Show Posts - kushti singapore
Please login or register.

Login with username, password and session length
Advanced search  


Latest Stable Nxt Client: Nxt 1.12.2

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - kushti

Pages: [1] 2 3 ... 20
Core Development Discussion / ZKCP for Nxt?
« on: February 28, 2016, 09:40:22 pm »
"I am happy to announce the first successful Zero-Knowledge Contingent Payment (ZKCP) on the Bitcoin network."


Well, it seems Nxt can do this as well with phased transaction to hash preimage  :)

Nxt General Discussion / Re: Anonymous Voting
« on: February 28, 2016, 09:34:16 pm »
The problem is not in finding a use case. The problem is in adapting the technical solution to the real life.
I see the biggest problem in distribution of the voting tokens. While voting can be anonymous how to make sure that the distribution of the voting rights was not tampered?
So at the moment kushti's idea is a pure academical project. But it may create a foundation for something really interesting. Or may not...

Voting tokens could be sent in non-encrypted form, then a voter V can say put x assets on 'yes' and 'y' assets in encrypted form along with ZK proof that sum equals number of token given to V.

Another question is decryption key to view result. There are a lot of questions around, so we need with a real case to solve first, that's my point

Consensus Research / Re: Permacoin Implementation
« on: February 26, 2016, 08:01:34 am »
Is Permacoin somehow related to the proposed NXT 2.0 design?

I guess now. I'm out of 2.0 discussions atm, will try to get read the debates and give my 2 cents though.

Nxt General Discussion / Re: Anonymous Voting
« on: February 26, 2016, 07:43:47 am »
It may be a great proof of concept but hardly usable in a real life.

Right, that's why I'm not implementing it in a rush manner  :) We need to consider some usable usage scenarios in the first place.

Nxt General Discussion / Anonymous Voting
« on: February 25, 2016, 07:57:31 pm »
As you know Voting System is pseudonymous. There was a request for anonymous voting, but it requires some specific things(e.g. additively homomorphic encryption w. zero knowledge proofs of range or membership) way too heavy to include into core. So it should be implemented as a service I guess. I can make a backend(open-sourced and CC0-ed for sure):

1. Who will make a frontend?
2. What is a need in that? Is a need a real?

Consensus Research / Permacoin Implementation
« on: February 25, 2016, 07:41:45 pm »
Well, that was done under different umbrella that Consensus Research, but following previous work  :)

 Permacoin is non-interactive Proof-of-Retrievability scheme for blockchain consensus protocol proposed by A. Miller et al: http://cs.umd.edu/~amiller/permacoin.pdf . Scorex devs have implemented Permacoin as Scorex module. Notes on implementation details: https://github.com/ScorexProject/Scorex-Lagonaki/wiki/Permacoin-Implementation .

Testnet is ready to be public. So we'll announce it soon to test things in the wild. Nothing is planned for production.

Scorex is now under IOHK Research wing (https://iohk.io/).

Now I'm finishing a new paper with a working title "A Scalable Blockchain System Based on a Non-Interactive Proofs of State History Retrievability", basically a Permacoin repurposed for storing blockchain system state snapshots to provide fast bootstrapping for new nodes and safe blockchain pruning.

Secure Asset Exchange / Re: Secure Assets Exchange is Shutting Down
« on: February 15, 2016, 12:35:15 pm »
The code for secureae.com & smartcontract.com backends is there https://bitbucket.org/kushti/secureae . Please note it's under AGPLv3 license, so any modification should be opensourced, including SaaS scenario.

SecureAE would work without any modifications with 1.7. SmartContract.com backend code is not corresponding to the current state(backend code has been replaced with alternative developed by rest of the team).

Secure Asset Exchange / Re: Secure Assets Exchange is Shutting Down
« on: January 22, 2016, 09:34:09 pm »
Thanks for the work and open source.
Another, Cryptamail is being developed or terminated too?

Cryptamail was abandoned in May, 2014. It could be opensourced(fully, with UI), but the code is for 1.1 or 1.2 so probably broken.

About SecureAE, it is about three parts, my backend is in Scala, a component in Ruby to change BTC<->Nxt via bter or cryptsy(yeah, we did that under the hood), and frontend in Javascript(inherited from wallet UI afaik).   Only first part could be opensourced(by me).

About further contribution to Nxt and its ecosystem. I'm all in research and Scorex atm. And I don't see any big problem with the core atm I can fix. I'm in dev maillist and have some things to propose for 2.0. What else? Time will show!

