Topic: A simpler Gateway built in to official client (Read 8202 times)

Eadeqa · « **on:** June 19, 2014, 04:12:57 am »

I think it's possible to create a more secure exchange by using Nxt AE and Nxt messaging system. If the communication between the server and users is done via Nxt blockchain with no frontend, the server will be immune from hackers as they won't even know the location/IP address of the server.

It would work like this:

(1) A user would request to generate depositing BTC address in the Nxt client by sending a message to asset issuer.
(2) A remote server (or servers) (whose location and IP would be unknown so can't be hacked) would see the request on the blockchain and generates an address for the user and send it back via blockchain (normal Nxt messaging transaction). The client on user side will only have to check if the message received came from asset issuer address.
(3) The user can then deposit BTC to that address, and the secret server would update the users "bitcoin balance" by sending bitcoin asset to the user.
(4) Those BTC can be traded with other users via asset exchange
(5) Since no one would know the IP address of the secret servers, the servers would be pretty safe from hackers. No weak frontend. No usernames, no passwords, no 2 factor authentication no https.

(6) BTC could be withdrawn by simply sending the asset back to asset issuer with withdrawal address in the comment (the client will check to make sure the withdrawal address has valid format).

This would work for ALL ALTcoins (not just BTC) and it would be simple to implement by just modifying the default JavaScript UI of Nxt, which is open source already.

Eadeqa · « **Reply #1 on:** June 19, 2014, 04:53:19 am »

Quote from: Eadeqa on June 19, 2014, 04:12:57 am

(2) A remote server (or servers) (whose location and IP is unknown so can't be hacked) sees the request on the blockchain and generate an address for the user and sends it back via blockchain (normal Nxt messaging transaction).

Ok, there is a risk here that someone will send fake BTC address.. The client will have to check to make sure the message originated from authentic asset issuer

jl777 · « **Reply #2 on:** June 19, 2014, 05:04:47 am »

Quote from: Eadeqa on June 19, 2014, 04:53:19 am

Quote from: Eadeqa on June 19, 2014, 04:12:57 am
(2) A remote server (or servers) (whose location and IP is unknown so can't be hacked) sees the request on the blockchain and generate an address for the user and sends it back via blockchain (normal Nxt messaging transaction).

Ok, there is a risk here that someone will send fake BTC address.. The client will have to check to make sure the message originated from authentic asset issuer

So you like a centralized gateway better than MGW because the IP address is hidden? Granted the MGW IP addresses are currently published, but they only talk to each other and firewalls will block any packets not from each other.

So I am confused why you like NAS gateway better? Certainly if it is integrated into the standard NAS wallet it is more convenient, but what prevents MGW from being part of standard wallet?

James

Eadeqa · « **Reply #3 on:** June 19, 2014, 05:13:51 am »

Quote from: jl777 on June 19, 2014, 05:04:47 am

So you like a centralized gateway better than MGW because the IP address is hidden? Granted the MGW IP addresses are currently published, but they only talk to each other and firewalls will block any packets not from each other.

I like it because it's much simpler from both developer and user perspective. It can be easily implemented for every altcoin on coinmarketcap.

It's not trustless but neither is our version. It's pretty secure from hackers though as they would not know the IP/location of the servers. It can be all automated with very quick withdrawals and deposits but yet remain very secure (close to 100% if servers are physically secure).

The party running such a service will have to be totally trustworthy.

I think Dgex should look into it, especially since they have their Offspring client

jl777 · « **Reply #4 on:** June 19, 2014, 05:24:40 am »

Quote from: Eadeqa on June 19, 2014, 05:13:51 am

Quote from: jl777 on June 19, 2014, 05:04:47 am
So you like a centralized gateway better than MGW because the IP address is hidden? Granted the MGW IP addresses are currently published, but they only talk to each other and firewalls will block any packets not from each other.

I like it because it's much simpler from both developer and user perspective. It can be easily implemented for every altcoin on coinmarketcap.

It's not trustless but neither is our version. It's pretty secure from hackers though as they would not know the IP/location of the servers. It can be all automated with very quick withdrawals and deposits but yet remain very secure (close to 100% if servers are physically secure).

