Keccak hashing algorithm (SHA-3) - Keccak Coins and miner

QuarkCoin Cryptocurrency

Quark is a decentralized digital monetary system. It facilitates sending Quarks to Friends, Family Members Online Payments free of charges and charge-backs. Military Grade Encryption. No Bank or Government Control. Quark coins are based on the original idea of Bitcoin but improved, more secure, faster transaction times and zero fees. With improvements to design and security. There is also a greater coin supply with higher block rewards for miners. Quark is fully Open Source.
[link]

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?
Dear Crypto community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Image from Github
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:
  • Security - DASH X11 - Most cryptographic algorithms used in cryptocurrencies use only one hash function for calculation. There are 11 of them in X11, which provides a higher degree of protection against hackers and scams. Waltonchain has customised the DASH X11 hashing algorithm to fit their purpose.
  • More secure than Bitcoin. The Bitcoin algorithm is SHA-256 is based on a previous secure hash algorithm family of standards, namely SHA-2, the hash functions within the X11 algorithm all successfully made it into the second-round in search for a new, more secure standard — SHA-3. Keccak, the function which won the competition and is therefore the new standard on which SHA-3 is based on, can at the very least be considered more secure that SHA-256.
  • Efficiency — Waltonchain have produced ASICs with the equivalent hashing power of 200GPUs (32–40kW) whilst using only 135W, thus helping the parent chain become decentralised
  • PoS aspect works in tandem with PoW, in that it adds a reduced difficulty based on number of coins held and time between blocks. Effectively the longer coins are held and the longer the time between blocks, the lower the difficulty for mining blocks. This again enhances the power efficiency of the network in its entirety.
  • Fast cross-chain searching via Proof of Labour —PoL enables hash values or indices from sub-chains (child chains) to be synced with the parent chain in a ‘cross chain index mechanism’ to enable fast searches for data via the parent chain.
  • Scalibility — Unlimited scalibility due to child chains; each CC is an independent blockchain (or DAG) using its own consensus mechanism (PoS, PoA, PoW, PoeT, etc) and can store data within itself. The parent chain by nature therefore cannot become bloated.
  • Atomic Swaps — PoL by nature ensures a record of every inter-chain transaction is held, and allows the function of atomic swaps between currencies.

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

EDIT 1st June: A user on the Waltonchain sub has done an analysis which by the looks of it, disproves the initial assessment by many of the 'blockchain experts' in cc that have said the open source code is simply a copy and paste . https://www.reddit.com/waltonchain/comments/bveqea/changeset_goethereum_v171_to_gwtc_v110/
It is interesting to see just how much people love to hate Waltonchain that they spread misinformation either intentionally, or unintentionally, and that it gets the most attention out of any announcement.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to CryptoCurrency [link] [comments]

CODE FUD: Resolved.

Dear Waltonchain community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to waltonchain [link] [comments]

[GUIDE] Convert DRP to DRPS or DRPU.

IMPORTANT: none of the methods will work unless your address is whitelisted at Dcorp.it.

verify first or trade OTC

If you want DRPU, I'd like to trade your DRP for my DRPU

(2 DPRU for 1 DRP, the standard ratio).

(We can trade in small amounts if you don't trust me)
Below I will describe three ways to convert DRP to DRPU or DRPS.

Please try the official way first.

There's basically two steps, each with their own sub-steps. I will first explain what the steps do, and then explain how to do them. No matter which way you choose (they just get increasingly technical).
The first step is to approve the contract (there is two different contracts, one for DRPU, and one for DRPS, approve the right one). Without approval, the second step will fail.
In other words, step one is all about saying "this address (the contract) is allowed to spend X amount of DRP from my address". Obviously, you only want to approve the right contract, not anyone else.
The second step is to actually make the contract burn your DRP and return you the right amount of DRPU or DRPS (depending on which contract you talk to). The second step is exactly the same for DRPU and DRPS, the only difference is the contract adress. So don't use the wrong adress or you'll recieve the wrong coin, and that can not be undone! (you could attempt to trade it at the market though, but there is currently no way to turn DRPU into DRPS and vice versa, and neither can you get your DRP back).
Now for the actual steps:

The official way

DRPS: DCorp Security Token DRPU: DCorp Utility Token
Just follow the steps on the website. If that doesn't work, try:

The etherscan way

Step 1a:

copypaste the contract address you need into notepad.
  • DPRS: 0x3366cfd8dd3fc653e7dcd56cb9111d848b3732e2
  • DRPU: 0xee2972a6177c28f3efacb1862a1a8507c3f10faa

Step 1b:

Step 1c

  • copypaste the address from step 1a into the _spender(address) field under "1. approve"
  • put the amount of DRP you want to convert, followed by exactly 2 zeroes (unless you want to send fractional DRP, in which case you add fewer zeroes, for example a 50 is 0.5 DRP) (Think of it like sending "cents" of DRP, so 100 cents is 1 DRP).

Step 1d

  • press "write"
  • confirm with metamask
wait for confirmation (only 1 confirmation is enough) it should look something like this

Step 2a

Step 2b (it's the same for DRPS and DRPU)

  • connect metamask
  • scroll down to "6. requestConversion"
  • input the same value as in step 1c (technically you could use any value lower or exactly equal, but why would you?)
  • it should look something like this

Step 2c

  • press "write"
  • confirm with metamask

DONE!

it should look something like this
you should have your tokens now, and your DRP are burned.

The hard way

Step 1a:

  • Log in to metamask, or whatever your favorite wallet is (i will assume metamask in this guide but this method works for any wallet, although the steps wil not be exactly the same obviously)
  • go to settings -> advanced (helpfull image 1 and 2)
  • scroll down and turn on "hex data"
  • now when you send an ether transaction you should have a "hex data" or "data" field in the bottom. (It should look something like this)
MAKE SURE YOU USE YOUR ACCOUNT THAT ACTUALLY HAS DRP OR IT WON'T WORK FOR OBVIOUS REASONS

Step 1b:

  • calculate how many DRP you want to send, open the windows calculator in programmer mode (or any online dec to hex converter) and input the amount of DRP you want to send with two extra zeroes.
  • read the HEX value. (for example if you want to send 1234 DRP you should enter 123400 into the calculator, and your answer will be 1E208) Helpful image
  • If you want to send fractions, for example 12.5 DRP you input 1250 (so basically you multiply by 100) and you would get 4E2.
  • write down the HEX value in notepad.
  • copypaste this 0000000000000000000000000000000000000000000000000000000000000000 and paste it under your hex value
  • add 0s in front of your hex value until both strings are of equal length (you should have exactly 64 digits, no more, no less).

Step 1c:

  • for DRPS: copypaste this "0x095ea7b30000000000000000000000003366cfd8dd3fc653e7dcd56cb9111d848b3732e2" into your notepad and paste it in front of your 64-digit number, don't have any spaces in between, don't add the quotes.
  • for DRPU: copypaste this "0x095ea7b3000000000000000000000000ee2972a6177c28f3efacb1862a1a8507c3f10faa" into your notepad and paste it in front of your 64-digit number, don't have any spaces in between, don't add the quotes.

Step 1d (same for both tokens):

  • if you have done step 1c correctly you should have something similar to "0x095ea7b3000000000000000000000000ee2972a6177c28f3efacb1862a1a8507c3f10faa00000000000000000000000000000000000000000000000000000000000185ea" in your notepad.
  • send 0 eth to 0x621d78f2ef2fd937bfca696cabaf9a779f59b3ed and in the data field copypaste the data from your notepad.

Step 1e:

Wait for it to confirm (1 confirmation is enough).

Step 2a:

  • copypaste this into a new line in your notepad: 0xc6afd98a
  • copy the last 64 digits of the last string (the hexadecimal representation of the amount of tokens you want to convert) to the end of that line
  • you should now have something like this: 0xc6afd98a00000000000000000000000000000000000000000000000000000000000185ea

Step 2b

  • for DRPS: send 0 eth to 0x3366cfd8dd3fc653e7dcd56cb9111d848b3732e2 with the data string you should have in your notepad (the short one)
  • for DRPU: send 0 eth to 0xee2972a6177c28f3efacb1862a1a8507c3f10faa with the data string you should have in your notepad (the short one)

DONE!

Explanation:

The data always starts with 0x (this basically means, the data is encoded in hexadecimal numbers), the 8 digits after that is a hash (keccak-256) of the function name, so the contract knows which function you are calling, and which arguments to expect (for example requestConversion(uint256) and approve(address,uint256)) all other information after that is always exactly 256 bits of information (per argument), so 64 digits long (if the actual information is less than 64 digits long, it adds 0s in the front until it is exactly 64 digits long. Also, in ethereum addresses the leading 0x gets dropped (because the data already starts with 0x). Numbers of course are converted into hexadecimal, and in the "atomic units" of what you're sending (like a satoshi in bitcoin). DRP has a "precision" of 2 so if you enter "0000000000000000000000000000000000000000000000000000000000000001" that means 0.01 DRP, and 0000000000000000000000000000000000000000000000000000000000000010 means 0.16 DRP (remember, it's hexadecimal, not decimal).
submitted by zimmah to dcorp [link] [comments]

I decided to post this here as I saw some questions on the QRL discord.

