How could devcoin keep the miners get only 10% of the coins?Can it prevent the miners cheat the developers,like change some docs in the source code or client?
thank you very much for helping me
Mining is computationally complex, but is easy to verify. Network verifies each transaction and reject invalid ones. Miner can try publish invalid transaction, but it won't pass verification and won't be approved/
Related
Does anyone know what's a hashgraph and the difference from blockchain? If you could explain it to me how it works, I would be pleased!
Thank you in advance!
Hedera Hashgraph is very much different from a regular Blockchain (which is a chain of blocks as its name suggests), it is a DAG (Directed Acyclic Graph).
You can read more about what a DAG is in the link provided but apart from that how Hedera is different is that it is solving the below problems that any DLT should overcome to become Scalable, Secure and Fast without losing Trust:
(1) Performance,
(2) Security,
(3) Governance,
(4) Stability,
(5) Regulatory Compliance.
How is it solving all this simultaneously without losing Trust is something that you can read more in their whitepaper which explains beautifully or refer this article from Rejolut.
One primary problem with any Public Blockchain is the TPS or Transaction per second it can handle and Hedera Hashgraph is miles ahead of the others with being able to clock 100,000 TPS which makes it valuable and preferred option as it offers services like Crypto Service, File Service, Smart Contract Service and Consensus Service.
You can have a look at some of the explorers like Kabuto and Dragonglass to get an idea of the transaction speed and other details.
If you want to play around with Hedera Hashgraph, their docs are very well written or you can use console playground to work on Smart contract and Consensus services directly and maybe use fairorder to do the account management for you to begin with.
Hedera does not use blockchain. It uses DAG, "Directed Acyclic Graph. it keeps the records of communication of all the nodes in Dag and time stamps all these messages. Sending messages between nodes is called gossiping`. Its source code is not open source.
How does the gossip protocol work
In hashgraph, when sending information between nodes, "Alice" will
choose another member at random, such as "Bob". Then Alice will tell
Bob all of the information she knows so far. Alice then repeats this
information with a different random member. Bob repeatedly does the
same, and all other members do the same. In this way, if a single
member becomes aware of new information, it will spread exponentially
fast through the community, until every member is aware of it.
The synchronization of information between two members through the
gossip protocol is called a gossip sync. Upon completion of a gossip
sync, each participating member commemorates the gossip sync with an
event. An event is stored in memory as a data structure composed of a
timestamp, an array of zero or more transactions, two parent hashes,
and a cryptographic signature. The two parent hashes are the hash of
the last event created by the self-parent prior to the gossip sync and
the hash of the last event created by the other-parent prior to the
gossip sync.
Gossiping is the basis of the hashgrap consensus algorithm which uses asynchronous byzantine fault tolerant (abft) . this indicates that there is no specific time when all the nodes reach consensus. In other words abft consensus mechanism has no block time. (there is no blockchain here. neither a block reward)
Since gossiping the fastest way of sperading information, it takes 3-5 seconds for the entire network to reach a consensus.
Hedera claims that the network achieves 10,000 HBAR cryptocurrency transactions per second. (i personally do not believe those claims)
You can also write smart contracts on Hedera. But you cannot execute 10000 smart contract operations per second because Hedera uses EVM and EVM is very slow.
Hedera has no slashing. If validators misbehave, they will not lose any of their crypto holdings. because they claim that hedera hashgraph gives validators less opportunity to misbehave. validators receive the 90% of the network fees.
I need to get an understanding of ISO-8583 message platform,lets say i want to perform a authorization of a card transaction,so in real time at a particular instance lets say i got 100000 requests from network(VISA/MASTERCARD) all for authorization,how do i define priority of there request and the response,can the connection pool handle it(in my case its HIKARI),how is it done banks/financial institutions for authorizing a request.Please provide me some insights on how to manage all these requests.Should i go for a MQ?
Tech used are:-spring boot,hibernate,spring-tcp-starter
Your question doesn't seem to be very well researched as there are a ton of switch platforms out there that due this today and many of their technology guides can be found on the web including for major vendors like ACI, FIS, AJB,.. etc if you look yard enough.
I have worked with several iso-interface specifications, commercial switches, and home grown platforms and it is actually pretty consistent in how they do the core realtime processing.
This information on prioritization is generally in each ISO-8583 message processing specification and is made explicitly clear in almost every specification I've ever read written by someone who is familar with ISO-8533 and not just making up their own variant or copying someone elses.
That said.. in general at a high level authorizations / financials (0100, 0200) requests always have high priority than force posts (0x20) messages.
