Nxt Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client 1.11.5 - NEW RELEASE: Ardor 2.0.3e TestNet IS LAUNCHED!

Pages: [1] 2 3  All

Author Topic: NRS v1.10.0e  (Read 6819 times)

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1606
    • View Profile
  • Karma: +812/-81
NRS v1.10.0e
July 31, 2016, 08:09:14 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Release 1.10.0e

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.zip

sha256:

16c4b5cb78d56b2aa881e7807c9f0b1e43028db51c4230fc915352810424b112  nxt-client-1.10.0e.zip

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.sh

sha256:

8e2ef269321964b93d591e49537d226076203383fc53041b8ad4fe65fd3373a9  nxt-client-1.10.0e.sh

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.exe

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-installer-1.10.0e.dmg

The exe, dmg, and sh packages must have a digital signature by "Stichting NXT".


Change log:

This is an experimental release introducing the new light client and roaming
client features.

The roaming client feature, enabled by default, makes the client immediately
usable by forwarding API requests that need the full blockchain to a randomly
chosen peer (remote node), selected to provide the openAPI service. As all html
and javascript files are still served locally and not from the remote host,
this is considerably safer than just using a remote node. Outgoing transactions
are also signed locally, never sending the secret phrase to the remote peer.

This roaming client (API Proxy) mode is used automatically while the blockchain
is still downloading, with a switch to full client mode once the download is
complete.
It can be disabled by setting nxt.enableAPIProxy=false in nxt.properties.
For openAPI nodes, the API proxy remains disabled, ignoring this setting. For
light clients, the API proxy is always enabled.

The light client feature, disabled by default, makes the node run in roaming
mode permanently, without downloading the blockchain at all. It can be enabled
by setting nxt.isLightClient=true.
Light clients are not advertised as providing openAPI service even if they do
have their API publicly accessible.

The remote node to use when in roaming and light client modes is selected
randomly, but can be changed manually in the UI, or using the new
setAPIProxyPeer API, or forced to a specific peer using the
nxt.forceAPIProxyServerURL property.

Remote nodes can be blacklisted from the UI, or using the blacklistAPIProxyPeer
API. This blacklisting is independent from peer blacklisting. The API proxy
blacklisting period can be set using the nxt.apiProxyBlacklistingPeriod
property (default 1800000 milliseconds).

API requests that require sending the secret phrase, shared key, or admin
password to the server, for features like forging, shuffling, or running a
funding monitor, are disabled when in roaming or light client mode.

While a remote node cannot steal your secret phrase, and data returned by such
nodes is escaped to prevent javascript injection attacks, users must be aware
that the validity of such data cannot be verified. For example, a rogue remote
node can still return fake asset exchange recent trades or open orders prices,
or modified voting system poll options and descriptions.

To force using a remote node for testing APIs, the /test-proxy URL can be used
instead of /test for the API test page, i.e. http://localhost:7876/test-proxy.

A new sendTransaction API has been added, similar to broadcastTransaction but
without validating the transaction, without re-broadcasting the transaction and
without adding it locally as unconfirmed transaction. This API is mostly useful
for light or roaming clients that cannot validate or accept locally unconfirmed
transactions, but must nevertheless be able to send such to peers.

A new getNextBlockGenerators API has been added, returning the next block
generators ordered by hit time. The list of currently active forgers is first
initialized using the block generators with at least 2 blocks generated within
the previous 10,000 blocks, excluding accounts without a public key. The list
is updated as new blocks are processed. The results are not 100% correct since
previously active generators may no longer be running and new generators won't
be known until they generate a block.

Added a peer info modal. Minor other UI improvements and bugfixes.


-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXnaMzAAoJENqvaxkWiP4Z+vAQANLINMttlv0KjkyEn0bKJoAl
nHqBIT2D56zCmVZNLZQwjzQyAFbZeOesCuYobOJl2IKySAI0bBA6rqjNrVXjonEh
DyYCzMXNY5Bm0FKnGqddhC+5tmCAXhYhW4Z/f15boLmflPeUUoPuHtepPrYUMVdy
iQM2pNArPLhBVi0Uq4/D9WdkNNg1+pMdMXVRpB7jGMYHqmA8e3IvHkgKriDqIeas
drnzHfZ5K04/jYkMmNHK7AsVDrBOLm4yX5qrdzwL7bBgd5ajMllWq6KK5YquqtdI
oKWY2dbYLsTG4lrCc1oBYgKy8uYtesbMgWzlH1d37BDt/EdHHcvHIySB1h7leviY
DFhBnirPeB3tNPrNmLKBFHzD104jlN05d4F6ZFO6szkkgVFHnkPQGexiwAIOs3IQ
rPqxUCSbnPpOISMdkJc4Ng1DmE3brbQk82PueoeMHU3PA6SoA+EB/F943cj8Q7zx
GzdktPsstJRheXNIypAVp8M68pjJ1UaSG1m1s5/5nrQVg7pyJOgTFQJqi3MO2yCD
LEgdA5cLgpYyASVYQtSoT6ld+Id1BDEs9nmxC3t1fhRa4kW4dx7wYdAWLNdpF+6n
u1OBkGWuoGtVaMk400Ji2emjMRIrZ3egfAMrOm2RPuFJEJloZi1CRd6PNIdPkheh
7rB9ajKqt/faEzyFGNE4
=sfZT
-----END PGP SIGNATURE-----
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

