elective-stereophonic
elective-stereophonic
2-Phased Transactions Post-Implementation Specification singapore
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Stable Nxt Client: Nxt 1.12.2

Pages: 1 [2] 3 4 5  All

Author Topic: 2-Phased Transactions Post-Implementation Specification  (Read 24422 times)

benjyz

  • Hero Member
  • *****
  • Karma: +71/-4
  • Offline Offline
  • Posts: 508
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #20 on: November 17, 2014, 01:54:27 pm »


Awesome man! I hope we will be able to use this to force a confirmation on your mobile device before a transaction on your account can go through.

Who ever said 2-factor authentication wasn't possible to do in crypto, they'd be surprised now  ;D

There are some really cool options here, your giving me a lot to do ui side  ;)

This would be amazing if this would enable 2 factor auth on the mobile app.
But at the moment don't you have to choose to send transactions as 2 phased, meaning that if your account is hacked the attacker would just choose not to use 2 phased?

Unless there is some kind of set all transactions as 2 phased switch, that can only be changed via agreement of primary and secondary account?

Enabling 2FA means giving up control. It's tricky. usually the way this is done via a provider such as google. So you need really a tool to build 2FA from scratch. With Twillio this might be done. So instead of building standard 2FA it would be like building a 2FA provider. A 2FA provider sends a one-time token. 2FA provider needs to be trusted. Whether this security architecture really makes sense, would have to be evaluated in more detail. My experience from security is that it's usually corrupted in one or many ways - sometimes because of malice sometimes because or stupidity.
Logged

rudeboi

  • Hero Member
  • *****
  • Karma: +55/-4
  • Offline Offline
  • Posts: 633
  • Nxt Organization Member
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #21 on: November 17, 2014, 04:01:18 pm »

If there was a flag that could be set on an account that means that only 2 phased transactions get processed.

Set flag by setting in primary account, then have your secondary account confirm this.

Disable flag by the exact same process as above, but it has to be the same secondary account confirming. Sensibly we should also enable flag to be auto disabled after a period of time (block) period (eg: 1 month but adjustable) this is for everyone that loses there secondary device so they aren’t locked out forever, however the user always has the chance to reset the flag whenever they want.

During flag enabled period, only 2 phased transactions that at least contain the secondary account will get processed. (Can also have more accounts if wanted Bob, Alice and all the chums haha)

All that needs to happen is for someone to write a lightweight blockchainless android client app “Nxt 2FA”, it’s only job is to confirm 2 phased transactions and flags. Boom Nxt has solved decentralised 2FA!

Notes:
  • Using the 2FA app would cost the minimum fee, so the account would have to be funded.
  • App monitors the pre-set account on the block chain (through an online public node) for any incoming 2 phased requests, if new one is seen, send a push notification to the user, user has to sign in and confirm, it would be locally signed via a short password through an encrypted database that stores the secondary secret phrase.
Logged
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬  ▄▀▀▀▀▀▀▀▀▄  ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬●  nimirum  ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬ ◖ENDING CENSORSHIP ONLINE◗  ◖ ICO OPEN NOW◗ ▬▬▬

kushti

  • Sr. Member
  • ****
  • Karma: +184/-5
  • Offline Offline
  • Posts: 384
  • Nxt Core & Apps Dev
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #22 on: November 17, 2014, 09:23:52 pm »

If there was a flag that could be set on an account that means that only 2 phased transactions get processed.

Set flag by setting in primary account, then have your secondary account confirm this.

Yes,  we need for Account Control with 2-phased restriction support. yustas is working on AC now, I dunno details right now unfortunately :(
Logged
for donations / messages: NXT-PKXM-WH25-UXXG-CJAVD (alias: kushti)

rudeboi

  • Hero Member
  • *****
  • Karma: +55/-4
  • Offline Offline
  • Posts: 633
  • Nxt Organization Member
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #23 on: November 17, 2014, 09:45:34 pm »


If there was a flag that could be set on an account that means that only 2 phased transactions get processed.