Is elliptic curve cryptography quantum resistant?
No. Using a quantum computer, Shor's algorithm can be used to break Elliptic Curve Digital Signature Algorithm (ECDSA). Meaning: they can derive the private key from the public key. So if they got your public key, they got your private key, and they can empty your funds. https://en.wikipedia.org/wiki/Elliptic-curve_cryptography#Quantum_computing_attacks https://eprint.iacr.org/2017/598.pdf
Why do people say that BTC is quantum resistant, while they use elliptic curve cryptography? (Here comes the idea from that never reusing a private key from elliptic curve cryptography (and public key since they form a pair) would be quantum resistant.)
Ok, just gonna start with the basics here. Your address, where you have your coins stalled, is locked by your public- private key pair. See it as your e-mail address (public key) and your password (Private key). Many people got your email address, but only you have your password. If you got your address and your password, then you can access your mail and send emails (Transactions). Now if there would be a quantum computer, people could use that to calculate your password/ private key, if they have your email address/ public key.
What is the case with BTC: they don't show your public key anywhere, untill you make a transaction. So your public key is private untill you make a transaction. How do they do that while your funds must be registered on the ledger? Wel, they only show the Hash of your public key (A hash is an outcome of an equation. Usually one-way hash functions are used, where you can not derive the original input from the output. But everytime you use the same hash function on the same original input (For example IFUHE8392ISHF), you will always get the same output (For example G). That way you can have your coins on public key IFUHE8392ISHF, while on the chain, they are on G.) So your funds are registered on the blockchain on the "Hash" of the public key. The Hash of the public key is also your "email address" in this case. So you give "G" as your address to send BTC to.
By the way, in the early days you could use your actual public key as your address. And miners would receive coins on their public key, not on the hashed public key. That is why all the Satoshi funds are vulnerable to quantum attacks even though these addresses have never been used to make transactions from. These public keys are already public instead of hashed. Also certain hard forks have exposed the public keys of unused addresses. So it's really a false sense of security that most people hang on to in the first place.
But it's actually a false sense of security over all.
Since it is impossible to derive a public key from the Hash of a public key, your coins are safe for quantum computers as long as you don't make any transaction. Now here follows the biggest misconseption: Pretty much everyone will think, great, so BTC is quantum secure! It's not that simple. Here it is important to understand two things:
1 How is a transaction sent? The owner has the private key and the public key and uses that to log into the secured environment, the wallet. This can be online or offline. Once he is in his wallet, he states how much he wants to send and to what address.
When he sends the transaction, it will be broadcasted to the blockchain network. But before the actual transaction that will be sent, it is formed into a package, created by the wallet. This happens out of sight of the sender.
That package ends up carrying roughly the following info: The public key to point to the address where the funds will be coming from, the amount that will be transferred, the public key of the address the funds will be transferred to.
Then this package caries the most important thing: a signature, created by the wallet, derived from the private- public key combination. This signature proves to the miners that you are the rightfull owner and you can send funds from that public key.
So this package is then sent out of the secure wallet environment to multiple nodes. The nodes don’t need to trust the sender or establish the sender’s "identity." And because the transaction is signed and contains no confidential information, private keys, or credentials, it can be publicly broadcast using any underlying network transport that is convenient. As long as the transaction can reach a node that will propagate it into the network, it doesn’t matter how it is transported to the first node.
2 How is a transaction confirmed/ fullfilled and registered on the blockchain?
After the transaction is sent to the network, it is ready to be processed. The nodes have a bundle of transactions to verify and register on the next block. This is done during a period called the block time. In the case of BTC that is 10 minutes.
If you comprehend the information written above, you can see that there are two moments where you can actually see the public key, while the transaction is not fullfilled and registered on the blockchain yet.
1: during the time the transaction is sent from the sender to the nodes
2: during the time the nodes verify the transaction.
This paper describes how you could hijack a transaction and make a new transaction of your own, using someone elses address to send his coins to an address you own during moment 2: the time the nodes verify the transaction:
https://arxiv.org/pdf/1710.10377.pdf
"(Unprocessed transactions) After a transaction has been broadcast to the network, but before it is placed on the blockchain it is at risk from a quantum attack. If the secret key can be derived from the broadcast public key before the transaction is placed on the blockchain, then an attacker could use this secret key to broadcast a new transaction from the same address to his own address. If the attacker then ensures that this new transaction is placed on the blockchain first, then he can effectively steal all the bitcoin behind the original address."
So this means that practically, you can't call BTC a quantum secure blockchain. Because as soon as you will touch your coins and use them for payment, or send them to another address, you will have to make a transaction and you risk a quantum attack.
Why would Nexus be any differtent?
If you ask the wrong person they will tell you "Nexus uses a combination of the Skein and Keccak algorithms which are the 2 recognized quantum resistant algorithms (keccal is used by the NSA) so instead of sha-256, Nexus has SK-1024 making it much harder to break." Which would be the same as saying BTC is quantum resistant because they use a Hashing function to hash the private key as long as no transaction is made.
No, this is their sollid try to be quantum resistant: Nexus states it's different because they have instant transactions (So there wouldn't be a period during which time the nodes verify the transaction. This period would be instant.) Also they use a particular order in which the miners verify transactions: First-In-First-Out (FIFO) (So even if instant is not instant after all, and you would be able to catch a public key and derive the private key, you would n't be able to have your transaction signed before the original one. The original one is first in line, and will therefore be confirmed first. Also for some reason Nexus has standardized fees which are burned after a transaction. So if FIFO wouldn't do the trick you would not be able to use a higher fee to get prioritized and get an earlyer confirmation.
So, during during the time the nodes verify the transaction, you would not be able to hijack a transaction. GREAT, you say? Yes, great-ish. Because there is still moment # 1: during the time the transaction is sent from the sender to the nodes. This is where network based attacks could do the trick:
There are network based attacks that can be used to delay or prevent transactions to reach nodes. In the mean time the transactions can be hijacked before they reach the nodes. And thus one could hijack the non quantum secure public keys (they are openly included in sent signed transactions) who then can be used to derive privatekeys before the original transaction is made. So this means that even if Nexus has instant transactions in FIFO order, it is totally useless, because the public key would be obtained by the attacker before they reach the nodes. Conclusion: Nexus is Nnot quantum resistant. You simply can't be without using a post quantum signature scheme.
Performing a DDoS attack or BGP routing attacks or NSA Quantum Insert attacks on a peer to peer newtork would be hard. But when provided with an opportunitiy to steal billions, hackers would find a way. For example:
https://bitcoinmagazine.com/articles/researchers-explore-eclipse-attacks-ethereum-blockchain/
For BTC:
https://eprint.iacr.org/2015/263.pdf
"An eclipse attack is a network-level attack on a blockchain, where an attacker essentially takes control of the peer-to-peer network, obscuring a node’s view of the blockchain."
That is exactly the receipe for what you would need to create extra time to find public keys and derive private keys from them. Then you could sign transactions of your own and confirm them before the originals do.
By the way, yes this seems to be fixed now, but it most definately shows it's possible. And there are other creative options. Either you stop tranasctions from the base to get out, while the sender thinks they're sent, or you blind the network and catch transactions there. There are always options, and they will be exploited when billions are at stake. The keys can also be hijacked when a transaction is sent from the users device to the blockchain network using a MITM attack. The result is the same as for network based attacks, only now you don't mess with the network itself. These attacks make it possible to 1) retrieve the original public key that is included in the transaction message. 2) Stop or delay the transaction message to arrive at the blockchain network. So, using a quantum computer, you could hijack transactions and create forged transactions, which you then send to the nodes to be confirmed before the nodes even receive the original transaction. There is nothing you could change to the Nexus network to prevent this. The only thing they can do is implement a quantum resistant signature scheme. They plan to do this in the future, like any other serious blockchain project. Yet Nexus is the only of these future quantum resistant projects to prematurely claim to be quantum resistant. There is only one way to get quantum resistancy: POST QUANTUM SIGNATURE SCHEMES. All the rest is just a shitty shortcut that won't work in the end.
(If you use this info on BTC, you will find that the 10 minutes blocktime that is used to estimate when BTC will be vulnerable for quantum attacks, can actually be more then 10 minutes if you catch the public key before the nodes receive them. This makes BTC vulnerable sooner thatn the 10 min blocktime would make you think.)
By the way, Nexus using FIFO and standadrized fees which are burned after the transaction comes with some huge downsides:
Why are WOTS+ signatures (and by extension XMSS) more quantum resistant?
First of all, this is where the top notch mathematicians work their magic. Cryptography is mostly maths. As Jackalyst puts it talking about post quantum signature schemes: "Having papers written and cryptographers review and discuss it to nauseating levels might not be important for butler, but it's really important with signature schemes and other cryptocraphic methods, as they're highly technical in nature."
If you don't believe in math, think about Einstein using math predicting things most coudldn't even emagine, let alone measure back then.
Then there is implementing it the right way into your blockchain without leaving any backdoors open.
So why is WOTS+ and by extension XMSS quantum resistant? Because math papers say so. With WOTS it would even take a quantum computer too much time to derive a private key from a public key. https://en.wikipedia.org/wiki/Hash-based_cryptography https://eprint.iacr.org/2011/484.pdf
What is WOTS+?
It's basiclally an optimized version of Lamport-signatures. WOTS+ (Winternitz one-time signature) is a hash-based, post-quantum signature scheme. So it's a post quantum signature scheme meant to be used once.
What are the risks of WOTS+?
Because each WOTS publishes some part of the private key, they rapidly become less secure as more signatures created by the same public/private key are published. The first signature won't have enough info to work with, but after two or three signatures you will be in trouble.
IOTA uses WOTS. Here's what the people over at the cryptography subreddit have to say about that:
https://www.reddit.com/crypto/comments/84c4ni/iota_signatures_private_keys_and_address_reuse/?utm_content=comments&utm_medium=user&utm_source=reddit&utm_name=u_QRCollector
With the article:
http://blog.lekkertech.net/blog/2018/03/07/iota-signatures/
Mochimo uses WOTS+. They kinda solved the problem: A transaction consists of a "Source Address", a "Destination Address" and a "Change Address". When you transact to a Destination Address, any remaining funds in your Source Address will move to the Change Address. To transact again, your Change Address then becomes your Source Address.
But what if someone already has your first address and is unaware of the fact you already send funds from that address? He might just send funds there. (I mean in a business environment this would make Mochimo highly impractical.) They need to solve that. Who knows, it's still a young project. But then again, for some reason they also use FIFO and fixed fees, so there I have the same objections as for Nexus.
How is XMSS different?
XMSS uses WOTS in a way that you can actually reuse your address. WOTS creates a quantum resistant one time signature and XMSS creates a tree of those signatures attached to one address so that the address can be reused for sending an asset.
submitted by QRCollector to QRL [link] [comments]

InterValue Blockchain 4.0 : registration for full node | light node | bounty | airdrop |

InterValue Blockchain 4.0 : registration for full node | light node | bounty | airdrop |
Introduction to InterValue :
InterValue vision is to create a platform which enables all information and assets in the real world to circulate and transfer freely, securely and secretly in the parallel virtual world.
Why InterValue : To explain this , I need your help here. Please follow the instructions. I promise, It will be a quick and fun exercise.
Fun exercise
  1. Raise your right leg (~30 degree) & start to move it in clockwise direction.
  2. Now while you continue moving your right leg in clockwise direction, Raise your right arm (90 degree) and point finger.
  3. Draw "6" in thin air with your right arm.
  4. Did you notice a difference in your leg movement. It would have started to give you difficulty or move in anticlockwise direction.
This is how other blockchain projects are. They turn their back on you and fall short to deliver as promised.
But with Intervalue its different. If instead of '6', you draw 'C', you will continue to move in clockwise direction. "Continual improvement & deliverables". InterValue team has already shown testnet results (video link below) of their ambitious project proving their commitment to developing intervalue and proving viability of their idea.
What InterValue blockchain project covers :
https://preview.redd.it/qzzx0mzjqpa11.png?width=963&format=png&auto=webp&s=a4f6a643ea39488f6296b5fc229c0d50b2698bbd

Advantages of InterValue :

  1. Bitcoin or ETH transactions can take long time to settle and high fees which means there are inherent problems in the idea like will you be able to use them to pay for a cup of coffee in your lunch hour. To solve the most spoken problem in blockchain "Scalability", InterValue has developed a double-layer consensus mechanism consisting of HashNet consensus and BA-VRF (Byzantine Agreement based on Verifiable Random Function) consensus, which supports high transaction concurrency, fast confirmation and building eco-systems for different application scenarios.
  2. Each day growing use of blockchain puts significant storage costs on miners wanting to run a full node and with the increasing costs (both in time and money) of storing the state, fewer and fewer people are choosing to run full nodes, which many worry will centralize the network into the hands of only a few arbitrators. InterValue solves this problem by introduction Hash-Net, a new data structure Hash-Net derived from DAG (directed acyclic graph) which greatly reduces storage space required by nodes and improves efficiency and security of data storage.
  3. The use of distributed ledger technology allows full transparency over transactions. For some blockchain applications, some vital information can’t be accessed by just anyone. Think of this, will you like anyone to see your transactions history and know you bought coffee in your lunch hour, No. InterValue achieves the transaction anonymity by applying tor-like P2P anonymity, zero-knowledge proof and ring signature which allows transaction anonymity and privacy protection and performs with high cost-effective ratio and excellent security to satisfy privacy requirements in different application scenarios.
  4. Smart contracts, InterValue uses Moses virtual machine. MVM is able to access of Blockchain data conveniently and securely, and supports issuance of third-party assets, which can be integrated into applications in terms of public, permissioned (private) or consortium (hybrid) Blockchain.
  5. Anti-quantum attack, new anti-quantum algorithms are devised, which uses Keccak-512 hash algorithm and integer lattice-based NTRUsign signature algorithm. These algorithms reduce the threat coming from development of quantum computing and gradual popularization of quantum computer.
  6. Currently more than 1500 different cryptocurrencies are in existence. As the ecosystem expands, so does the need for these blockchains to be able to communicate with each other. Intervalue, adopts chain-relaying technology to solve the problems in crossing chains transaction and transparent operations among multiple chains, which not only can maintain independence of crossing chains operation, but also reuse various function of InterValue.
You can contribute to the project development and be part of the ecosystem by enrolling your interest to run full node | light node. Registration link >>
Local full node : https://www.inve.one/allnode.html (last date 20th Jul)
Light node : https://www.inve.one/lightnode.html (last date 20th Jul)
Airdrop / Bounty : https://www.inve.one/aiinvite?userId=VG1wbmVFMUJQVDA9 (In-progress)
.
A bit about how Full node and Light node will work :
As a user when you send transactions which happens through local full nodes, the user has to first perform a low-level PoW calculation before initiating the transaction. This is put in-place to avoid malicious users from having DDoS attacks. After that, it submits the transaction to the local full node for processing. If the transaction is a cross-sharding transaction, it needs to be further submitted to the full node.
Full nodes and local full nodes which participate in consensus verify whether the hash of the transaction meets the difficulty of mining. Once the transaction is verified and stabilized, the local full node and the full node (in the case of cross-sharding transaction) that send the transaction can receive a corresponding number of INVE tokens as mining rewards. In order to reward the contribution of full nodes and local full nodes to help reach a consensus on the entire network, 6 billion INVE tokens are generated through mining as reward.
.
Token metrics : [60% reserved for Mining]
Total supply : 10 Billion INVE tokens
Available in private sale : 900 Million INVE
No pre-sale or crowd sale. To be replaced by airdrop and community engagement activities which amounts to 200 Million INVE
Total token supply will be 10 billion, of which 6 billion will be generated by mining [60% reserved for Mining]
.
Current development stage : InterValue 2.0 testnet launch
Testnet video links >> https://www.youtube.com/watch?v=pnb0L4TuFy4
https://preview.redd.it/hbga4szsbpa11.png?width=954&format=png&auto=webp&s=87ac430ec65e7159a716faf84ded4952a04f314c
InterValue Introduction video
InterValue full node
submitted by OneBlockAwayICO to u/OneBlockAwayICO [link] [comments]

The Nexus FAQ - part 1

Full formatted version: https://docs.google.com/document/d/16KKjVjQH0ypLe00aoTJ_hZyce7RAtjC5XHom104yn6M/
 

Nexus 101:

  1. What is Nexus?
  2. What benefits does Nexus bring to the blockchain space?
  3. How does Nexus secure the network and reach consensus?
  4. What is quantum resistance and how does Nexus implement this?
  5. What is Nexus’ Unified Time protocol?
  6. Why does Nexus need its own satellite network?
 

