.94);"    #CORRECT
0.94000000
> php -r "printf('%.16f', 0.94);"   #WRONG
0.9399999999999999

... or to convert to an integer-number-of-base-unit:
Quote
> php -r '$val=0.94; printf("%d", round(1e8*$val));'
94000000

All of that assume that your php support double-precision floating point, which brings me back to my question:  are there any php implementations that do not?
1571  Bitcoin / Development & Technical Discussion / Re: [PATCH] UPnP on: March 12, 2011, 03:21:44 AM
It seems reasonable to me to start with UPnP disabled by default.  As long as enabling it in the client is easy enough to do, the network will benefit because some nodes will "opt-in" that wouldn't have before.  We can change the default later, after we gain more confidence about remote vulnerabilities.

Who knows enough about wxWidgets to add a checkbox to the Settings UI for "Enable UpNP" (grayed out #ifndef UPNP...)?  Wanna coordinate with BlueMatt to get that done?
1572  Bitcoin / Development & Technical Discussion / Re: [REVIEW] Name lookup branch (bitcoind send genjix@fishysnax.com 99999) on: March 12, 2011, 03:18:58 AM
Seems like this feature doesn't need to be part of the RPC interface-- why not just (ignoring error handling/etc) do the equivalent of:

Code:
ADDRESS = $(curl https://fishysnax.com:443/path/to?id=genjix)
bitcoind sendtoaddress $ADDRESS 1

... from whatever code is calling the RPC?

1573  Bitcoin / Development & Technical Discussion / Re: [REVIEW] Name lookup branch (bitcoind send genjix@fishysnax.com 99999) on: March 12, 2011, 01:31:50 AM
I had the impression the roadmap called for a BitDNS-like decentralized mapping system, since Gavin asked to map "strings" to addresses. Maybe I misunderstood.

In my head I was imagining a way of telling bitcoin to subscribe to some service(s) that did the mapping-- maybe a setting in the GUI where you could specify "use these six services, in this order, to try to resolve bitcoin addresses that aren't plain-old-bitcoin-addresses."  With the services specified by name+URL (and some standard REST-ful protocol was defined for mapping string to bitcoin address).  Or maybe name+pattern+URL.

I haven't looked at genjix' patch, and haven't thought deeply about security issues-- but I bet there are lots...

1574  Bitcoin / Development & Technical Discussion / Re: why JSON RPC values not use INT64 instead of float string? on: March 11, 2011, 09:17:22 PM
PHP solution: write/maintain my own JSON parser.

Why can't you just multiply the numbers by 1.0e8 and then round to the nearest integer?  That integer WILL ALWAYS BE EXACTLY RIGHT (assuming you're not running PHP on some really weird hardware).

According to the PHP manual:
Quote
The size of a float is platform-dependent, although a maximum of ~1.8e308 with a precision of roughly 14 decimal digits is a common value (the 64 bit IEEE format).

I added a Python JSON-RPC library example on the Proper Money Handling wiki page.
1575  Bitcoin / Bitcoin Discussion / Re: Changes to the Bitcoin Faucet... on: March 11, 2011, 05:31:09 PM
Gavin, you should make it much more obvious about how to give back to the Faucet.  In the end I had to click to (try to) get another .05 BTC, at which point it said I had already gotten some, but if I wanted to I could give back to a specific address, which I assume is the Faucet.  Is it ok to post it here for confirmation?

The Donate: address is hiding down at the bottom of the page:  15VjRaDX9zpbA8LVnbrCAFzrVzN7ixHNsC
... and I just updated my forum signature, too.
1576  Bitcoin / Bitcoin Discussion / Re: Incentives (and an idea) on: March 10, 2011, 07:00:39 PM
I think you have an incorrect assumption in your argument:  what makes you think there will be a high variability in block rewards (because they're mostly fees) 40 years from now?

Assuming bitcoin is still around in 40 years, there should be at least tens of thousands of transactions per block, and with that many transactions sum(fees) should be pretty darn stable.