qq2536007339

  • Sr. Member
  • ****
  • Online Online
  • Posts: 480
    • View Profile
  • Karma: +41/-9
Re: NRS v1.10.0e
July 31, 2016, 08:11:00 am

Just run,all good at win7,thank you!
你送我未来币,我是要的。NXT-DJ68-PG7W-4JEU-2LU5T

romanix

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 33
    • View Profile
  • Karma: +9/-0
Re: NRS v1.10.0e
July 31, 2016, 09:27:14 am

It seems to work fine on Ubuntu 14.04.

P2PGuy

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 324
    • View Profile
    • NXT Studios
  • Karma: +28/-4
Re: NRS v1.10.0e
July 31, 2016, 10:11:49 am

Thanks Jean-Luc - works on Mac OSX El Capitan - also I saved hours of frustration and downloaded the blockchain via http://www.peerexplorer.com - (instructions here were very clear)..... https://nxtforum.org/nxt-helpdesk/download-the-blockchain-from-peerexplorer-com/msg218512/#msg218512

So finally, after a few months of not being able to use the Desktop Wallet, I can access the NXT Wallet again. Great features  :o
NXTStudios - Asset ID: 9362920961691252117  NXT Studios http://nxtstudios.org

Bernard Lerring

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 296
    • View Profile
  • Karma: +30/-3
Re: NRS v1.10.0e
July 31, 2016, 10:14:28 am

So, to summarise:

In light client mode, no matter which node you are connecting to, your passphrase never leaves your computer? Right?

So even an evil node could only receive a signed transaction, but never receive  your passphrase?

If this is the case, this is awesome for adoption  ;D

galeki

  • Full Member
  • ***
  • Offline Offline
  • Posts: 182
    • View Profile
  • Karma: +15/-2
Re: NRS v1.10.0e
July 31, 2016, 10:19:12 am

Works very fine on Win10.  :D

Immediately Usable is so cool!  :o :o :o

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1620
    • View Profile
  • Karma: +418/-42
Re: NRS v1.10.0e
July 31, 2016, 10:32:18 am

So, to summarise:

In light client mode, no matter which node you are connecting to, your passphrase never leaves your computer? Right?

So even an evil node could only receive a signed transaction, but never receive  your passphrase?

If this is the case, this is awesome for adoption  ;D

Yes and yes. In fact this has always been the case your passphrase never left your browser when signing transactions. The novelty of the light/roaming client is that the JavaScript code used by the client is loaded from your local installation thus closing the attack vector in which a remote node could push a malicious JavaScript to steal your passphrase.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

OutSL

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 332
    • View Profile
  • Karma: +60/-0
Re: NRS v1.10.0e
July 31, 2016, 11:29:39 am

Hi  :D

absolutely fantastic thank you for your great work!
I have a question, can  we extract the "html" folder (UI) and run it as standalone without java or NRS is installed on the machine ?
i ask because i am looking for a way to merge the web interface in the firestorm viewer, if is possible to add the html folder in the viewer's package/files , it will be possible to display it in a dedicated window and interact with the remote nodes in a secure way...

Thank you and @++
Thank you for your financial help, your donations will be used in the R&D related to the implementation of NXT in the virtual worlds running under OpenSimulator.org | Donations Box : NXT-PC8Q-ZW86-7UYK-CC4XJ
Visit The NXT Community Virtal World! Your NXT 3D Chat Service

Jean-Luc

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1606
    • View Profile
  • Karma: +812/-81
Re: NRS v1.10.0e
July 31, 2016, 11:55:42 am

It is Petko and Riker that did the work on the light client, they deserve all the credit.