The party running such a service will have to be totally trustworthy.

I think Dgex should look into it, especially since they have their Offspring client

Basically its MGW without the multisig and multiple servers, so yes much easier
If there were many coins that were worth supporting that didnt support multisig, maybe it would be worth doing

MGW to my knowledge is the least centralized gateway. I am surprised to hear that such things dont matter to you.

Eadeqa · « **Reply #5 on:** June 19, 2014, 05:29:14 am »

Quote from: jl777 on June 19, 2014, 05:24:40 am

MGW to my knowledge is the least centralized gateway. I am surprised to hear that such things dont matter to you.

There is nothing wrong with your MGW. But there could be more than one version from other parties, and I still think Dgex should look into implementing it in OffSpring. They can make money by having some withdrawal fees.

It will be far more secure than their web version, and I will like to see they implement something like top 50 coins, and it will be still easy to implement but yet secure

2Kool4Skewl · « **Reply #6 on:** June 19, 2014, 05:35:41 am »

Quote from: jl777 on June 19, 2014, 05:24:40 am

Quote from: Eadeqa on June 19, 2014, 05:13:51 am
Quote from: jl777 on June 19, 2014, 05:04:47 am
So you like a centralized gateway better than MGW because the IP address is hidden? Granted the MGW IP addresses are currently published, but they only talk to each other and firewalls will block any packets not from each other.

I like it because it's much simpler from both developer and user perspective. It can be easily implemented for every altcoin on coinmarketcap.

It's not trustless but neither is our version. It's pretty secure from hackers though as they would not know the IP/location of the servers. It can be all automated with very quick withdrawals and deposits but yet remain very secure (close to 100% if servers are physically secure).

The party running such a service will have to be totally trustworthy.

I think Dgex should look into it, especially since they have their Offspring client
Basically its MGW without the multisig and multiple servers, so yes much easier
If there were many coins that were worth supporting that didnt support multisig, maybe it would be worth doing

MGW to my knowledge is the least centralized gateway. I am surprised to hear that such things dont matter to you.

Exactly James. NAS's version doesn't have multisig therefore it isn't any better than current centralized exchanges.

NXT's MGW on the other hand is the most "trustless" solution available for an exchange / crypto-gateway and can be expanded later by adding more multisigs.

Eadeqa · « **Reply #7 on:** June 19, 2014, 05:40:11 am »

Quote from: 2Kool4Skewl on June 19, 2014, 05:35:41 am

Exactly James. NAS's version doesn't have multisig therefore it isn't any better than current centralized exchanges.
NXT's MGW on the other hand is the most "trustless" solution available for an exchange / crypto-gateway and can be expanded later by adding more multisigs.

MGW might be more "trustless", but it's not totally trustless like a blockchain.

The other version has benefits too: simplicity (both for users and developers), and security -- as the server location and IP would be unknown to hackers.

Quote

it isn't any better than current centralized exchanges.

It's better than centralized exchanges as it's more secure. There are no logins (username/passwords) to websites. No location and no IP of servers

jl777 · « **Reply #8 on:** June 19, 2014, 05:46:00 am »

Quote from: Eadeqa on June 19, 2014, 05:40:11 am

Quote from: 2Kool4Skewl on June 19, 2014, 05:35:41 am

Exactly James. NAS's version doesn't have multisig therefore it isn't any better than current centralized exchanges.
NXT's MGW on the other hand is the most "trustless" solution available for an exchange / crypto-gateway and can be expanded later by adding more multisigs.

MGW might be more "trustless", but it's not totally trustless like a blockchain.

The other version has benefits too: simplicity (both for users and developers), and security -- as the server location and IP would be unknown to hackers.

Quote
it isn't any better than current centralized exchanges.