The Nexus Currency:

  1. How can I get Nexus?
  2. How much does a transaction cost?
  3. How fast does Nexus transfer?
  4. Did Nexus hold an ICO? How is Nexus funded?
  5. Is there a cap on the number of Nexus in existence?
  6. What is the difference between the Oracle wallet and the LLD wallet?
  7. How do I change from Oracle to the LLD wallet?
  8. How do I install the Nexus Wallet?
 

Types of Mining or Minting:

  1. Can I mine Nexus?
  2. How do I mine Nexus?
  3. How do I stake Nexus?
  4. I am staking with my Nexus balance. What are trust weight, block weight and stake weight?
 

Nexus 101:

1. What is Nexus (NXS)?
Nexus is a digital currency, distributed framework, and peer-to-peer network. Nexus further improves upon the blockchain protocol by focusing on the following core technological principles:
Nexus will combine our in-development quantum-resistant 3D blockchain software with cutting edge communication satellites to deliver a free, distributed, financial and data solution. Through our planned satellite and ground-based mesh networks, Nexus will provide uncensored internet access whilst bringing the benefits of distributed database systems to the world.
For a short video introduction to Nexus Earth, please visit this link
 
2. What benefits does Nexus bring to the blockchain space?
As Nexus has been developed, an incredible amount of time has been put into identifying and solving several key limitations:
Nexus is also developing a framework called the Lower Level Library. This LLL will incorporate the following improvements:
For information about more additions to the Lower Level Library, please visit here
 
3. How does Nexus secure the network and reach consensus?
Nexus is unique amongst blockchain technology in that Nexus uses 3 channels to secure the network against attack. Whereas Bitcoin uses only Proof-of-Work to secure the network, Nexus combines a prime number channel, a hashing channel and a Proof-of-Stake channel. Where Bitcoin has a difficulty adjustment interval measured in weeks, Nexus can respond to increased hashrate in the space of 1 block and each channel scales independently of the other two channels. This stabilizes the block times at ~50 seconds and ensures no single channel can monopolize block production. This means that a 51% attack is much more difficult to launch because an attacker would need to control all 3 channels.
Every 60 minutes, the Nexus protocol automatically creates a checkpoint. This prevents blocks from being created or modified dated prior to this checkpoint, thus protecting the chain from malicious attempts to introduce an alternate blockchain.
 
4. What is quantum resistance and how does Nexus implement it?
To understand what quantum resistance is and why it is important, you need to understand how quantum computing works and why it’s a threat to blockchain technology. Classical computing uses an array of transistors. These transistors form the heart of your computer (the CPU). Each transistor is capable of being either on or off, and these states are used to represent the numerical values 1 and 0.
Binary digits’ (bits) number of states depends on the number of transistors available, according to the formula 2n, where n is the number of transistors. Classical computers can only be in one of these states at any one time, so the speed of your computer is limited to how fast it can change states.
Quantum computers utilize quantum bits, “qubits,” which are represented by the quantum state of electrons or photons. These particles are placed into a state called superposition, which allows the qubit to assume a value of 1 or 0 simultaneously.
Superposition permits a quantum computer to process a higher number of data possibilities than a classical computer. Qubits can also become entangled. Entanglement makes a qubit dependant on the state of another, enabling quantum computing to calculate complex problems, extremely quickly.
One such problem is the Discrete Logarithm Problem which elliptic curve cryptography relies on for security. Quantum computers can use Shor’s algorithm to reverse a key in polynomial time (which is really really really fast). This means that public keys become vulnerable to quantum attack, since quantum computers are capable of being billions of times faster at certain calculations. One way to increase quantum resistance is to require more qubits (and more time) by using larger private keys:
Bitcoin Private Key (256 bit) 5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF
Nexus Private Key (571 bit) 6Wuiv513R18o5cRpwNSCfT7xs9tniHHN5Lb3AMs58vkVxsQdL4atHTF Vt5TNT9himnCMmnbjbCPxgxhSTDE5iAzCZ3LhJFm7L9rCFroYoqz
Bitcoin addresses are created by hashing the public key, so it is not possible to decrypt the public key from the address; however, once you send funds from that address, the public key is published on the blockchain rendering that address vulnerable to attack. This means that your money has higher chances of being stolen.
Nexus eliminates these vulnerabilities through an innovation called signature chains. Signature chains will enable access to an account using a username, password and PIN. When you create a transaction on the network, you claim ownership of your signature chain by revealing the public key of the NextHash (the hash of your public key) and producing a signature from the one time use private key. Your wallet then creates a new private/public keypair, generates a new NextHash, including the corresponding contract. This contract can be a receive address, a debit, a vote, or any other type of rule that is written in the contract code.
This keeps the public key obscured until the next transaction, and by divorcing the address from the public key, it is unnecessary to change addresses in order to change public keys. Changing your password or PIN code becomes a case of proving ownership of your signature chain and broadcasting a new transaction with a new NextHash for your new password and/or PIN. This provides the ability to login to your account via the signature chain, which becomes your personal chain within the 3D chain, enabling the network to prove and disprove trust, and improving ease of use without sacrificing security.
The next challenge with quantum computers is that Grover’s algorithm reduces the security of one-way hash function by a factor of two. Because of this, Nexus incorporates two new hash functions, Skein and Keccak, which were designed in 2008 as part of a contest to create a new SHA3 standard. Keccak narrowly defeated Skein to win the contest, so to maximize their potential Nexus combines these algorithms. Skein and Keccak utilize permutation to rotate and mix the information in the hash.
To maintain a respective 256/512 bit quantum resistance, Nexus uses up to 1024 bits in its proof-of-work, and 512 bits for transactions.
 
5. What is the Unified Time protocol?
All blockchains use time-stamping mechanisms, so it is important that all nodes operate using the same clock. Bitcoin allows for up to 2 hours’ discrepancy between nodes, which provides a window of opportunity for the blockchain to be manipulated by time-related attack vectors. Nexus eliminates this vulnerability by implementing a time synchronization protocol termed Unified Time. Unified Time also enhances transaction processing and will form an integral part of the 3D chain scaling solution.
The Unified Time protocol facilitates a peer-to-peer timing system that keeps all clocks on the network synchronized to within a second. This is seeded by selected nodes with timestamps derived from the UNIX standard; that is, the number of seconds since January 1st, 1970 00:00 UTC. Every minute, the seed nodes report their current time, and a moving average is used to calculate the base time. Any node which sends back a timestamp outside a given tolerance is rejected.
It is important to note that the Nexus network is fully synchronized even if an individual wallet displays something different from the local time.
 
6. Why does Nexus need its own satellite network?
One of the key limitations of a purely electronic monetary system is that it requires a connection to the rest of the network to verify transactions. Existing network infrastructure only services a fraction of the world’s population.
Nexus, in conjunction with Vector Space Systems, is designing communication satellites, or cubesats, to be launched into Low Earth Orbit in 2019. Primarily, the cubesat mesh network will exist to give Nexus worldwide coverage, but Nexus will also utilize its orbital and ground mesh networks to provide free and uncensored internet access to the world.
 

The Nexus Currency (NXS):

1. How can I get Nexus?
There are two ways you can obtain Nexus. You can either buy Nexus from an exchange, or you can run a miner and be rewarded for finding a block. If you wish to mine Nexus, please follow our guide found below.
Currently, Nexus is available on the following exchanges:
Nexus is actively reaching out to other exchanges to continue to be listed on cutting edge new financial technologies..
 
2. How much does a transaction cost?
Under Nexus, the fee structure for making a transaction depends on the size of your transaction. A default fee of 0.01 NXS will cover most transactions, and users have the option to pay higher fees to ensure their transactions are processed quickly.
When the 3D chain is complete and the initial 10-year distribution period finishes, Nexus will absorb these fees through inflation, enabling free transactions.
 
3. How fast does Nexus transfer?
Nexus reaches consensus approximately every ~ 50 seconds. This is an average time, and will in some circumstances be faster or slower. NXS currency which you receive is available for use after just 6 confirmations. A confirmation is proof from a node that the transaction has been included in a block. The number of confirmations in this transaction is the number that states how many blocks it has been since the transaction is included. The more confirmations a transaction has, the more secure its placement in the blockchain is.
 
4. Did Nexus hold an ICO? How is Nexus funded?
The Nexus Embassy, a 501(C)(3) not-for-profit corporation, develops and maintains the Nexus blockchain software. When Nexus began under the name Coinshield, the early blocks were mined using the Developer and Exchange (Ambassador) addresses, which provides funding for the Nexus Embassy.
The Developer Fund fuels ongoing development and is sourced by a 1.5% commission per block mined, which will slowly increase to 2.5% after 10 years. This brings all the benefits of development funding without the associated risks.
The Ambassador (renamed from Exchange) keys are funded by a 20% commission per block reward. These keys are mainly used to pay for marketing, and producing and launching the Nexus satellites.
When Nexus introduces developer and ambassador contracts, they will be approved, denied, or removed by six voting groups namely: currency, developer, ambassador, prime, hash, and trust.
Please Note: The Nexus Embassy reserves the sole right to trade, sell and or use these funds as required; however, Nexus will endeavor to minimize the impact that the use of these funds has upon the NXS market value.
 
5. Is there a cap on the number of NXS in existence?
After an initial 10-year distribution period ending on September 23rd, 2024, there will be a total of 78 million NXS. Over this period, the reward gradient for mining Nexus follows a decaying logarithmic curve instead of the reward halving inherent in Bitcoin. This avoids creating a situation where older mining equipment is suddenly unprofitable, encouraging miners to continue upgrading their equipment over time and at the same time reducing major market shocks on block halving events.
When the distribution period ends, the currency supply will inflate annually by a maximum of 3% via staking and by 1% via the prime and hashing channels. This inflation is completely unlike traditional inflation, which degrades the value of existing coins. Instead, the cost of providing security to the blockchain is paid by inflation, eliminating transaction fees.
Colin Cantrell - Nexus Inflation Explained
 
6. What is the difference between the LLD wallet and the Oracle wallet?
Due to the scales of efficiency needed by blockchain, Nexus has developed a custom-built database called the Lower Level Database. Since the development of the LLD wallet 0.2.3.1, which is a precursor to the Tritium updates, you should begin using the LLD wallet to take advantage of the faster load times and improved efficiency.
The Oracle wallet is a legacy wallet which is no longer maintained or updated. It utilized the Berkeley DB, which is not designed to meet the needs of a blockchain. Eventually, users will need to migrate to the LLD wallet. Fortunately, the wallet.dat is interchangeable between wallets, so there is no risk of losing access to your NXS.
 
7. How do I change from Oracle to the LLD wallet?
Step 1 - Backup your wallet.dat file. You can do this from within the Oracle wallet Menu, Backup Wallet.
Step 2 - Uninstall the Oracle wallet. Close the wallet and navigate to the wallet data directory. On Windows, this is the Nexus folder located at %APPDATA%\Nexus. On macOS, this is the Nexus folder located at ~/Library/Application Support/Nexus. Move all of the contents to a temporary folder as a backup.
Step 3 - Copy your backup of wallet.dat into the Nexus folder located as per Step 2.
Step 4 - Install the Nexus LLD wallet. Please follow the steps as outlined in the next section. Once your wallet is fully synced, your new wallet will have access to all your addresses.
 
8. How do I install the Nexus Wallet?
You can install your Nexus wallet by following these steps:
Step 1 - Download your wallet from www.nexusearth.com. Click the Downloads menu at the top and select the appropriate wallet for your operating system.
Step 2 - Unzip the wallet program to a folder. Before running the wallet program, please consider space limitations and load times. On the Windows OS, the wallet saves all data to the %APPDATA%\Nexus folder, including the blockchain, which is currently ~3GB.
On macOS, data is saved to the ~/Library/Application Support/Nexus folder. You can create a symbolic link, which will allow you to install this information in another location.
Using Windows, follow these steps:
On macOS, follow these steps:
Step 3 (optional) - Before running the wallet, we recommend downloading the blockchain database manually. Nexus Earth maintains a copy of the blockchain data which can save hours from the wallet synchronization process. Please go to www.nexusearth.com and click the Downloads menu.
Step 4 (optional) - Extract the database file. This is commonly found in the .zip or .rar format, so you may need a program like 7zip to extract the contents. Please extract it to the relevant directory, as outlined in step 2.
Step 5 - You can now start your wallet. After it loads, it should be able to complete synchronization in a short time. This may still take a couple of hours. Once it has completed synchronizing, a green check mark icon will appear in the lower right corner of the wallet.
Step 6 - Encrypt your wallet. This can be done within the wallet, under the Settings menu. Encrypting your wallet will lock it, requiring a password in order to send transactions.
Step 7 - Backup your wallet.dat file. This can be done from the File menu inside the wallet. This file contains the keys to the addresses in your wallet. You may wish to keep a secure copy of your password somewhere, too, in case you forget it or someone else (your spouse, for example) ever needs it.
You should back up your wallet.dat file again any time you create – or a Genesis transaction creates (see “staking” below) – a new address.
 