About just running the html/javascript locally by opening the html folder in a browser, there are several complications. By default the javascript submits all queries and forms to localhost:7876, this would need to be changed to some remote node, but then without the java server and the peer networking running locally you don't know which public nodes are currently up and what APIs they support. You would have to hardcode a remote node, or query in javascript some service like peerexplorer. Then, our light client implementation is actually smart and does not submit all requests to the remote node, but only those that don't require the full blockchain, and also enforces that the secret phrase is never submitted by mistake to a remote node by filtering the request data for that parameter. Finally, we want to encourage people to run full nodes, and the default roaming client mode downloads the blockchain in the background, eventually switching to full client mode when done. The roaming mode is a temporary state, unless the user sets the nxt.isLightClient=true to prevent blockchain download and stay as light client permanently.
GPG key fingerprint: 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C
NXT-X4LF-9A4G-WN9Z-2R322

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1620
    • View Profile
  • Karma: +418/-42
Re: NRS v1.10.0e
July 31, 2016, 12:13:39 pm

Hi  :D

absolutely fantastic thank you for your great work!
I have a question, can  we extract the "html" folder (UI) and run it as standalone without java or NRS is installed on the machine ?
i ask because i am looking for a way to merge the web interface in the firestorm viewer, if is possible to add the html folder in the viewer's package/files , it will be possible to display it in a dedicated window and interact with the remote nodes in a secure way...

Thank you and @++

When we release a native mobile app, we would also add this remote node selection mechanism to the client then you should be able to do that.
Alternatively, as a workaround, you can modify the existing client to hard code a remote node address.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

lurker10

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1322
    • View Profile
  • Karma: +165/-33
Re: NRS v1.10.0e
July 31, 2016, 12:42:39 pm

With version 1.10.0e:
---------
cd nxt/conf
mv nxt-default.properties nxt.properties
cd ..
./run.sh
---------
I get an error message: Using an nxt-default.properties file from a version other than 1.10.0e not supported!!! (even with no changes made in nxt.properties)
With cp nxt-default.properties nxt.properties instead of "mv" it works. Seems nxt-default.properties must always be there.

Yes, you don't need to edit nxt-default.properties at all, just use the one from the fresh release.
Create a file nxt.properties and add parameters there, they will overwrite what's in nxt-default.properties. Copy nxt.properties from the old release to the new release when you upgrade.
Run a node - win a prize! "Lucky node" project jar: NXT-8F28-EDVE-LPPX-HY4E7

OutSL

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 332
    • View Profile
  • Karma: +60/-0
Re: NRS v1.10.0e
July 31, 2016, 12:46:20 pm

Hi again  :D
It is Petko and Riker that did the work on the light client, they deserve all the credit.

About just running the html/javascript locally by opening the html folder in a browser, there are several complications. By default the javascript submits all queries and forms to localhost:7876, this would need to be changed to some remote node, but then without the java server and the peer networking running locally you don't know which public nodes are currently up and what APIs they support. You would have to hardcode a remote node, or query in javascript some service like peerexplorer. Then, our light client implementation is actually smart and does not submit all requests to the remote node, but only those that don't require the full blockchain, and also enforces that the secret phrase is never submitted by mistake to a remote node by filtering the request data for that parameter. Finally, we want to encourage people to run full nodes, and the default roaming client mode downloads the blockchain in the background, eventually switching to full client mode when done. The roaming mode is a temporary state, unless the user sets the nxt.isLightClient=true to prevent blockchain download and stay as light client permanently.

Hi  :D

absolutely fantastic thank you for your great work!
I have a question, can  we extract the "html" folder (UI) and run it as standalone without java or NRS is installed on the machine ?
i ask because i am looking for a way to merge the web interface in the firestorm viewer, if is possible to add the html folder in the viewer's package/files , it will be possible to display it in a dedicated window and interact with the remote nodes in a secure way...

Thank you and @++

When we release a native mobile app, we would also add this remote node selection mechanism to the client then you should be able to do that.
Alternatively, as a workaround, you can modify the existing client to hard code a remote node address.

thank you for your explanation, i will wait adding the remote node selection/connection mechanism
the important thing for me is to avoid storing the passphrases locally in the opensim database because the risk that the system (opensim) can be compromised is not negligable
using a merged version of the IU in the viewer will allow the user to do what he want like if he was using the normal browser... the mentioned dedicated window will be a clone of the viewer's internal browser set to connect to a single address... localhost:7876 if the NRS is working in the same machine or a remote node if there is a secure way to do...

i will re-read the UI code when the final 1.10.x version will be published

Thank you again and @++
Thank you for your financial help, your donations will be used in the R&D related to the implementation of NXT in the virtual worlds running under OpenSimulator.org | Donations Box : NXT-PC8Q-ZW86-7UYK-CC4XJ
Visit The NXT Community Virtal World! Your NXT 3D Chat Service

jnsptrsn

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 64
    • View Profile
  • Karma: +6/-9
Re: NRS v1.10.0e
July 31, 2016, 12:49:09 pm

To my understanding, the JS client have no functionality to parse or create transaction bytes itself. So when it initiates a transaction, the unsigned transaction bytes are created by the node and signed locally by the JS client. Right?