It's better than centralized exchanges as it's more secure. There are logins to servers. No passwords. No location and IP of servers

I could simply not make the MGW IP addresses available. I had it in the JSON, but never actually used it.
...
I removed the ipaddr field that published the server's IP addr, so now nobody will know the IP of MGW production servers
but I am sure you still like NAS better

jl777 · « **Reply #9 on:** June 19, 2014, 05:48:51 am »

Quote from: Eadeqa on June 19, 2014, 05:29:14 am

Quote from: jl777 on June 19, 2014, 05:24:40 am
MGW to my knowledge is the least centralized gateway. I am surprised to hear that such things dont matter to you.

There is nothing wrong with your MGW. But there could be more than one version from other parties, and I still think Dgex should look into implementing it in OffSpring. They can make money by having some withdrawal fees.

It will be far more secure than their web version, and I will like to see they implement something like top 50 coins, and it will be still easy to implement but yet secure

I would be happy to work with anybody that wanted to implement a gateway for all the secondary altcoins
It wouldnt be too much work to strip out the multisig part of MGW
I just dont see MGW supporting the altcoin of the week, I prefer to support just the top volume coins

Eadeqa · « **Reply #10 on:** June 19, 2014, 05:50:49 am »

Quote from: jl777 on June 19, 2014, 05:46:00 am

I removed the ipaddr field that published the server's IP addr, so now nobody will know the IP of MGW production servers
but I am sure you still like NAS better

What's your problem? I said Dgex should look into implementing this version in OffSpring (NXT -- not NAS) as it's more secure than centralized exchange on a website with username and password. And it will be easier for users and could support all altcoins

Do you not like any competition? I am not asking you to trash your version

2Kool4Skewl · « **Reply #11 on:** June 19, 2014, 05:53:11 am »

Quote from: Eadeqa on June 19, 2014, 05:40:11 am

Quote from: 2Kool4Skewl on June 19, 2014, 05:35:41 am

Exactly James. NAS's version doesn't have multisig therefore it isn't any better than current centralized exchanges.
NXT's MGW on the other hand is the most "trustless" solution available for an exchange / crypto-gateway and can be expanded later by adding more multisigs.

MGW might be more "trustless", but it's not totally trustless like a blockchain.

I never said MGW was "totally trustless", but it IS the most "trustless" solution avaliable.

The only way I can think of to make a "totally trustless" crypto gateway would be to upload the MGW code into NxtAT.

jl777 · « **Reply #12 on:** June 19, 2014, 05:55:39 am »

Quote from: Eadeqa on June 19, 2014, 05:50:49 am

Quote from: jl777 on June 19, 2014, 05:46:00 am
I removed the ipaddr field that published the server's IP addr, so now nobody will know the IP of MGW production servers
but I am sure you still like NAS better

What's your problem? I said Dgex should look into implementing this version in OffSpring (NXT -- not NAS) as it's more secure than centralized exchange on a website with username and password. And it will be easier for users and could support all all altcoins

Do you not like any competition? I am not asking you to trash your version

My issue was your stated reason for preferring NAS over MGW was the availability of ipaddr in MGW. It does help security to remove that, so I thank you for the feedback. Integration into client is not really an MGW issue, it is a web GUI issue. longzai almost has the standard web GUI enhanced with MGW page, so to users it will be pretty easy to use.

I said I would be happy to work with dgex or anybody who wants to do a gateway for altcoins without multisig
I can make a stripped down version of MGW

Eadeqa · « **Reply #13 on:** June 19, 2014, 05:56:47 am »

Quote from: 2Kool4Skewl on June 19, 2014, 05:53:11 am

The only way I can think of to make a "totally trustless" crypto gateway would be to upload the MGW code into NxtAT.

NxtAT will not make it trustless as the reason it's not trustless has nothing to do with Nxt, but the three servers that will be run by third parties

jl777 · « **Reply #14 on:** June 19, 2014, 05:58:45 am »

Quote from: 2Kool4Skewl on June 19, 2014, 05:53:11 am

Quote from: Eadeqa on June 19, 2014, 05:40:11 am
Quote from: 2Kool4Skewl on June 19, 2014, 05:35:41 am

Exactly James. NAS's version doesn't have multisig therefore it isn't any better than current centralized exchanges.
NXT's MGW on the other hand is the most "trustless" solution available for an exchange / crypto-gateway and can be expanded later by adding more multisigs.