Types of Mining or Minting:

1.Can I mine Nexus?
Yes, there are 2 channels that you can use to mine Nexus, and 1 channel of minting:
Prime Mining Channel
This mining channel looks for a special prime cluster of a set length. This type of calculation is resistant to ASIC mining, allowing for greater decentralization. This is most often performed using the CPU.
Hashing Channel
This channel utilizes the more traditional method of hashing. This process adds a random nonce, hashes the data, and compares the resultant hash against a predetermined format set by the difficulty. This is most often performed using a GPU.
Proof of Stake (nPoS)
Staking is a form of mining NXS. With this process, you can receive NXS rewards from the network for continuously operating your node (wallet). It is recommended that you only stake with a minimum balance of 1000 NXS. It’s not impossible to stake with less, but it becomes harder to maintain trust. Losing trust resets the interest rate back to 0.5% per annum.
 
2. How do I mine Nexus?
As outlined above, there are two types of mining and 1 proof of stake. Each type of mining uses a different component of your computer to find blocks, the CPU or the GPU. Nexus supports CPU and GPU mining on Windows only. There are also third-party macOS builds available.
Please follow the instructions below for the relevant type of miner.
 
Prime Mining:
Almost every CPU is capable of mining blocks on this channel. The most effective method of mining is to join a mining pool and receive a share of the rewards based on the contribution you make. To create your own mining facility, you need the CPU mining software, and a NXS address. This address cannot be on an exchange. You create an address when you install your Nexus wallet. You can find the related steps under How Do I Install the Nexus Wallet?
Please download the relevant miner from http://nexusearth.com/mining.html. Please note that there are two different miner builds available: the prime solo miner and the prime pool miner. This guide will walk you through installing the pool miner only.
Step 1 - Extract the archive file to a folder.
Step 2 - Open the miner.conf file. You can use the default host and port, but these may be changed to a pool of your choice. You will need to change the value of nxs_address to the address found in your wallet. Sieve_threads is the number of CPU threads you want to use to find primes. Ptest_threads is the number of CPU threads you want to test the primes found by the sieve. As a general rule, the number of threads used for the sieve should be 75% of the threads used for testing.
It is also recommended to add the following line to the options found in the .conf file:
"experimental" : "true"
This option enables the miner to use an improved sieve algorithm which will enable your miner to find primes at a faster rate.
Step 3 - Run the nexus_cpuminer.exe file. For a description of the information shown in this application, please read this guide.
 
Hashing:
The GPU is a dedicated processing unit housed on-board your graphics card. The GPU is able to perform certain tasks extremely well, unlike your CPU, which is designed for parallel processing. Nexus supports both AMD and Nvidia GPU mining, and works best on the newer models. Officially, Nexus does not support GPU pool mining, but there are 3rd party miners with this capability.
The latest software for the Nvidia miner can be found here. The latest software for the AMD miner can be found here. The AMD miner is a third party miner. Information and advice about using the AMD miner can be found on our Slack channel. This guide will walk you through the Nvidia miner.
Step 1 - Close your wallet. Navigate to %appdata%\Nexus (~/Library/Application Support/Nexus on macOS) and open the nexus.conf file. Depending on your wallet, you may or may not have this file. If not, please create a new txt file and save it as nexus.conf
You will need to add the following lines before restarting your wallet:
Step 2 - Extract the files into a new folder.
Step 3 - Run the nexus.bat file. This will run the miner and deposit any rewards for mining a block into the account on your wallet.
For more information on either Prime Mining or Hashing, please join our Slack and visit the #mining channel. Additional information can be found here.
 
3. How do I stake Nexus?
Once you have your wallet installed, fully synchronized and encrypted, you can begin staking by:
After you begin staking, you will receive a Genesis transaction as your first staking reward. This establishes a Trust key in your wallet and stakes your wallet balance on that key. From that point, you will periodically receive additional Trust transactions as further staking rewards for as long as your Trust key remains active.
IMPORTANT - After you receive a Genesis transaction, backup your wallet.dat file immediately. You can select the Backup Wallet option from the File menu, or manually copy the file directly. If you do not do this, then your Nexus balance will be staked on the Trust key that you do not have backed up, and you risk loss if you were to suffer a hard drive failure or other similar problem. In the future, signature chains will make this precaution unnecessary.
 
4. I am staking with my Nexus balance. What are interest rate, trust weight, block weight, and stake weight?
These items affect the size and frequency of staking rewards after you receive your initial Genesis transaction. When staking is active, the wallet displays a clock icon in the bottom right corner. If you hover your mouse pointer over the icon, a tooltip-style display will open up, showing their current values.
Please remember to backup your wallet.dat file (see question 3 above) after you receive a Genesis transaction.
Interest Rate - The minting rate at which you will receive staking rewards, displayed as an annual percentage of your NXS balance. It starts at 0.5%, increasing to 3% after 12 months. The rate increase is not linear but slows over time. It takes several weeks to reach 1% and around 3 months to reach 2%.
With this rate, you can calculate the average amount of NXS you can expect to receive each day for staking.
Trust Weight - An indication of how much the network trusts your node. It starts at 5% and increases much more quickly than the minting (interest) rate, reaching 100% after one month. Your level of trust increases your stake weight (below), thus increasing your chances of receiving staking transactions. It becomes easier to maintain trust as this value increases.
Block Weight - Upon receipt of a Genesis transaction, this value will begin increasing slowly, reaching 100% after 24 hours. Every time you receive a staking transaction, the block weight resets. If your block weight reaches 100%, then your Trust key expires and everything resets (0.5% interest rate, 5% trust weight, waiting for a new Genesis transaction).
This 24-hour requirement will be replaced by a gradual decay in the Tritium release. As long as you receive a transaction before it decays completely, you will hold onto your key. This change addresses the potential of losing your trust key after months of staking simply because of one unlucky day receiving trust transactions.
Stake Weight - The higher your stake weight, the greater your chance of receiving a transaction. The exact value is a derived by a formula using your trust weight and block weight, which roughly equals the average of the two. Thus, each time you receive a transaction, your stake weight will reset to approximately half of your current level of trust.
submitted by scottsimon36 to nexusearth [link] [comments]

Soft-forking the block time to 2 min: my primarily silly and academic (but seemingly effective) entry to the "increase the blockchain's capacity in an arbitrarily roundabout way as long as it's a softfork" competition

So given that large portions of the bitcoin community seem to be strongly attached to this notion that hard forks are an unforgivable evil, to the point that schemes containing hundreds of lines of code are deemed to be a preferred alternative, I thought that I'd offer an alternative strategy to increasing the bitcoin blockchain's throughput with nothing more than a soft fork - one which is somewhat involved and counterintuitive, but for which the code changes are actually quite a bit smaller than some of the alternatives; particularly, "upper layers" of the protocol stack should need no changes at all.
Notes:
The attack vector is as follows. Instead of trying to increase the size of an individual block directly, we will create a softfork where under the softfork rules, miners are compelled to insert incorrect timestamps, so as to trick the bitcoin blockchain into retargeting difficulty in such a way that on average, a block comes every two minutes instead of once every ten minutes, thereby increasing throughput to be equivalent to a 5 MB block size.
First, let us go over the bitcoin block timestamp and difficulty retargeting rules:
The last rule ensures that difficulty adjustments are "clamped" between a 4x increase and a 4x decrease no matter what.
So, how to we do this? Let's suppose for the sake of simplicity that in all examples the soft fork starts at unix time 1500000000. We could say that instead of putting the real time into blocks, miners should put 1500000000 + (t - 1500000000) * 5; this would make the blockchain think that blocks are coming 5x as rarely, and so it would decrease difficulty by a factor of 5, so that from the point of view of actual time blocks will start coming in every two minutes instead of ten. However, this approach has one problem: it is not a soft fork. Users running the original bitcoin client will very quickly start rejecting the new blocks because the timestamps are too far into the future.
Can we get around this problem? You could use 1500000000 + (t - 1500000000) * 0.2 as the formula instead, and that would be a soft fork, but that would be counterproductive: if you do that, you would instead reduce the real-world block throughput by 5x. You could try to look at schemes where you pretend that blocks come quickly sometimes and slowly at other times and "zigzag" your way to a lower net equilibrium difficulty, but that doesn't work: for mathematical reasons that have to do with the fact that 1/x always has a positive second derivative, any such strategy would inevitably gain more difficulty going up than it would lose coming down (at least as long as it stays within the constraint that "fake time" must always be less than or equal to "real time").
However, there is one clever way around this. We start off by running a soft fork that sets fake_time = 1500000000 + (real_time - 1500000000) * 0.01 for as long as is needed to get fake time 12 weeks behind real time. However, we add an additional rule: every 2016th block, we set the block timestamp equal to real time (this rule is enforced by soft-fork: if you as a miner don't do this, other miners don't build on top of your block). This way, the difficulty retargeting algorithm has no idea that anything is out of the ordinary, and so difficulty just keeps adjusting as normal. Note that because the timestamp of each block need only be higher than the median of the timestamps of the previous 11 blocks, and not necessarily higher than that of the immediately previous block, it's perfectly fine to hop right back to fake time after those single blocks at real time. During those 12 weeks, we also add a soft-forking change which invalidates a random 20% of blocks in the first two weeks, a random 36% of blocks in the second two weeks, 50% in the third two weeks, etc; this creates a gap between in-protocol difficulty and de-facto difficulty that will hit 4x by the time we start the next step (we need this to avoid having an 8-week period where block throughput is at 250 kb per 10 minutes).
Then, once we have 12 weeks of "leeway", we perform the following maneuver. We do the first retarget with the timestamp equal to fake time; this increases difficulty by 4x (as the timestamp difference is -12 weeks, which gets clamped to the minimum of 302400 seconds = 0.5 weeks). The retarget after that, we set the timestamp 8 weeks ahead of fake time, so as to get the difficulty down 4x. The retargeting round after that, we determine the actual retargeting coefficient c that we want to have, and clamp it so that 0.5 <= c < 2. We set the block timestamp c * 2 weeks ahead of the timestamp of the previous retargeting block. Then, in the retargeting round after that, we set the block timestamp back at fake time, and start the cycle again. Rinse and repeat forever.
Diagram here: http://i.imgur.com/sqKa00e.png
Hence, in general we spend 2/3 of our retargeting periods in lower-difficulty mode, and 1/3 in higher-difficulty. We choose c to target the block time in lower-difficulty mode to 30 seconds, so that in higher-difficulty mode it will be two minutes. In lower-difficulty mode, we add another softfork change in order to make a random 75% of blocks that get produced invalid (eg. one simple way to do this is to just pretend that the difficulty during these periods is 4x higher), so the actual block time duing all periods will converge toward two minutes - equivalent to a throughput of 5 MB every ten minutes.
Note that a corollary of this is that it is possible for a majority of miners to collude using the technique above to make the block rewards come out 5x faster (or even more) than they are supposed to, thereby greatly enriching themselves at the expense of future network security. This is a slight argument in favor of bitcoin's finite supply over infinite supply models (eg. dogecoin), because in an infinite supply model this means that you can actually permanently expand issuance via a soft fork rather than just making the existing limited issuance come out faster. This is a quirk of bitcoin's difficulty adjustment algorithm specifically; other algorithms are immune to this specific trick though they may be vulnerable to tricks of their own.
Homework:
EDIT:
I looked at the code again and it seems like the difficulty retargeting algorithm might actually only look 2015 blocks back every 2016 blocks rather than every 2016 blocks (ie. it checks the timestamp difference between block 2016*k+2015 and 2016*k, not 2016*k+2016 and 2016*k as I had assumed). In that case, the timestamp dance and the initial capacity adjustment process might actually be substantially simpler than I thought: it would simply be a one-step procedure of always setting the timestamp at 2016*k to equal real time and then setting the timestamp of 2016*k+2015 to whatever is convenient for achieving the desired difficulty adjustment.
EDIT 2:
I think I may have been wrong about the effectiveness of this strategy being limited by the minimum safe block time. Specifically, note that you can construct a soft fork where the in-protocol difficulty drops to the point where it's negligible, and say that all blocks where block.number % N != 0 have negligible difficulty but blocks where block.number % N = 0 are soft-forked to have higher de-facto difficulty; in this case, a miner's optimal strategy will be to simultaneously generate N-1 easy blocks and a hard block and if successful publish them as a package, creating a "de-facto block" of theoretically unlimited size.
submitted by vbuterin to btc [link] [comments]