Set flag by setting in primary account, then have your secondary account confirm this.

Yes,  we need for Account Control with 2-phased restriction support. yustas is working on AC now, I dunno details right now unfortunately :(

Exciting! I knew AC was coming, but I didn't know a dev was already working on it.

I don't think I read on cfb's AC thread that 2 phased restriction support was on the planned list, I'll go have a read of it again now.
Logged
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬  ▄▀▀▀▀▀▀▀▀▄  ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬●  nimirum  ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬ ◖ENDING CENSORSHIP ONLINE◗  ◖ ICO OPEN NOW◗ ▬▬▬

benjyz

  • Hero Member
  • *****
  • Karma: +71/-4
  • Offline Offline
  • Posts: 508
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #24 on: November 18, 2014, 07:32:03 am »

Boom Nxt has solved decentralised 2FA!

If you're not using Google's service you need to be able to send a message / SMS via code. So someone could build an open 2FA provider service paid in Nxt. It's possible to do based on Twillio.
Logged

SwissAlps

  • Hero Member
  • *****
  • Karma: +31/-16
  • Offline Offline
  • Posts: 519
    • View Profile
    • NxtTracker.com
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #25 on: November 18, 2014, 07:59:29 am »

account control to the rescue!

Yes, very usefull.

It is quite important to be able to lock a given account (permanently or temporary), or be able to receive in this account only from a list of specific assets or subcurrencies.

Logged
CryptoNanoPay project
Note that the "Barter Point" test has just started...

farl4bit

  • Hero Member
  • *****
  • Karma: +210/-45
  • Offline Offline
  • Posts: 3466
    • View Profile
    • Crypto Advies
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #26 on: February 05, 2015, 07:11:38 pm »

Interesting post! Tweeted it!
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #27 on: February 05, 2015, 09:03:51 pm »

If there was a flag that could be set on an account that means that only 2 phased transactions get processed.

Set flag by setting in primary account, then have your secondary account confirm this.

Disable flag by the exact same process as above, but it has to be the same secondary account confirming. Sensibly we should also enable flag to be auto disabled after a period of time (block) period (eg: 1 month but adjustable) this is for everyone that loses there secondary device so they aren’t locked out forever, however the user always has the chance to reset the flag whenever they want.

During flag enabled period, only 2 phased transactions that at least contain the secondary account will get processed. (Can also have more accounts if wanted Bob, Alice and all the chums haha)

All that needs to happen is for someone to write a lightweight blockchainless android client app “Nxt 2FA”, it’s only job is to confirm 2 phased transactions and flags. Boom Nxt has solved decentralised 2FA!

Notes:
  • Using the 2FA app would cost the minimum fee, so the account would have to be funded.
  • App monitors the pre-set account on the block chain (through an online public node) for any incoming 2 phased requests, if new one is seen, send a push notification to the user, user has to sign in and confirm, it would be locally signed via a short password through an encrypted database that stores the secondary secret phrase.
I have already developed this android app and a supernet plugin to help accomplish the initialization stuff. I am only now awaiting account control.
« Last Edit: February 05, 2015, 09:08:08 pm by _mr_e »
Logged

rudeboi

  • Hero Member
  • *****
  • Karma: +55/-4
  • Offline Offline
  • Posts: 633
  • Nxt Organization Member
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #28 on: February 05, 2015, 09:41:40 pm »

If there was a flag that could be set on an account that means that only 2 phased transactions get processed.

Set flag by setting in primary account, then have your secondary account confirm this.

Disable flag by the exact same process as above, but it has to be the same secondary account confirming. Sensibly we should also enable flag to be auto disabled after a period of time (block) period (eg: 1 month but adjustable) this is for everyone that loses there secondary device so they aren’t locked out forever, however the user always has the chance to reset the flag whenever they want.