Administrative messages in the 05xx and 06xx and 08xx sometimes also get bumped up above other advices.. but these are still advices and almost always auths/financials are always processed first as they A) Impact the customer B) have much tighter timers than any advice by usually more than double or more.
Most switches I have seen do it entirely in memory without going to MQ and or some other disk for core authorization process to manage these.. but not to say there is not some sort of home grown middle ware sometimes involved.. but non-realtime processes regularly use a MQ process to queue or disk queuing these up into processes not in-line of the approval for this Store-and-forward (SAF) processing.. but many of these still use memory only processing for the front of their queue.
It is important to also differentiate between 100000 requests and 100000 transactions.. the various exchanges both internal and external make a big difference in the number of actual requests/responses in flight at even given time.. a basic transaction can be accomplished in like two messages.. but some of the more complex ones can easily exceed 20 messages just for a pre-authorization or a completion component.
If you are dealing with largely batch transaction bursts.. I can see the challenge of queuing but almost every application I have seen has a max in flight for advices and requests separate of each other.. and sometimes even with different timers.. and the apps pumping the transactions almost always wait for the response back before sending more.. and this tends to work fine for just about everyone.. including big posting batches from retailers and card networks. So if your app doesn't have them.. you probably need to add them.
In fact your 100000 requests should be sorted by (Terminal ID and/or Merchant ID) + (timestamp/local timestamp) + (STAN and/or RRN).
Duplicated transaction requests expected to be rejected.
If you simulating multiple requests from single terminal (or host) with same test card details the increasing of STAN/RRN would be a case.
Please refer to previous answers about STAN and RRN ISO 8583 fields.
In ISO message, what's the use of stan and rrn ?
In challenge-response mechanism (and other systems), it advised not to use time-based nonce.
Why it should be avoided?
(Disclaimer: I have no degree in crypto, everything I wrote is just a layman's opinion.)
Using time-based nonces is discouraged because they are likely to incidentally collide and easy to be implemented in a wrong way.
Nonces (“numbers used only once”) are not the same thing as secret keys or initialization vectors. The ciphers that use them are usually designed bearing in mind that:
exposing nonces to the attacker doesn't harm security as long as the secret key is not compromised;
nonces don't have to be random at all, all they have to be is unique for a given secret key.
So, it's perfectly okay to select zero as the starting nonce and increment it before sending each successive message. Nonce predictability is not an issue at all.
The sole reason why time-based nonces are discouraged are probable backward clock adjustments. If your system NTP service rewinds your clock two seconds backward, then your are likely to send two encrypted messages with the same nonce within the short period of time. If you can guaranty that no clock rewinds will ever happen, than go ahead.
Another point against time-based nonces is that the clock resolution may be not enough to provide each message with a unique number.
UPD:
Using counter-based or time-based nonces is safe in terms of encryption strength. However, they may weaken your security system by providing attacker with additional information, namely: how much messages have the you system already sent, that's the average message rate, that are the number of clients it serves simultaneously, and so on. The attacker may be able to use this information to their advantage.That's called a side-channel attack.
See also:
https://crypto.stackexchange.com/questions/37903
https://crypto.stackexchange.com/questions/53153
https://download.libsodium.org/doc/secret-key_cryptography/encrypted-messages.html, section “Nonce-misuse resistance”
a time or counter based nonce could lead to a scenario where an attacker can prepare in advance ... that alone usually won't break a system, abut it is one step into the wrong direction... unpredictable nonces usually don't hurt...
I am writing a bitcoin app and looking to implement a 'cancel' feature. All over reddit are references that if under 3 confirmation have occurred, technically a payment can be stopped. Maybe only a minute or 2 available, but still.
I cannot find any reference in the bitcoin api docs to demonstrate how this would be done.
I know that one altcoin uses an intentional 60 min gap to confirm for this very reason.
Anyone know how this is done?
Is it possible to cancel a Bitcoin transaction ...
... which was not yet broadcasted?
Yes, obviously it is possible. I'd propose you choose this method in your Bitcoin app by showing the user a confirmation screen for some seconds with information about the transaction and some buttons saying cancel and confirm. #nahtnam proposed a 60 minute delay which is too much, considering you may lose internet access or want the transaction to appear in the blockchain as soon as possible.
... which was already broadcasted?
Maybe... To cancel such a transaction, you'd need to create a block yourself which moves the inputs of the original transaction to one of your own addresses. (Effectively invalidating the original transaction.) However, creating a block costs several thousand dollars as of now and finding a block is not guaranteed.