Intro To 0xBitcoin Mining Theory & Pools

Hey guys, a friend of mine was wondering what this 0xBitcoin thing was all about and how it worked and I accidentally wrote a book, I thought it would make a good intro to anyone here who wonders how the mining and pool system work. It is strikingly similar to normal Crypto mining with a few extra challenges due to the nature of ERC20 tokens. Here goes:
The code for the token itself lives here, as a smart contract on Ethereum like any other ERC20 Token (Think EOS, OMG etc in their current form)
https://etherscan.io/address/0xb6ed7644c69416d67b522e20bc294a9a9b405b31
So that code controls how the token works. If you understand code on a basic level I'm sure you'll get the gist of it. The most important function in there is the "mint" function. The contract generates a hashed string (Using SHA-3, / Keccak algorithm),
When a miner solves that problem and finds the solution it will send a transaction to the smart contract with the solution data and call the mint() function, if it's right, the miner is rewarded with the tokens. (Currently with a reward of 50 0xBTC)
Note, 0xBTC has the same reward / difficulty / maximum supply data as Bitcoin itself.
Pools:
So pool software sits in the middle. It fetches the challenge data (The hashed string + The target difficulty) from the 0xBitcoin Smart contract. Miners connect their mining software to the pool server, and the pool software distributes the challenge around them at lower difficulty than the set difficulty that the token contract has set.
Onto a bit of mining theory, think of difficulty as accurracy, and the true solution for the mint() function is a bullseye. You can mine at the exact difficulty as the smart contract (Highest effective difficulty / accuracy), and when your miner finds something it thinks is the valid solution, it is 100% going to be the right one. However, This takes a LONG time to complete. If you mine at 1% of the target difficulty, every time your miner finds a solution it is less accurrate (Less certain to be the true solution) but you'll generate more potential valid solutions in a given amount of time.
Pools work on the theory that if you have lots of people working together for the same reward, they will find the solution faster by sharing the total difficulty among eachother. They generate lots of solutions that will hit within a certain radius of the actual bullseye, on the assumption that one of them will hit the actual target.
When one of them does get the target, the pool has its own Eth wallet and sends off for the mint() function.
It's been tracking the shares from each connected miner, and rewards miners based on the difficulty (remember, Accurracy) of their submitted solutions.
If you have a higher Difficulty (Maybe you have a lot of GPUs) and you send more accurrate solutions to the pool, you get rewarded more "shares" in the pool.
When the reward is hit, and the 0xBTC get sent to the pools wallet, the pool calculates the miners payouts based on:
MinerReward = MinerShares / TotalSharesForBlock
This means that those with more hash power get rewarded fairly for their investment of hash power into the pool because you generate more shares with higher accurracy.
When the block reward (50) is distributed, the smart contract generates a new challenge, the pools will reset everyone's shares and everyone starts working on the next problem.
The 0xBTC Pool Problem
The pools, at the moment then have to send off lots of tiny little transactions (Which cost Ethereum in gas) to distribute the rewarded tokens. This is expensive for the owner and means pools need to run with quite high fees. Also, pools at the moment have quite high payout thresholds in order to mitigate these gas costs.
My current development (0xPool, coming soon!) means that these tokens all get sent in bulk from the pool to a smart contract which accepts tokens and share data from the pool, and allows the miners to withdraw their tokens whenever they please. It also moves the bulk of the gas payment to the miner to withdraw, which is better for everyone involved as pools can lower fees, and miners have the choice of when to cash out their tokens. Tokens are also held in a contract with the share data, so there is no requirement of the miners to trust the pool owner with their tokens for more than ~2 minutes, which is basically how you make mining a little bit more DECENTRALISED, and TRUSTLESS, which is what this whole cryptocurrency thing was meant to be in the first place! Magic!
I hope this little write up helps someone understand the fundamentals of mining, pools, and 0xBTC a little better. Happy mining :)
Check out 0xBitcoin at http://0xbitcoin.org ~ /0xbitcoin Be sure to join the discord if you have any questions or want help setting up miners or trading!
submitted by goyface to CryptoCurrency [link] [comments]

Intro to 0xBitcoin Mining Theory and Pools

Hey guys, a friend of mine was wondering what this 0xBitcoin thing was all about and how it worked and I accidentally wrote a book, I thought it would make a good intro to anyone here who wonders how the mining and pool system work. Here goes:
The code for the token itself lives here, as a smart contract on Ethereum like any other ERC20 Token (Think EOS, OMG etc in their current form)
https://etherscan.io/address/0xb6ed7644c69416d67b522e20bc294a9a9b405b31
So that code controls how the token works. If you understand code on a basic level I'm sure you'll get the gist of it. The most important function in there is the "mint" function. The contract generates a hashed string (Using SHA-3, / Keccak algorithm),
When a miner solves that problem and finds the solution it will send a transaction to the smart contract with the solution data and call the mint() function, if it's right, the miner is rewarded with the tokens. (Currently with a reward of 50 0xBTC)
Note, 0xBTC has the same reward / difficulty / maximum supply data as Bitcoin itself.
Pools:
So pool software sits in the middle. It fetches the challenge data (The hashed string + The target difficulty) from the 0xBitcoin Smart contract. Miners connect their mining software to the pool server, and the pool software distributes the challenge around them at lower difficulty than the set difficulty that the token contract has set.
Onto a bit of mining theory, think of difficulty as accurracy, and the true solution for the mint() function is a bullseye. You can mine at the exact difficulty as the smart contract (Highest effective difficulty / accuracy), and when your miner finds something it thinks is the valid solution, it is 100% going to be the right one. However, This takes a LONG time to complete. If you mine at 1% of the target difficulty, every time your miner finds a solution it is less accurrate (Less certain to be the true solution) but you'll generate more potential valid solutions in a given amount of time.
Pools work on the theory that if you have lots of people working together for the same reward, they will find the solution faster by sharing the total difficulty among eachother. They generate lots of solutions that will hit within a certain radius of the actual bullseye, on the assumption that one of them will hit the actual target.
When one of them does get the target, the pool has its own Eth wallet and sends off for the mint() function.
It's been tracking the shares from each connected miner, and rewards miners based on the difficulty (remember, Accurracy) of their submitted solutions.
If you have a higher Difficulty (Maybe you have a lot of GPUs) and you send more accurrate solutions to the pool, you get rewarded more "shares" in the pool.
When the reward is hit, and the 0xBTC get sent to the pools wallet, the pool calculates the miners payouts based on:
MinerReward = MinerShares / TotalSharesForBlock
This means that those with more hash power get rewarded fairly for their investment of hash power into the pool because you generate more shares with higher accurracy.
When the block reward (50) is distributed, the smart contract generates a new challenge, the pools will reset everyone's shares and everyone starts working on the next problem.
The 0xBTC Pool Problem
The pools, at the moment then have to send off lots of tiny little transactions (Which cost Ethereum in gas) to distribute the rewarded tokens. This is expensive for the owner and means pools need to run with quite high fees. Also, pools at the moment have quite high payout thresholds in order to mitigate these gas costs.
My current development (0xPool, coming soon!) means that these tokens all get sent in bulk from the pool to a smart contract which accepts tokens and share data from the pool, and allows the miners to withdraw their tokens whenever they please. It also moves the bulk of the gas payment to the miner to withdraw, which is better for everyone involved as pools can lower fees, and miners have the choice of when to cash out their tokens. Tokens are also held in a contract with the share data, so there is no requirement of the miners to trust the pool owner with their tokens for more than ~2 minutes, which is basically how you make mining a little bit more DECENTRALISED, and TRUSTLESS, which is what this whole cryptocurrency thing was meant to be in the first place! Magic!
I hope this little write up helps someone understand the fundamentals of mining, pools, and 0xBTC a little better. Happy mining :)
submitted by goyface to 0xbitcoin [link] [comments]

SmartCash Reddit Mods Deleted this post. Why invest in SmartCash?

Why invest in SmartCash? To start, I found about SmartCash when I was mining at Zpool. Awesome miner keeps on mining a Keccak coin and that I will be earning 10x of what I’m supposed to have. For starters, it could be a glitch, so I switched to Nicehash, still the same. So instead of mining through these auto-exchange pools, why not mine the coin directly? Zpool stated that the coin for Keccak is Maxcoin same as what Nicehash has listed. Checked Maxcoin in CoinMarketCap, saw the price doesn’t make sense. I setup my rig, pointed to a working Maxcoin pool, and it’s not the same. So tried searching further, found a list of coins with Keccak used as an algorithm.. then found SmartCash. I went to the SmartCash website and saw that they have a lot of “community” projects being done. Youtube videos also explained how good the “community” is. The website also offered what’s called SmartRewards, you save a minimum of 1000 Smarts before the 25th of the month, leave it there until the 25th of the next month then get paid with the current percentage of what is showing in the SmartRewards calculator. Pretty enticing, because it is one way to “stabilize” the price. In order to get a headstart, I pointed my rigs to their “Official SmartCash Pools”, then hashed away. After a few days, I was able to amass around 300 Smarts. So, I planned to mine a bit more looking forward to getting the SmartRewards. As per “mining” goes on, a lot of things happened. The zcoin exploit, exchanges being disabled, difficulty rising exponentially and worst is, the exchange rate rose up to $3.20/Smart to a low $0.81 in a span of two days. Two (2) days, of disabled exchanges due to the zerocoin exploit. The Zerocoin exploit allowed 23.4 M SmartCash ($ 6.5 Million with current exchange rate at that time) was sent to a specific wallet. What makes the matters worse, they did ask the exchanges to “DISABLE” the SmartCash wallets. This is to prevent deposits and withdrawals, smart? Nope. It didn’t stop there. The Zerocoin exploit occurred Jan 8th-9th. The exchanges were disabled around that time. But if you look on the dates Jan 8th to 19th, stocks.exchange had their DEPOSIT option enabled. And then from there, you could see a literal price increase to a dump. Price went up to $3.45/SmartCash on Jan 13th and decreased drastically from there. Stocks.exchange showed a very huge sell order starting from Jan 18th. Eventually, the “supposedly stolen” SmartCash was sold for Bitcoin. Thinking that Exchanges we’re disabled at that time. A lot of us miners, didn’t find out about it and was wondering why “DEPOSIT” is enabled, while withdrawal isn’t. Simple, if you’re a coin developer or part of the project. You have the authority to tell the exchanges to enable deposits and/or withdrawal or both. Smart right? Well, it doesn’t end there. The so-called SmartCash whales did a tipping spree on Discord. People got SmartCash for free. A lot were able to setup their own SmartNodes and move on. The news spread across reddit, twitter and even steemit. People started joining the SmartCash discord, and then it went on from there. People are begging for Smartcash, people are asking for tips for some unknown or weird reason, some are even there who are just in for the free money. Sad to say, the SmartCash team found out about the tipping spree and changed the tipbot rules. Fact of the matter is this: 1. SmartCash has 70/30 Block Reward Split; 70% goes to SmartHive Community, 30% goes to SmartNode owners, SmartRewards and the Miners. 2. SmartCash team has more than coins locked on their repository, and yet the price is too low for the volume. 3. SmartNodes are around 6-7k count or more. Price is still low 4. Mining pools are having constant problems With all these four (4) reasons taken in account, why invest in SmartCash? There are a lot of coins out there where you could earn more decently and honestly. Denarius is one. Why keep on pushing on to invest in SmartCash? Is it because of the SmartRewards? It still didn’t help. Is it because they have 6-7k SmartNodes with 10000 Smarts locked? Nope, not either. Do the math, if you’re reading this, you should be good at it. Imagine locking 10000 Smarts on 7000 SmartNodes = 70000000 SmartCash (LOCKED). Yet, still the price is not on what you should expect. If you read clearly, exchanges were disabled when the exploit happened, but still a huge dump occurred even before they announced that withdrawal/deposit are working. Oh, and yeah.. they “asked” cryptopia to delist them. Or should I say, Cryptopia delisted them. Think twice before you invest in SmartCash. Be Smart. Smartkonnnneeeeeeeeeeeekkkkkkkkkkkk!
submitted by unsmartcash to u/unsmartcash [link] [comments]