1577  Bitcoin / Development & Technical Discussion / Re: Threat Analysis and Possible Mitigation of a Sybil Attack on: March 10, 2011, 06:56:51 AM
And I dont know how you'd be able to detect that you were being attacked if an attacker simply controlled a large % of the connectible peers. (which reminds me you could actually control 75% of the current network with just 1500 ips because only about 500 peers are connectible)

Well, imagine an attacker did manage to surround your node.
What can they do?

a) Dropping outgoing transactions-- a send-coins denial-of-service.
b) Dropping incoming transactions-- a 0-confirmation-receive-coins denial-of-service

Can these be exploited somehow to the attacker's advantage?  Maybe if attacker and attackee were competing on a bidding site or the site being attacked was a bidding site and the attacker wanted to squash competing bids.  Rounding up thousands of IPs to try to get a better deal on biddingpond hardly seems worth it.  And an old-fashioned DDoS attack can probably take out any one particular node anyway, with or without bitcoin involved.

c) Dropping new block announcements (that would be a 1+-confirmation-receive-coins DoS)
d) ... and maybe feeding the attacked node attacker-generated blocks

(d) is more serious, because the attacker could generate bogus N-confirmation transactions.  But it should be detectable; assuming the attacker doesn't have as much hashing power as the rest of the network, blocks will be generated much more slowly (either much more slowly after the last compiled-in block checkpoint if you're downloading the block chain, or much more slowly since the last time your node connected to the network).
1578  Bitcoin / Development & Technical Discussion / Re: Threat Analysis and Possible Mitigation of a Sybil Attack on: March 09, 2011, 10:03:54 PM
RE: 25 outbound connections instead of 8:

If I recall correctly (and I probably don't), the percentage of nodes currently on the network that are accepting incoming connections and the -maxconnections limit isn't great enough to support every node trying to make 25 outbound connections.

The major merchants and exchanges should accept incoming connections, so they have many more than 8 connections.  That will make them basically immune to Sybil attacks (e.g. the Faucet has 55 connections right now).

I like the idea of major merchants and exchanges (also) communicating with each other over an invitation-only, trusted "backbone."  That would be in addition to the mostly-randomly-connected p2p network we have now, not instead of it.

I'm concerned about Sybil attacks as a denial-of-service technique (attacker "surrounds" an 8-connection node and then drops all of their transactions just because they can).  Randomly disconnecting and re-connecting seems like a good approach.

Detecting that you're being subjected to a Sybil attack seems like it might also be a good approach.  You don't really care if you're seeing a bogus version of the block chain unless you're in the middle of confirming one or more transactions; perhaps if transaction confirmation is taking significantly longer than expected the client should find some fresh peers.
1579  Bitcoin / Bitcoin Discussion / Re: Incentives (and an idea) on: March 09, 2011, 09:36:29 PM
Making the fee transaction depend on the block's coinbase would run afoul of this code in CTransaction::ConnectInputs:
Code:
            // If prev is coinbase, check that it's matured                                                                                                         
            if (txPrev.IsCoinBase())
                for (CBlockIndex* pindex = pindexBlock; pindex && pindexBlock->nHeight - pindex->nHeight < COINBASE_MATURITY; pindex = pindex->pprev)
                    if (pindex->nBlockPos == txindex.pos.nBlockPos && pindex->nFile == txindex.pos.nFile)
                        return error("ConnectInputs() : tried to spend coinbase at depth %d", pindexBlock->nHeight - pindex->nHeight);

... and the entire block would be rejected as invalid.  Which is a good thing, otherwise miners could get around the "no spending newly minted coins for COINBASE_MATURITY blocks" rule.
1580  Bitcoin / Development & Technical Discussion / Re: Bitcoin API on: March 09, 2011, 07:18:53 PM
1) bitcoind - I think this might be the same as configuring bitcoin to run as server. I believe it uses an RPC API to run transactions from the command line.
Pros: Everything stays on my server
Cons: I have to find a server that will let me compile and install this, rather than just some PHP/MySQL farm in the cloud, which is what I prefer

You can run the front-end on one server and the back-end on another (and communicate via JSON-RPC over HTTPS).  That's how I'm able to run the Faucet and ClearCoin on Google's App Engine (they talk with bitcoind processes running on linode.com and aws.amazon.com servers).  bitcoind doesn't take much memory, bandwidth, or CPU (just don't turn on coin generation), so, for now, anyway, you can even use an Amazon "micro" server (which costs something like $100 per year).

I'm not selling anything so can't comment on the shopping cart interfaces.  Screen-scraping web pages is a bad idea for lots of reasons.
Pages: « 1 ... 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 [79] 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 »
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!