During flag enabled period, only 2 phased transactions that at least contain the secondary account will get processed. (Can also have more accounts if wanted Bob, Alice and all the chums haha)

All that needs to happen is for someone to write a lightweight blockchainless android client app “Nxt 2FA”, it’s only job is to confirm 2 phased transactions and flags. Boom Nxt has solved decentralised 2FA!

Notes:
  • Using the 2FA app would cost the minimum fee, so the account would have to be funded.
  • App monitors the pre-set account on the block chain (through an online public node) for any incoming 2 phased requests, if new one is seen, send a push notification to the user, user has to sign in and confirm, it would be locally signed via a short password through an encrypted database that stores the secondary secret phrase.
I have already developed this android app and a supernet plugin to help accomplish the initialization stuff. I am only now awaiting account control.
Brilliant! Great work.

I assume local signing, and local encrypted password storing the passphrase?

How does your blockchain less consensus work?
Logged
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬  ▄▀▀▀▀▀▀▀▀▄  ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬●  nimirum  ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
▬▬▬ ◖ENDING CENSORSHIP ONLINE◗  ◖ ICO OPEN NOW◗ ▬▬▬

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #29 on: February 05, 2015, 09:59:34 pm »

Brilliant! Great work.

I assume local signing, and local encrypted password storing the passphrase?

How does your blockchain less consensus work?

Yes to local signing and password is locked in private app storage and will never need to leave the device. (Other then the recommended backing  up your passphrase by writing it down somewhere)

Initially I will have a server that will register your phone app with it's google id. You will then link up your phone to your account through a supernet plugin(This will also enable AC and fund your phone account). The server then begins watching for 2 phased transactions through a local NRS node and is responsible for sending the push notification to your phone when it sees one. You are then able to accept the transaction on your device which will sign the transaction and push it to the server to broadcase to NRS. (I'm thinking of including a screen where you can manually enter a transaction id and sign the confirmation and push it directly to any NRS node, in case the server is unavailable you can still manually confirm. This would be v1.1 though.)

Future versions will include distributing the server across supernet nodes and hopefully eventually becoming more decentralized through advanced supernet features. Protecting the google id for push notifications across a distributed system is a concern we haven't solved yet.
« Last Edit: February 05, 2015, 10:09:39 pm by _mr_e »
Logged

slothbag

  • Sr. Member
  • ****
  • Karma: +74/-4
  • Offline Offline
  • Posts: 454
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #30 on: February 05, 2015, 11:44:59 pm »

I'd love to see the "Pay on secret reveal" included as part of 2-phased transactions.. It removes the need for escrow when doing cross chain trades.. and opens the doors for truly decentralizaed exchanges.  Would be great for Nxt to be leading this :)

https://bitbucket.org/JeanLucPicard/nxt/issue/224/proposal-new-tx-type-pay-on-reveal-secret
Logged

lovely89

  • Jr. Member
  • **
  • Karma: +12/-0
  • Offline Offline
  • Posts: 66
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #31 on: February 06, 2015, 02:11:42 am »

I heard that 2-phased transactions is the same as account control. With account control, I was under the impression you could send multiple assets at once. E.g. moving to a new account with 1 fee for all transfers .

Will this be a feature with 2-phased transactions or is it already existing in the api and just needs a ui implementation... Or is it yet to be possible?

Regards.
Logged

kushti

  • Sr. Member
  • ****
  • Karma: +184/-5
  • Offline Offline
  • Posts: 384
  • Nxt Core & Apps Dev
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #32 on: February 06, 2015, 04:55:06 pm »

Account Control is not a part of Two-Phased Transaction. It will be released later(1.6-1.7).