InterValue: Analysis Of A New Anti-quantum Attack Cipher Algorithm

InterValue: Analysis Of A New Anti-quantum Attack Cipher Algorithm
https://preview.redd.it/pl9ytli1smd11.jpg?width=900&format=pjpg&auto=webp&s=afd90001218bb19c252f927ef2e292cb788c9a9d
InterValue aims to provide a global value Internet infrastructure. In response to deal with various problems that existing in the present blockchain infrastructure, InterValue optimizes the protocol and mechanism of blockchain technology at all levels, which can achieve the support agreement of value transmission network. At present, the InterValue 2.0 testnet has been released, we designed and implemented a new HashNet consensus mechanism. Transaction speed within one single shard exceeds 280,000 TPS and 4 million TPS for the whole network. Security (anti-quantum attack characteristics) is undoubtedly the highlight of InterValue under the goal of establishing a low-level infrastructure for the whole field of ecology.
What is the quantum attack?
Quantum computing is a new way of building computers—using the quantum properties of particles to perform operations on data, it is probably the same way as traditional computers. In some cases, the amount of algorithmic acceleration is unusual. It is this characteristics that makes some difficult problems that exist in the electronic computer environment become easy to calculate in the quantum computer. This superior computing power of quantum computers has influenced the security of existing public key cryptography which based on computational complexity. This is the quantum attack.
What does anti-quantum attack mean?
Algorithms have always been the underlying core of blockchain technology. Most of the current algorithms are unable to withstand quantum attacks. It means that all the information of the user will be exposed to the quantum computer. If you have an anti-quantum attack algorithm, it means that the personal information is safe, at least with current technology, it cannot be cracked. Anti-quantum attack algorithms mean security. The impact of quantum attacks on digital currencies is devastating. Quantum attacks directly disrupt existing information security systems. Quantum attacks will expose the assets in the digital industry, including the benefits of mining; the keys to your wallet will be cracked and the wallet will no longer be secure. Totally, the existing security system will be disintegrated. Therefore, it is imperative to develop anti-quantum attack algorithms in advance. It is a necessary technical means to firmly protect the privacy of users.
InterValue uses a new anti-quantum attack cryptographic algorithm at the anti-quantum attack level. By replacing the ECDSA signature algorithm with the NTRUsign signature algorithm that based on the integer lattice, and replacing the existing SHA series algorithm with the Keccak-512 hash algorithm, the speed, and threats of the rapid quantum computation decrease.
Adopt NTRUsign digital signature algorithm
Current ECDSA signature algorithm
The current blockchain mainly uses the ECDSA digital signature algorithm based on elliptic curve. The signature algorithm: First, the public-private key pair needs to be generated, the private key user keeps it, the public key can be distributed to other people; secondly, the private key pair can be used and a specific message is signed; finally, the party that owns the signature public key is able to verify the signature. ECDSA has the advantages of small system parameters, fast processing speed, small key size, strong anti-attack and low bandwidth requirements. However, the quantum computer can implement a very efficient SHOR attack algorithm by ECDSA signature algorithm, and the ECDSA signature algorithm cannot resist the quantum attack.
Adopt new NTRUsign-251 signature algorithm
At present, the public key cryptosystem against quantum SHOR algorithm attacks mainly includes public key cryptography that based on lattice theory, code-based public key system represented by McEliece public key cryptosystem and multivariate polynomial represented by MQ public key cryptography. The security of McEliece public key cryptosystem is based on the error correction code problem, which is strong in security but low in computational efficiency. The MQ public key cryptosystem, that is, the multivariate quadratic polynomial public key cryptosystem, based on the intractability of the multivariate quadratic polynomial equations on the finite field, has obvious disadvantages in terms of security. In contrast, the public key encryption system based on lattice theory is simple, fast, and takes up less storage space. InterValue uses the signature algorithm based on the lattice theory NTRUSign-251. The specific implementation process of the algorithm is as follows:
https://preview.redd.it/uzuqi589smd11.png?width=762&format=png&auto=webp&s=29670c99027fdcebadca64730ef2e3862f960192
It has been proved that the security of the NTRUSign-251 signature algorithm is ultimately equivalent to finding the shortest vector problem in a 502-dimensional integer lattice, but the SHOR attack algorithm for the shortest vector problem in the lattice is invalid, and there is no other fast solutions under the quantum computer. The best heuristic algorithm is also exponential, and the time complexity of attacking NTRUSign-251 signature algorithm is about 2168. Therefore, InterValue uses NTRUSign-251 algorithm that can resist SHOR algorithm attack under quantum computing.
Adopt Keccak512 hash algorithm
The common anti-quantum hash algorithm
The most effective attack methods for hash algorithm under quantum computer is GROVER algorithm, which can reduce the attack complexity of Hash algorithm from O (2^n) to O (2^n/2). Therefore, the current bit adopts the Hash algorithm PIREMD160 whose output length is only 160 bits, under this circumstance, quantum attacks algorithm used in the currency system is not safe. An effective way of resisting quantum attacks is to reduce the threat of the GROVER algorithm by increasing the output length of the Hash algorithm. It is generally believed that the Hash algorithm can effectively resist quantum attacks as long as the output length of the hash algorithm is not less than 256 bits. In addition to the threat of quantum attacks, a series of hash functions that are widely used in practice, such as MD4, MD5, SHA-1, and HAVAL, are attacked by traditional methods such as differential analysis, modulo difference, and message modification methods. Therefore, blockchains’ Hash algorithm also needs to consider the resistance of traditional attacks.
Winning the hash algorithm Keccak512
Early blockchain projects such as Bitcoin, Litecoin, and Ethereum used SHA series Hashing algorithms that exist design flaws (but not fatal). Recently, new blockchain projects have been adopted by the National Institute of Standards and Technology. The SHA-3 plan series algorithm is a new Hash algorithm.
InterValue adopts the SHA-3 plan's winning algorithm Keccak512, which contains many latest design concepts and ideas of hash function and cryptographic algorithm. It is simple in design, which is convenient for hardware implementation. The algorithm was submitted by Guido Bertoni, Joan Daemen, Michael Peters, and Giles Van Assche in October 2008. The Keccak512 algorithm uses a standard sponge structure that maps input bits of arbitrary length into fixed-length output bits. The speed is fast, with an average speed of 12.5 cycles per byte under the Intel Core 2 processor.
https://preview.redd.it/zwfzybeasmd11.jpg?width=724&format=pjpg&auto=webp&s=e0710e7fb1f80b7aa6517a296e2cadd6a51bd4c8
As shown in the figure, in the absorption phase of the sponge structure, each message packet is XORed with the r bits inside the state, and then encapsulated into 1600 bits of data together with the fixed c bits to perform the round function f processing, and then into the squeeze. In the extrusion phase, a hash of n-bit fixed output length can be generated by iterating 24 cycles. Each loop R has only the last step round constant, but the round constant is often ignored in collision attacks. The algorithm proved to have good differential properties, and until now third-party cryptanalysis did not show that Keccak512 has security weaknesses. The first type of original image attack complexity for the Keccak512 algorithm under quantum computer is 2^256, and the second type of original image attack complexity for the Keccak512 algorithm is 2^128, so InterValue combined with the Keccak512 algorithm can resist the GROVER algorithm attack under quantum computing.
Written in the end
Quantum computing has gone through 40 years from the theory to practice. From the emergence to the present, it has entered the stage of quantitative change to qualitative change in technology accumulation, business environment, and performance improvement. For the blockchain, the most deadly part is not investor's doubt, but the accelerated development of quantum computers. In the future, quantum computers are most likely to subvert the traditional technical route of classical computing and have a larger field of development. We are sympathetic to its destructive power to the existing blockchain, and we look forward to helping the entire blockchain industry to shape a new ecosystem. On the occasion of entering the new "quantum era, trusting society", the InterValue team believes that only by fully understanding the essence of quantum cryptography (quantum communication) and anti-quantum cryptography, can we calmly stand on a high level and arrange the outline.
submitted by intervalue to u/intervalue [link] [comments]

InterValue: Analysis Of A New Anti-quantum Attack Cipher Algorithm

InterValue: Analysis Of A New Anti-quantum Attack Cipher Algorithm
https://preview.redd.it/50gpnoe1wdl11.jpg?width=900&format=pjpg&auto=webp&s=c636ddc4a1c49658cba067084009e557a113b8a8

InterValue aims to provide a global value Internet infrastructure. In response to deal with various problems that existing in the present blockchain infrastructure, InterValue optimizes the protocol and mechanism of blockchain technology at all levels, which can achieve the support agreement of value transmission network. At present, the InterValue 2.0 testnet has been released, we designed and implemented a new HashNet consensus mechanism. Transaction speed within one single shard exceeds 280,000 TPS and 4 million TPS for the whole network. Security (anti-quantum attack characteristics) is undoubtedly the highlight of InterValue under the goal of establishing a low-level infrastructure for the whole field of ecology.
What is the quantum attack?
Quantum computing is a new way of building computers—using the quantum properties of particles to perform operations on data, it is probably the same way as traditional computers. In some cases, the amount of algorithmic acceleration is unusual. It is this characteristics that makes some difficult problems that exist in the electronic computer environment become easy to calculate in the quantum computer. This superior computing power of quantum computers has influenced the security of existing public key cryptography which based on computational complexity. This is the quantum attack.
What does anti-quantum attack mean?
Algorithms have always been the underlying core of blockchain technology. Most of the current algorithms are unable to withstand quantum attacks. It means that all the information of the user will be exposed to the quantum computer. If you have an anti-quantum attack algorithm, it means that the personal information is safe, at least with current technology, it cannot be cracked. Anti-quantum attack algorithms mean security. The impact of quantum attacks on digital currencies is devastating. Quantum attacks directly disrupt existing information security systems. Quantum attacks will expose the assets in the digital industry, including the benefits of mining; the keys to your wallet will be cracked and the wallet will no longer be secure. Totally, the existing security system will be disintegrated. Therefore, it is imperative to develop anti-quantum attack algorithms in advance. It is a necessary technical means to firmly protect the privacy of users.
InterValue uses a new anti-quantum attack cryptographic algorithm at the anti-quantum attack level. By replacing the ECDSA signature algorithm with the NTRUsign signature algorithm that based on the integer lattice, and replacing the existing SHA series algorithm with the Keccak-512 hash algorithm, the speed, and threats of the rapid quantum computation decrease.

Adopt NTRUsign digital signature algorithm
Current ECDSA signature algorithm
The current blockchain mainly uses the ECDSA digital signature algorithm based on elliptic curve. The signature algorithm: First, the public-private key pair needs to be generated, the private key user keeps it, the public key can be distributed to other people; secondly, the private key pair can be used and a specific message is signed; finally, the party that owns the signature public key is able to verify the signature. ECDSA has the advantages of small system parameters, fast processing speed, small key size, strong anti-attack and low bandwidth requirements. However, the quantum computer can implement a very efficient SHOR attack algorithm by ECDSA signature algorithm, and the ECDSA signature algorithm cannot resist the quantum attack.
Adopt new NTRUsign-251 signature algorithm
At present, the public key cryptosystem against quantum SHOR algorithm attacks mainly includes public key cryptography that based on lattice theory, code-based public key system represented by McEliece public key cryptosystem and multivariate polynomial represented by MQ public key cryptography. The security of McEliece public key cryptosystem is based on the error correction code problem, which is strong in security but low in computational efficiency. The MQ public key cryptosystem, that is, the multivariate quadratic polynomial public key cryptosystem, based on the intractability of the multivariate quadratic polynomial equations on the finite field, has obvious disadvantages in terms of security. In contrast, the public key encryption system based on lattice theory is simple, fast, and takes up less storage space. InterValue uses the signature algorithm based on the lattice theory NTRUSign-251. The specific implementation process of the algorithm is as follows:

https://preview.redd.it/byyzx8k3wdl11.png?width=762&format=png&auto=webp&s=d454123cabbe730271b66362a55e17b861ad50b4
It has been proved that the security of the NTRUSign-251 signature algorithm is ultimately equivalent to finding the shortest vector problem in a 502-dimensional integer lattice, but the SHOR attack algorithm for the shortest vector problem in the lattice is invalid, and there is no other fast solutions under the quantum computer. The best heuristic algorithm is also exponential, and the time complexity of attacking NTRUSign-251 signature algorithm is about 2168. Therefore, InterValue uses NTRUSign-251 algorithm that can resist SHOR algorithm attack under quantum computing.

Adopt Keccak512 hash algorithm
The common anti-quantum hash algorithm
The most effective attack methods for hash algorithm under quantum computer is GROVER algorithm, which can reduce the attack complexity of Hash algorithm from O (2^n) to O (2^n/2). Therefore, the current bit adopts the Hash algorithm PIREMD160 whose output length is only 160 bits, under this circumstance, quantum attacks algorithm used in the currency system is not safe. An effective way of resisting quantum attacks is to reduce the threat of the GROVER algorithm by increasing the output length of the Hash algorithm. It is generally believed that the Hash algorithm can effectively resist quantum attacks as long as the output length of the hash algorithm is not less than 256 bits. In addition to the threat of quantum attacks, a series of hash functions that are widely used in practice, such as MD4, MD5, SHA-1, and HAVAL, are attacked by traditional methods such as differential analysis, modulo difference, and message modification methods. Therefore, blockchains’ Hash algorithm also needs to consider the resistance of traditional attacks.
Winning the hash algorithm Keccak512
Early blockchain projects such as Bitcoin, Litecoin, and Ethereum used SHA series Hashing algorithms that exist design flaws (but not fatal). Recently, new blockchain projects have been adopted by the National Institute of Standards and Technology. The SHA-3 plan series algorithm is a new Hash algorithm.
InterValue adopts the SHA-3 plan's winning algorithm Keccak512, which contains many latest design concepts and ideas of hash function and cryptographic algorithm. It is simple in design, which is convenient for hardware implementation. The algorithm was submitted by Guido Bertoni, Joan Daemen, Michael Peters, and Giles Van Assche in October 2008. The Keccak512 algorithm uses a standard sponge structure that maps input bits of arbitrary length into fixed-length output bits. The speed is fast, with an average speed of 12.5 cycles per byte under the Intel Core 2 processor.

https://preview.redd.it/z0nnrjp4wdl11.jpg?width=724&format=pjpg&auto=webp&s=bef29aafeb1ef74b21bacb6db3f07987bf0a7ba5
As shown in the figure, in the absorption phase of the sponge structure, each message packet is XORed with the r bits inside the state, and then encapsulated into 1600 bits of data together with the fixed c bits to perform the round function f processing, and then into the squeeze. In the extrusion phase, a hash of n-bit fixed output length can be generated by iterating 24 cycles. Each loop R has only the last step round constant, but the round constant is often ignored in collision attacks. The algorithm proved to have good differential properties, and until now third-party cryptanalysis did not show that Keccak512 has security weaknesses. The first type of original image attack complexity for the Keccak512 algorithm under quantum computer is 2^256, and the second type of original image attack complexity for the Keccak512 algorithm is 2^128, so InterValue combined with the Keccak512 algorithm can resist the GROVER algorithm attack under quantum computing.