MGW might be more "trustless", but it's not totally trustless like a blockchain.

I never said MGW was "totally trustless", but it IS the most "trustless" solution avaliable.

The only way I can think of to make a "totally trustless" crypto gateway would be to upload the MGW code into NxtAT.

Not just MGW code, but bitcoind and any coin you want to support would also have to be in the NXTcore. paying per instruction would cost quite a bit and it would probably be way too slow. The only practical way would be to integrate bitcoinj into the NXTcore and port MGW code also, but the problem is that the acct passwords will be where? A gateway needs to keep the bitcoin wallet somewhere and if it is in the blockchain then anybody could decode it and cashout all the deposits.

I am just not sure if a blockchain gateway is possible...
So, until someone figures that out and implements it, MGW will be state of the art and most trustless gateway

James

2Kool4Skewl · « **Reply #15 on:** June 19, 2014, 05:59:10 am »

Quote from: Eadeqa on June 19, 2014, 05:56:47 am

Quote from: 2Kool4Skewl on June 19, 2014, 05:53:11 am
The only way I can think of to make a "totally trustless" crypto gateway would be to upload the MGW code into NxtAT.

NxtAT will not make it trustless as the reason it's not trustless has nothing to do with Nxt, but the three servers that will be run by third parties

You would have to upload the MGW code and have it executed on the NXT blockchain. Therefore it would not be run by servers, but by three separate scripts executing on the chain.

jl777 · « **Reply #16 on:** June 19, 2014, 06:00:23 am »

Quote from: 2Kool4Skewl on June 19, 2014, 05:59:10 am

Quote from: Eadeqa on June 19, 2014, 05:56:47 am
Quote from: 2Kool4Skewl on June 19, 2014, 05:53:11 am
The only way I can think of to make a "totally trustless" crypto gateway would be to upload the MGW code into NxtAT.

NxtAT will not make it trustless as the reason it's not trustless has nothing to do with Nxt, but the three servers that will be run by third parties

You would have to upload the MGW code and have it executed on the NXT blockchain. Therefore it would not be run by servers, but by three separate scripts executing on the chain.

where are the bitcoin wallets?

Eadeqa · « **Reply #17 on:** June 19, 2014, 06:02:04 am »

Quote from: jl777 on June 19, 2014, 05:55:39 am

My issue was your stated reason for preferring NAS over MGW was the availability of ipaddr in MGW.

No, that was not the reason. I liked the simplicity for users and developers. The IP issue was not regarding your version but compared to centralized exchanges with logics/passwords.

Quote

I can make a stripped down version of MGW

Good. Maybe Graviton will talk to OffSpring developer and you. It will be better than web exchange.

2Kool4Skewl · « **Reply #18 on:** June 19, 2014, 06:02:52 am »

Quote from: jl777 on June 19, 2014, 05:58:45 am

but the problem is that the acct passwords will be where? A gateway needs to keep the bitcoin wallet somewhere and if it is in the blockchain then anybody could decode it and cashout all the deposits.

That's true. Even if you encrypted the wallet and stored it on the blockchain, where would you keep the password? Interesting to think about. I can't currently think of a solution.

jl777 · « **Reply #19 on:** June 19, 2014, 06:03:51 am »

Quote from: Eadeqa on June 19, 2014, 06:02:04 am

Quote from: jl777 on June 19, 2014, 05:55:39 am
My issue was your stated reason for preferring NAS over MGW was the availability of ipaddr in MGW.

No, that was not the reason. I liked the simplicity for users and developers. The IP issue was not regarding your version but compared to centralized exchanges with logics/passwords.

Quote
I can make a stripped down version of MGW

Good. Maybe Graviton will talk to OffSpring developer and you. It will be better than web version.

regardless it turned out to be good feedback as a legacy JSON had MGW ipaddr in it
are there things I can do to make MGW simpler for users other than integrating it into standard GUI?

News:

Author Topic: A simpler Gateway built in to official client (Read 8202 times)