P2SH also will be implemented later(1.6?).
Logged
for donations / messages: NXT-PKXM-WH25-UXXG-CJAVD (alias: kushti)

HCLivess

  • Hero Member
  • *****
  • Karma: +121/-47
  • Offline Offline
  • Posts: 521
  • Hardcore Gaming CEO
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #33 on: February 13, 2015, 10:34:29 am »

Great, thank you
Logged
Producing, Lending, Mining, Trading, Forging, Staking

Daedelus

  • Hero Member
  • *****
  • Karma: +230/-12
  • Offline Offline
  • Posts: 3280
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #34 on: February 16, 2015, 04:10:39 pm »

Account Control is not a part of Two-Phased Transaction. It will be released later(1.6-1.7).

P2SH also will be implemented later(1.6?).

Sorry, but what is P2SH?
Logged
NXT: NXT-4CS7-S4N5-PTH5-A8R2Q

valarmg

  • Hero Member
  • *****
  • Karma: +178/-57
  • Offline Offline
  • Posts: 1766
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #35 on: February 16, 2015, 04:13:15 pm »

Account Control is not a part of Two-Phased Transaction. It will be released later(1.6-1.7).

P2SH also will be implemented later(1.6?).

Sorry, but what is P2SH?

This, I assume: (Pay 2 Secret Hash?)
I'd love to see the "Pay on secret reveal" included as part of 2-phased transactions.. It removes the need for escrow when doing cross chain trades.. and opens the doors for truly decentralizaed exchanges.  Would be great for Nxt to be leading this :)

https://bitbucket.org/JeanLucPicard/nxt/issue/224/proposal-new-tx-type-pay-on-reveal-secret
« Last Edit: February 16, 2015, 04:17:11 pm by valarmg »
Logged
NXT-CSED-4PK5-AR4V-6UB5V

Daedelus

  • Hero Member
  • *****
  • Karma: +230/-12
  • Offline Offline
  • Posts: 3280
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #36 on: February 16, 2015, 04:16:44 pm »

Thanks but what does it stand for?  Can't figure it out..


Edit: I guessed "Pay 2 show hand" but that is backwards to how it works  :D It would be something like "Show hand 2 pay"
« Last Edit: February 16, 2015, 05:20:30 pm by Daedelus »
Logged
NXT: NXT-4CS7-S4N5-PTH5-A8R2Q

jones

  • Hero Member
  • *****
  • Karma: +310/-8
  • Offline Offline
  • Posts: 1043
  • write code not war
    • View Profile
    • jNxt
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #37 on: February 16, 2015, 07:48:50 pm »

Thanks but what does it stand for?  Can't figure it out..


Edit: I guessed "Pay 2 show hand" but that is backwards to how it works  :D It would be something like "Show hand 2 pay"

Pay to Script Hash, from Bitcoin's BIP 16

https://en.bitcoin.it/wiki/Pay_to_script_hash
Logged
-- Jones NXT-RJU8-JSNR-H9J4-2KWKY

Daedelus

  • Hero Member
  • *****
  • Karma: +230/-12
  • Offline Offline
  • Posts: 3280
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #38 on: February 16, 2015, 09:31:23 pm »

Thanks but what does it stand for?  Can't figure it out..


Edit: I guessed "Pay 2 show hand" but that is backwards to how it works  :D It would be something like "Show hand 2 pay"

Pay to Script Hash, from Bitcoin's BIP 16

https://en.bitcoin.it/wiki/Pay_to_script_hash

Ty, good reference. Someone is bound to ask me sooner or later if I keep mentioning it  :)
Logged
NXT: NXT-4CS7-S4N5-PTH5-A8R2Q

Daedelus

  • Hero Member
  • *****
  • Karma: +230/-12
  • Offline Offline
  • Posts: 3280
    • View Profile
Re: 2-Phased Transactions Post-Implementation Specification
« Reply #39 on: March 19, 2015, 01:34:31 pm »

Bump.

For anyone interested in the up coming 2-phased transactions (aka phasing or advanced multisig) to be released in NRS version 1.5.0 (the next release!)
Logged
NXT: NXT-4CS7-S4N5-PTH5-A8R2Q
Pages: 1 [2] 3 4 5  All
 

elective-stereophonic
elective-stereophonic
assembly
assembly