Written in the end
Quantum computing has gone through 40 years from the theory to practice. From the emergence to the present, it has entered the stage of quantitative change to qualitative change in technology accumulation, business environment, and performance improvement. For the blockchain, the most deadly part is not investor's doubt, but the accelerated development of quantum computers. In the future, quantum computers are most likely to subvert the traditional technical route of classical computing and have a larger field of development. We are sympathetic to its destructive power to the existing blockchain, and we look forward to helping the entire blockchain industry to shape a new ecosystem. On the occasion of entering the new "quantum era, trusting society", the InterValue team believes that only by fully understanding the essence of quantum cryptography (quantum communication) and anti-quantum cryptography, can we calmly stand on a high level and arrange the outline.
submitted by intervalue to InterValue [link] [comments]

Progress on Hcash's Post-Quantum R&D [Part 1]

I.Research and Design of Post-Quantum Technology Solution
1.1.Technology choice and solution design of Post-Quantum Signature:
•Security and Performance Analysis and Assessment of existing post-quantum signature solution We have carried out deep security and performance analysis and assessment of the following post-quantum signature solution such as Hash-based signature schemes: MSS (Merkle Signature Scheme), XMSS (eXended Merkle Signature Scheme), LMS, SPHINCS, NSW; Lattice-based signature schemes: GVP, LYU, GLP, BLISS, DILITHIUM, NTRU; Code-based signature schemes: CFS, QUARTZ; Multivariate-polynomial-based signature schemes: RAINBOW, etc. Compared to traditional signature solution (such as ECDSA algorithm commonly used in cryptocurrency system), post-quantum signature solution’s public key and signature are much longer. If we simply introduce post-quantum signature into existing cryptocurrency or Blockchain system, TPS will be reduced significantly. Take bitcoin for example, current TPS is 7 transactions per second. If we introduce post-quantum signature DILITHIUM, its TPS will be reduced to 0.389 transaction/second.
•In the design of Hcash post-quantum solution, we wish to achieve the following 4 features: 1) Compatibility: Compatible with existing ECDSA (Elliptic Curve Digital Signature Algorithm) signature solution; 2) Flexibility: Support multiple post-quantum signature solutions that are thoroughly analysed, assessed and proved by international cryptography research institutions, meanwhile their security and performance must be outstanding. 3) Security: the post-quantum solution must be proved secure in theory, and side-channel attack proof in practice; 4) high performance: Signing and signature verification must be fast. Most importantly, the public key and signature must be short.
•Based upon the principles described above, we have made our technology choice. On one hand, from security point of view, we have chosen Hash function based post-quantum signature solution (MSS or LMS), these solutions have weak security hypothesis and their security rely on Hash function. In another word, if the Hash function is secure, then the solution is secure. In our solution, we choose SHA-3 (that is Keccak. Keccak is chosen by NIST as international standard Hash function in October 2012). According to thorough analysis and assessment on Keccak done by international cryptography search institutions, we expect Keccak is very secure for a very long period in future. Compared to traditional computers, quantum computers do not have much advantage on attacking (collision attack, pre-image attack, secondary pre-image attack) Hash functions, which means Keccak function based MSS or LMS will have very strong security for a very long period in future. Besides, Keccak function based MSS or LMS solution is side-channel attack proof. On the other hand, from performance point of view (including signing / signature verification performance, public key / signature length), public key and signature length can significantly affect cryptocurrency or blockchain system’s TPS, therefore we have chosen Bliss whose overall performance is the best. This solution’s security is built on top of difficult mathematics problem based on LWE. Currently quantum computer does not have effective algorithm to solve the difficult math problem based on LWE. Because Bliss algorithm’s signing and signature verification performance is good, and its public key and signature length is shortest among the existing post-quantum signature algorithms, Hcash’s TPS will benefit from Bliss. To be clear, MSS, LMS and Bliss algorithms are all analysed, assessed and proved by international cryptography research institutions and their security and performance are all outstanding. (Although MSS/LMS has different security hypothesis from Bliss, their security can all be proved in theory)
•Based on the technology choice, we will adopt Keccak function based MSS or LMS (strong theoretical security and side-channel attack proof), and LWE based Bliss algorithm (theoretical security depends on LWE’s difficult math problem and its performance is the best among the existing post-quantum signature solutions). However, we still need to solve the following two critical problems:
1) public key and signature are much longer than traditional digital signature ECDSA’s public key and signature. If we implement these signature algorithms in cryptocurrency or blockchain, transaction size will increase a lot and TPS will be reduced significantly. 2) Discrete Gauss Sampling (DGS) module in Bliss algorithm has side-channel attack risk in practice. For problem 1, we propose a new SegWit (Segregated Witness) solution which solve the problem quite well.
For problem 2, there are some existing side-channel attack to Bliss algorithm. We have to point out that these attacks are difficult to implement. In the attack to multiplication calculation, the author himself points out that the attack which utilises Markov model cannot succeed if the Hamming weight acquired has relatively high level noise. In practise, Hamming weight always has some noise. When attacking sampling function with power consumption and electromagnetic information, firstly data quality will affect branch clause analysis, secondly even if data quality is high, it is difficult engineering job to accurately locate the divulge point on the curve. For the same reason, when analysing applications on the system using branch trace, although every branch clause can be recorded accurately (without noise), it is difficult to locate the attacking point among large amount of branch records. Regarding Cache attack, how to keep flush and reload happen alternatively in time series is a tough problem. It’s hard to implement without changing the source code. Although it’s very difficult to implement these side-channel attacks, we should pay enough attention to potential side-channel leaking problem in Bliss algorithm. Hence we propose effective protection solution after deeply analysing possible side-channel information leaking points in Bliss algorithm. This solution does not harm Bliss algorithm’s performance (Most importantly, the solution doesn’t change public key and signature length at all). The research outcome mentioned above will guarantee we implement highly secure and performant post-quantum feature in Hcash.
The advantages of our solutions are:
(1) Compatibility: before quantum computers come into use, cryptocurrency and blockchain systems can still use ECDSA signature solution. Our solution is compatible with existing ECDSA signature solution, hence it can not only connect with current mainstream cryptocurrency exchange platforms, but also build a foundation to support cross chain interaction in future.
(2) Flexibility: our solution supports two post-quantum signature solutions that are thoroughly analysed, assessed and proved by international cryptography research institutions. Their security and performance are both outstanding. It will provide great flexibility and sound security for Hcash
(3) Security: Our solution supports two post-quantum signature algorithms: MSS/LMS and Bliss. For MSS/LMS, its security hypothesis is weak (that is, its security only relies on the security of SHA-3 function). If SHA-3 function is secure, then the solution is secure. According to thorough analysis and assessment on Keccak done by international cryptography search institutions, we expect Keccak is very secure for a very long period in future. Compared to traditional computers, quantum computers do not have much advantage on attacking (collision attack, pre-image attack, secondary pre-image attack) Hash functions, which means Hash adopting Keccak based MSS/LMS will have very strong security for a very long period in future. Further more, Keccak based MSS/LMS solution is side-channel attack proof. For Bliss algorithm, its security is based on LWE’s difficult math problem (under this hypothesis it can be proved secure). So far quantum computers have no effective algorithms to solve LWE’s difficult math problem that Bliss algorithm relies on. Besides, we thoroughly analysed possible side-channel information leaks in Bliss algorithm and propose an innovative and effective protection solution, so that Bliss algorithm can effective prevent side-channel attack without compromising performance.
(4) High performance: our solution supports 2 post-quantum algorithms whose signing/signature verification and public key/signature length are both outstanding among existing algorithms. Because post-quantum signature solution’s public key and signature length are much longer than traditional ECDSA’s, it will increase transaction size a lot and reduce the number of transaction in each block, and reduce TPS in the end. To solve this problem, we propose an innovative SegWit scheme which can solve this problem quite well. It’s deserved to be mentioned that, our post-quantum solution integrated with our new combined consensus scheme (which is already implemented in Hcash) will materialise our absolute superiority in TPS. e.g., if we implement DILITHIUM signature in Bitcoin, its TPS is maximum 0.389 transactions / second, while if we implement our post-quantum solution, its TPS is about 150 transactions / second.
(5) Usability: our post-quantum signature solution can be used widely in existing cryptocurrency and blockchain systems.
submitted by H_cash to hcash [link] [comments]

BIP 32/39/44 Seed Portability?

This article - Why do my BIP32 wallets disagree? is a bit disconcerting.
Results below provide evidence by example that Trezor and libbitcoin's bitcoin-explorer (bx) command line interface have seed portability.
I thought I would try using the bitcoin-explorer (bx) command to see results generated to contrast to the article for m/44'/60'/0'/0/0.
% echo "radar blur cabbage chef fix engine embark joy scheme fiction master release" | bx mnemonic-to-seed | bx hd-new -v 76066276 | bx hd-private -d -i 44 | bx hd-private -d -i 60 | bx hd-private -d -i 0 | bx hd-private -i 0 | bx hd-private -i 0 | bx hd-to-ec
b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18
*For an uncompressed public key:*
% echo b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18 | bx ec-to-public -u
0405b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bbe24fabdd03888410ace3fa4c5a809e398f036f7b99d04f82a012dca95701d103
After dropping the leading 0x04 from the uncompressed public key, a keccak hash function (used by both Ethereum and Monero; is not NIST's SHA3-256) is applied.
% ./keccak -256 05b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bbe24fabdd03888410ace3fa4c5a809e398f036f7b99d04f82a012dca95701d103 0AB3387A148B3C4B18C333FCAC39B311DCEB2A4B2F5D8461C1CDAF756F4F7AE9
The bolded 20 byte Ethereum address immediately above matches the "Otherwise" result in the article up top.
*For a compressed public key:*
% echo b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18 | bx ec-to-public
0305b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bb
After dropping the leading 0x03 from the compressed public key,
% ./keccak -256 05b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bb 1BE3816C914DCFF6C350BBFB1AEC8694FC4F546191026031FEFFB312D342B93B
For grins, I decided to generate a comparable situation for Trezor using its web interface. I used the Trezor (with firmware v1.3.6 and v1.4) recovery instructions for the pertinent 12 word recovery seed, "radar blur cabbage chef fix engine embark joy scheme fiction master release", to see what the results are for an extended M/44'/0'/0'/0 xpub key to contrast to bx calculations. The resulting xpub key resulting from two restores is:
xpub6DHi64TFkDPx2AH4q2ku3vX9LJYNpTis5tLrET8Sb9irp174eCkgtAnvBpyzQXgrtmF31Lrq4gTMGFUGcjJicMu9LdueVdqt6FZ2Wzcg8Fj
% echo "radar blur cabbage chef fix engine embark joy scheme fiction master release" | bx mnemonic-to-seed | bx hd-new -v 76066276 | bx hd-private -d -i 44 | bx hd-private -d -i 0 | bx hd-public -d -i 0 xpub6DHi64TFkDPx2AH4q2ku3vX9LJYNpTis5tLrET8Sb9irp174eCkgtAnvBpyzQXgrtmF31Lrq4gTMGFUGcjJicMu9LdueVdqt6FZ2Wzcg8Fj
Seed word results from Trezor and libbitcoin are consistent!!!
submitted by greatskaht to TREZOR [link] [comments]

ZiftrCOIN Mining Update: Proof of Knowledge algorithm

TL;DR: Ziftrcoin is dropping Sign to Mine(S2M) and using the new Proof of Knowledge algorithm due to the potential problems S2M could create being much worse than the ones it was meant to solve.
     

Goodbye Sign to Mine. Hello Proof of Knowledge.

One of the things we love so much about cryptocurrency is the opportunity to engage with a community of brilliant individuals who are just as passionate about this technology as we are. Our priority, first and foremost, is to put out the best tools, applications, and products possible to improve cryptocurrency and facilitate mass adoption.
Fortunately, thanks to Reddit, BitcoinTalk and other online cryptocurrency communities, we’ve received a lot of great feedback – specifically on our Sign to Mine mining algorithm. We’ve taken all of this valuable feedback into careful consideration and have decided to say goodbye to Sign to Mine and hello to a new and improved mining algorithm that we’re calling Proof of Knowledge.
Please read on for all the details behind this decision and for an introduction to Proof of Knowledge. As always, we would love to hear any and all constructive feedback!
   