Another possibility would be to broadcast another transaction taking the same inputs as the original one and targeting the outputs at one of your own addresses/wallets. To motivate miners to include this transaction instead of the original one, you increase the transaction fee. However, some clients may not relay such double spent transaction to the miners and some miners may reject the double spent transaction and include the original one (the one they received first), instead. (c.f. Bitpay encountered zero double spent in the first 10000 transactions. and Cancelling an unconfirmed transaction by #theymos (bitcoin.stackexchange))
There are some tricks to hide your initial transaction from miners by creating a so-called "non-standard" transaction. Alternatively, the transaction could include a very low fee to make miners reject it for economic reasons. (c.f. Significant losses by double-spending unconfirmed transactions (bitcoin-dev mailing list) and Double-spending by #petertodd (Reddit)) However, this makes your transaction look suspicious to the receiver if they look closer at it and they will most likely ask you to wait until it has one or more confirmations.
Finally, it is also possible if you set a flag on the original transaction to indicate replaceability. You can then replace the original transaction with another one by including the same (one or more) inputs in the replacement transaction. Also, you must pay a higher fee. However, not all miners honour this flag and some might still include your initial transaction. (c.f. Reference to BIP 125: Opt-in Full Replace-by-Fee Signaling)
... which is included in one or more blocks?
No, very unlikely to impossible. You'd need to control a substantial amount of hashing power to create a fork by rebuilding the blockchain starting at the block before the original transaction happened and ending at the block with height = (current public blockchain height) + 1. Therefore, "the more confirmations you have, the more difficult, expensive, and unreliable an attack like this is."
Source: #DannyHamilton (Bitcointalk)
The bitcoin paper by Satoshi Nakamoto explains that this is always possible when you control more than 50% of the hashing power, and possible with a probability less than 1, but greater than 0, if you control less than 50% hashing power. See Bitcoin: A Peer-to-Peer Electronic Cash System.
Though, if you control a substantial amount of hashing power, you are likely incentivised to not undermine the trust in bitcoin by undoing transactions and indirectly hurting your revenue stream from mining.
No. It is impossible to stop a bitcoin transaction. Thats what makes bitcoin so different. There is no way to reverse a transaction except for getting the receiver to send it back to you.
On another note, you could still have a cancel feature. You could set a delay of 60 minutes before you send a transaction and in that gap, someone can cancel but as I mentioned before there is no way to stop a transaction that has already reached the blockchain.
Work out the strategy before making a bitcoin payment. Check that both bitcoin addresses for payer and recipient are correct (use the copy and paste facility). Check that details of the product/service and $ amount are correct. Check that you have the correct private key details. Expect to wait at least 24 hours for confirmation. This allows time for the miners to validate the transaction. Then check your bitcoin account to ensure that the transaction is completed correctly by inserting your private key details into Google search, or check your bitcoin software for the transaction details.
It is complicated and expensive to cancel a transaction. So before you make payment, check, check and check again before sending.
I am currently designing a service (wsHttp) which should be used to return sensitive data. As soon as a client asks for this data, I get it from the database, compile a list, then delete the data from the database and return the list.
My concern is that something happens on the way back to the client (network issues, ...) I have already deleted the data from the database, but the client will never get it.
Which out of the box solution do I have here?
This is an inherent problem in the distributed computing. There is no easy solution. The question is how important it is to recover from such errors.
For example, if one deletes some records but the client gets disconnected, next time he connects he will see those records as deleted. Even if he tries to delete them again (data stayed in the UI), this will do no harm.
For banks transferring money, they have an error resolution mechanism where they match the transactions that happened between them in a second process. Conflicts will be dealt manually.
Some systems such as NServiceBus rely on MSMQ for storing messages and eventual consistency where a message destined to a client will eventually arrive whenever he is connected again.
There is no out of the box solution for this. You would need to implement some form of user/automated confirmation that the data had been recieved and only delete once this was returned.
Ed
There is an easy solution. But it doesn't come in a box.
Protocols like WS-ReliableMessaging (or equally TCP/IP) give you a layer of reliability under your messaging, but all bets are off once that layer offloads the message to the layer above.
So reliability can only be fully addressed at the absolute highest layer - the application layer, not by any lower layer down the communication stack. This makes it a first class business concern, not a purely technical concern.
The problem can be solved with a slight change to the process of deleting your sensitive data.
Instead of deleting it immediately, flag it for deletion. Then, build into the business processes that drive your service the assertion that the client must acknowledge receipt of the sensitive data. Then, when you get the acknowledgement back you can safely delete the data flagged for deletion, knowing that it has been received.
I recently wrote a blog post reasoning that reliability is a first class business concern that cannot be offloaded to a lower layer.