I think this is a major security issue which is easy to exploit. A malicious node could easily create evil transaction bytes that the JS client blindly will sign. It does not need to steel your passphrase to steel your NXT.

NxtSwe

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 659
    • View Profile
  • Karma: +121/-9
Re: NRS v1.10.0e
July 31, 2016, 12:50:54 pm

The js client does not blindly sign the tx, it verifies that the unsigned bytes from the node are correct first.
Check out the NxtLib, the .NET Framework API for the Nxt platform.

Sebastien256

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2732
  • ^LOOK UP^ = Nxt community!
    • View Profile
  • Karma: +165/-24
Re: NRS v1.10.0e
July 31, 2016, 12:53:20 pm

Simply Great!  :)
Please drop your ideas concerning Nxt and/or NRS in this topic -> List of feature request for Nxt and/or NRS (with the full list in OP).

Bernard Lerring

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 296
    • View Profile
  • Karma: +30/-3
Re: NRS v1.10.0e
July 31, 2016, 12:55:18 pm

It is Petko and Riker that did the work on the light client, they deserve all the credit.

About just running the html/javascript locally by opening the html folder in a browser, there are several complications. By default the javascript submits all queries and forms to localhost:7876, this would need to be changed to some remote node, but then without the java server and the peer networking running locally you don't know which public nodes are currently up and what APIs they support. You would have to hardcode a remote node, or query in javascript some service like peerexplorer. Then, our light client implementation is actually smart and does not submit all requests to the remote node, but only those that don't require the full blockchain, and also enforces that the secret phrase is never submitted by mistake to a remote node by filtering the request data for that parameter. Finally, we want to encourage people to run full nodes, and the default roaming client mode downloads the blockchain in the background, eventually switching to full client mode when done. The roaming mode is a temporary state, unless the user sets the nxt.isLightClient=true to prevent blockchain download and stay as light client permanently.

Would it be possible to start a brand new installation up (for a new user) and have the question "Do you want to download the blockchain and run a full node or run lite client? Click "Full node" or "Lite client"?

Then the startup script could apply nxt.isLightClient=true automatically and the user would always be running a lite client.

I really think there would be enough of us geeks running a full node to be able to cope with lots of lite clients. It would be great for adoption: "the crypto you don't need a blockchain for!".

Like most people, I don't have a copy of the Bitcoin blockchain but I still use Bitcoin with a lite wallet.

jnsptrsn

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 64
    • View Profile
  • Karma: +6/-9
Re: NRS v1.10.0e
July 31, 2016, 12:57:42 pm

The js client does not blindly sign the tx, it verifies that the unsigned bytes from the node are correct first.

Great, thank you. Why does it need the node to create the unsigned bytes then?

Edit: Ok, I can see benefits of the nodes creating it. I'm happy with the answer :)

yassin54

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2508
  • I am Homer, Sorry my english is Bad!!
    • View Profile
  • Karma: +240/-14
Re: NRS v1.10.0e
July 31, 2016, 01:21:34 pm

Just Amazing !!  :-* :-*

petko

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 83
    • View Profile
    • My blog
  • Karma: +21/-0
Re: NRS v1.10.0e
July 31, 2016, 02:08:23 pm


Would it be possible to start a brand new installation up (for a new user) and have the question "Do you want to download the blockchain and run a full node or run lite client? Click "Full node" or "Lite client"?

Then the startup script could apply nxt.isLightClient=true automatically and the user would always be running a lite client.

I really think there would be enough of us geeks running a full node to be able to cope with lots of lite clients. It would be great for adoption: "the crypto you don't need a blockchain for!".

Like most people, I don't have a copy of the Bitcoin blockchain but I still use Bitcoin with a lite wallet.

The load on the full nodes is not the only problem. The NXT light client does not provide guarantee that a payment was received (like the Bitcoin SPV clients do).
E.g. if you are selling your car for NXT, don't trust the light client that you have received the payment - the info it displays is served by the remote node and is not verified. (This must be clearly understood by the users)

Yet, the light client is good enough if you are the buyer of the car.

So please don't compare the NXT light client to the Bitcoin SPV - you may get a lot of hate by the bitcoiners :)

Sebastien256

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2732
  • ^LOOK UP^ = Nxt community!
    • View Profile
  • Karma: +165/-24
Re: NRS v1.10.0e
July 31, 2016, 02:16:07 pm

This message should be different with isLightClient=true

The blockchain is busy downloading, you cannot forge during this time. Please try again when the blockchain is fully synced.
Please drop your ideas concerning Nxt and/or NRS in this topic -> List of feature request for Nxt and/or NRS (with the full list in OP).
Pages: [1] 2 3  All