Problems with Mining

When we first set out to create ziftrCOIN, one of the goals that we had was to make improvements on cryptocurrency wherever we could. Bitcoin has a handful of issues that some people see as possible problems – problems that we wanted to try to fix and prevent.   One of these issues is the risk of centralized control of the network hashing power. As mining gets more difficult, there is a natural tendency to have fewer yet larger mining pools. Unfortunately, the operators in charge of these pools then have control over large portions of the miners. The problems caused by this are outside the scope of this discussion but they include 51% attacks, selfish mining, and coordinated double spending.   These problems only exist if the miners act on them. While it is unlikely that a large group of anonymous strangers would all be willing to combine forces to attack the network, a pool operator may choose to do so single-handedly. This is exactly where centralization becomes a problem: when pool operators have exclusive control over a large portion of the hashing power of the network.
 

Sign to Mine As a Proposed Solution

This was where our S2M solution was meant to help. In a normal mining setup, the miners mine the coins directly to an address controlled by the pool. It’s then up to the pool to distribute the rewards appropriately. With S2M, all miners working together must have the ability to withdraw the mined coins directly. This means that any single miner on the pool could choose how to distribute the rewards, including taking 100% of them. The idea is that S2M could prevent pooling by large groups of anonymous strangers. Pooling would still be possible, but every member of the pool would have to trust the entire group. However, pools serve a very important function for miners, which is to smooth out reward variance. It’s impractical for a miner to leave their equipment running for long periods of time in the hopes that they’ll win a large reward. Small constant payouts are practically required for miners to operate.   We had plans to solve the rewards variance problem by providing a solution called social pooling. With social pools, miners could use reputation systems and social networking to find groups of like-minded miners to work with. In this way, people could pool their power and vary the rewards while also reducing the risk of loss caused by an anonymous user running off with the coins.
   

Possible Problems Caused By Sign to Mine

All of this sounds pretty good, so why get rid of S2M? The short answer is that our testing and theory-crafting showed that the problems created by the system could be much worse than the ones it was meant to solve. In addition, there are also ways pool operators could work around the limitation.
 
First, let’s look at some possible problems caused by S2M. If a miner is not getting regular rewards, it’s a safe assumption that they will simply stop mining. What this means is that only miners with enough hashing power to get regular payouts, sometimes referred to as whales, will mine. This leads to the exact problem we wanted to prevent in the first place: large portions of the mining power controlled by a single entity. In this case, it could be even worse because unlike the pool operators in a typical mining scenario, these miners would have direct control over the equipment itself.
 
Social pooling was our proposed solution for combatting the centralized mining by whales. In theory, groups of friends could gather enough hashing power to become equal to larger miners. However, what we’ve discovered is that the social mining would heavily reward malicious users and bad actors, leading to things like scamming users, creating fake accounts to build rep, and buying and selling of high-ranked accounts in order to steal block rewards. There are already enough problems in cryptocurrency with user security, theft, and scamming. To not only invite these problems but also to create a system that outright rewards bad actors seems to be the wrong answer.
 
The next issue is pool operators simply working around the system. Operating a pool can be a profitable enterprise. S2M would increase demand for a good pool to connect to. With S2M, the risk is that a miner could run away with the block rewards. A pool operator could easily work around this by providing each miner with a unique address to sign and mine with. By doing this, if a user ran off with the coins, the pool would know which user it was. The pool operator could then simply require a deposit equal to a single block reward, meaning that for any miner to mine on the pool they would have to give a block reward worth of coins temporarily to the pool. These coins could be held in a type of escrow account. When the user is done mining, they could check out, and get their deposit returned. If the user is found to have stolen a block reward, then the pool would simply seize the deposit. This could further be expanded on by allowing users to enter credit card info instead, or by requiring users to mine a block reward worth of coins before allowing a withdrawal.
 
Setting up account systems, escrow systems, and/or credit card processing systems isn’t a simple task. What this means is that only larger groups of dedicated people could create and operate pools. This would further push out the “little guy” and lead to centralized pools. Also, since the pools would be in demand, pool operators would also be able to charge large fees. The large fees would reduce the profitability of mining and lead to less users mining and a less secure blockchain.
 
Just like social pools, these large “buy in” pools are also breeding grounds for malicious activity. Hackers stealing deposits, scam pools accusing miners of theft to seize deposits, and credit card and account theft are just a few of the things that are likely to happen in a setup like this. When mining as part of a pool, the miner already has to put a lot of trust in the pool operator. Inviting all these other ways in which the miner could be ripped off is a bad idea for the mining community.
 
Due to all of these issues, it simply doesn’t make sense to keep S2M as part of ziftrCOIN. It’s a lot of work and risk for the miners who won’t even directly see the benefits. Keeping miners mining is an important part of keeping a blockchain strong. It seems much more likely that S2M would backfire and cause the problems it’s meant to prevent than it does that the problems would arise in the first place.
 
With all of this said, we had already put some resources into developing Sign to Mine before we decided not to go that route. The Sign to Mine code is contained within a branch in our GitHub repository, which will be made available when the coin is released. Obviously, this will be freely issued and available for anyone to use. There may be variations of S2M that put better incentives in place, and it would be great to see someone out there find a better way to use it.
 

ziftrCOIN’s New and Improved Mining Algorithm: Proof of Knowledge

Keeping mining decentralized is still an important goal for us, but attempting to force it via S2M doesn’t seem to be the solution. Instead, we are going to use something that we call Incentivized Proof of Knowledge.
In our version of Proof of Knowledge, the miner may optionally prove knowledge of transaction data while mining to get a slightly higher reward. More specifically, a block solved with Proof of Knowledge of transaction data is allowed to claim a 5% higher reward than those that are not. The idea here is that we want to incentivize miners to run their own software to decide which transactions will be processed, rather than just working on data given by the pool operator. With this setup, pools can still exist to limit the variance of miners, but are no longer the source for transaction data while mining.
 
The exact hashing algorithm used is a combination of the 5 finalist algorithms that NIST selected as candidates for SHA3 (BLAKE, Grøstl, JH, Keccak, and Skein). The first in the series, Keccak, is executed, and then the order of the next four is determined based on the result.
 
The opt-in process of using transaction data while mining should reward miners who contribute their resources to the network in the form of running a full node. However, a pool protocol could just transfer transaction data and circumvent the requirement that the miner run a full node. Transmitting all transaction data to miners would require large amounts of bandwidth, however, so we do not expect that this will be an issue. In addition, even if this were done, it still increases decentralization by making miners aware of transaction data (in the standard work protocol, miners are not given autonomy to determine which transactions are mined into a block).
 
The obvious attack on this system is that miners could simply not run a full node and never add any transactions to their blocks. Since their blocks would be empty, there would be nothing to prove knowledge of. This would allow them to avoid the bandwidth overhead while still mining with Proof of Knowledge of transaction data to gain the 5% in rewards. But this is where the tie-breaking strategy kicks in.
 
In ziftrCOIN, the core client calculates the number of sufficiently old coins spent in each new block received on the peer-to-peer network. When two blocks are solved on the tip of the chain at nearly the same time, the block with more sufficiently old coins spent in it is chosen as the correct block. Chains are still prioritized by most-work first; the counting of old coins spent is only used when two chains have the same work. This tie-breaking strategy makes it unprofitable for a miner to mine PoK blocks while not including transactions because the blocks would have far fewer old coins spent in the block, and they would lose ties. Since the tie-breaking strategy is mathematically expected to take effect in approximately 18% of blocks, a 5% increase in rewards would not be sufficient to make this attack worthwhile.
 
Why make mining with Proof of Knowledge optional? The reason is that we don’t want to add unnecessary barriers to entry. Many miners may not find a 5% increase in payouts to be a sufficient reward for the hassle of running a full node. These miners could still participate in the ecosystem through a standard pool, but are at a slight economic disadvantage.
 
As mentioned above, we welcome any and all constructive feedback regarding our new mining algorithm. We believe wholeheartedly in the future of cryptocurrency and we value the community’s insight as we continue to do everything we can to improve it.
submitted by ZCdev_Stephen to ziftrCOIN [link] [comments]

Shibes, now is the time to build our own rocket to the moon! And this is how:

Right now we are in an interesting discussion about our future – the future of our beloved dogechain. It's the backbone of our economy. Every tiny shibe uses the same playground to play and dig and to have all this fun.
Lately, as i'm sure every shibe noticed, we got an offer from litecoin to merge our mining. First of all, thank you ! Thats very kind.
But in my honest opinion, i think we are strong enough to stand on our own little paws. We don't need a bigger brother, who protects us when we are in trouble or someone wants to do us harm.
We are already strong enough to protect us on our own. And we found good friends in the playground, like the good guys from Digibyte.
But we have to be aware of our future. We have to defend ourself when we are threatened. We have to protect our dogechain.
The critical point is reached, when our blockreward is not enough to keep all the miners digging. The less people dig, the lower is our security of our dogechain. Especially when the first asic miners get released and only a few of them can totally overcome our global hashrate.
Yes, we can fight them if we change our algorithm to sCrypt-n, or Keccak, or X11, or...
We become a pure PoS Coin after the last block halving.
In my opinion we should get rid of the old PoW system, after the point we are fully mined out (our blockreward hits 10k coins). Instead we should change to pure PoS with an interest of 1-5% per year.
This would favour every shibe who believes in our coin. Just imagine the crazy buying and mining mania after everyone understands that dogecoins are limited. It would also make our blockchain safe to 51% PoW attacks!
This would also allow everyone to participate in the network, practically you could PoS mine with every smartphone or laptop or tablet, you just need your wallet on the device ! Every shibe can participate !!
And for our well experienced digging shibes, we could start our own Doge-Multipool for every other hash algorythm.
Right now our network is at 80 gigahash ! Thats 80000 megahash, or in other words:
360(!) bitcoin buying power every day! (if you calculate with 0,0045 btc/mh)
Now imagine that people pour 200k dollar in our economy every day. We can create Doge-Multipools for sCrypt-n, X11, Keccak or even Sha256! Imagine people to mine bitcoins, just to get paid out in dogecoins! Doesn't that sound to good to be true ? Well maybe, but we have 1 year in front of us to build our rocket.
And i honestly think, that this is the most efficient rocket to fly us to the moon. All of us !
Wex <3
submitted by Wex- to dogecoin [link] [comments]

bitcoin private key finder new btc private key calculator trick 2020 Best Bitcoin Mining Site 2020  Without Investment ... Claymore's Miner DUAL Mining ETH + Blake2S & Keccak Algorithm Guide MCO vs CRO Profit Calculator - Which Crypto.com Coin Is Better? bitcoin calculator

NiceHash is the leading cryptocurrency platform for mining and trading. Sell or buy computing power, trade most popular cryprocurrencies and support the digital ledger technology revolution. Algorithm: Keccak Block time: 59s Last block: 3,608,500 Bl. reward: 8.00 Bl. reward 24h: 8.00 Difficulty: 2,831.028 Difficulty 24h: 3,187.441 Difficulty 3 days: Accurate Maxcoin mining calculator trusted by millions of cryptocurrency miners. Updated in 2020, the newest version of the Maxcoin profit calculator makes it simple and easy to quickly calculate mining profitability for your Maxcoin mining hardware. SHA-3 (Keccak) Calculator SHA-3 (Secure Hash Algorithm 3) / Keccak is the latest in the National Institute of Standards and Technology series of Cryptographic Hash Functions . This particular algorithm was developed after theoretical weaknesses were found in the SHA-1 algorithm, so that there would be a credible ready-to-use replacement for the Stats Now AVG 1H AVG 3H AVG 6H AVG 12H AVG 24H AVG 48H AVG 72H ; Network Hashrate : 10.5095 Th/s 10.1344 Th/s 10.2025 Th/s 9.9761 Th/s 10.0153 Th/s 10.0842 Th/s

[index] [22402] [8470] [12815] [6738] [8404] [10352] [15422] [21927] [2026] [7452]

bitcoin private key finder new btc private key calculator trick 2020

TCM-FM1 FPGA Board Evaluation video. Keccak 500 Mhz (2.5GH) (2018/10/12) This board run with 5core Keccak algorithms with 500 Mhz Clock. FM1 Board FPGA chip supports 550Mhz Core Clock running. it ... You can use this calculator to sum up the benefits and you can change CRO and MCO prices to match current market prices and you will see your annual returns. #mco #cro #calculator #cryptocom Today i show you that Claymore's miner Supports two new algorithms on Dual mining, Blake2s & Keccak Algorithm. In the video i explain how to set up the Dual mining, the other scripts for dual ... Dollar Crash Prediction - When & How it will happen according to Billionaire Ray Dalio - Duration: 12:07. Roger James Hamilton 116,277 views private key ginerator#bitcoin private key finder# https://btctools.info bitcoin private key finder software, bitcoin private key cracker online, bitcoin private key finder download, get private ...

Flag Counter