Secure Asset Exchange / Re: Secure Assets Exchange is Shutting Down
« on: January 22, 2016, 09:12:34 pm »
I am very very sad too!

Please, please help me and many others to understand, how we can transfer assets or access our accounts from standard NXT wallet (I never had before) or any other wallet if possible.

I downloaded NXT wallet. It is transferring NXT blocks atm. It allows me to enter with same NXT address as I use on SAE, but then I see nothing. I fI go to Add assets, I see nothing too.

What to do?

Guys, please not leave us alone - there is more users like me. Thank you!

You need to wait for all the blocks(with your operations, at least) to be downloaded. Or choose another web solution, or a light client.

General / Re: Kushti's topic
« on: January 20, 2016, 08:08:57 pm »
- I'm not longer with SAE / SmartContract
- Secure Assets Exchange is shutting down (https://nxtforum.org/secure-asset-exchange/secure-assets-exchange-is-shutting-down/)
- Interactive Proof-of-Stake proposal https://nxtforum.org/consensus-research/interactive-proof-of-stake/

And Scorex testnet, with Permacoin consensus protocol is going to be live in coming days. Also, two more papers on the way.

Secure Asset Exchange / Secure Assets Exchange is Shutting Down
« on: January 20, 2016, 07:53:39 pm »
Hi guys!

Unfortunately, Secure Assets Exchange will not survive 1.7 hardfork.

We(I and Sergey, then also Wesley and Steve Ellis) are started project in May, 2014 just few days after Nxt Assets Exchange release. Unfortunately, due to regulations issues (those 3-letters US agencies I dunno much about) new features were not developed since September, 2014. The team switched to SmartContract.com(also Nxt-based).

Since Nov, 2015 I'm not working with Steve&Sergey for many reasons(Wesley left us around Jan, 2015). Initially we came to agreement to continue maintenance of SAE, but later disagree on conditions.

Well, the best I can do here is to open-source SAE backend(as I'm author of it). I'm not sure the guys will do the same.

Farewell letter on the website:


Due to recent increases in maintenance costs and the limited resources/time of any startup that needs to prioritize its initiatives, Secure Asset Exchange will no longer be available as of January 21st, 2016 (NXT block 621,000); please plan accordingly.

We are deeply grateful to all of our users and supporters up to this point and look forward to focusing our energy on making the next generation of great blockchain-based applications, which our now global society can truly benefit from.

Your ability to use your NXT or any of your assets will not be affected by our availability because your account and all of its assets can be accessed through the official NXT client.

To access your account using the password created on trade.secureae.com, simply combine your username with your secret phrase, with no spaces between the two; this will create the password to your NXT account for the official client. For example, if your username is “joe” and your secret phrase is “joe likes coffee” then your account’s password for the official NXT client will be “joejoe likes coffee”. Please make sure to take capitalization and spacing into account, they do matter.

If you have any questions, please feel free to contact us at support@secureae.com.

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 14, 2016, 07:38:40 pm »

Not necessarily single account, but maybe a collusion  of several big holders. Anyhow, that's all speculations, for now.

Please note, in Nxt the best strategy for 33% attacker (against exponentially distributed network), is also splitting, into ~= 24 accounts though(via simulations). By splitting stake chance to avoid unlucky hit generation increases.

Could you clarify also this:
Quote from: mthcl
As a side note, I don't understand why you write "However, it is possible to iterate over delta" when discussing the Nxt algorithm on p.3.  Delta is in the right-hand side of (2), which is monotone, and it is not hashed. What advantage could it bring to the attacker then?

Well, for a single block, Delta could be calculated as target function is monotonic. However, in case of hidden chain generation time could be shifted to increase cumulative difficulty. Quick example, say intended delay is 60 seconds(Nxt case), block B could be generated 25 seconds after block A, block C 65 seconds after block B. In this case attacker could "delay"(i.e. insert different timestamp into block header) block B by 5 seconds, (A->B 30 seconds, so base-target penalty disappears). Maybe wording in the paper is misleading, I will re-check. Thanks mthcl!

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 13, 2016, 08:12:01 pm »
OK, assume R=16, l=10, for definiteness. Imagine that there there is someone who controls, say, 10% of the stake (or, maybe, several big holders collude so that they do control 10%). Assume also that other accounts are not so big, say, each controls less than 0.1%.  Then, the 10% holder would be able to forge really a lot of blocks in a row, by dividing his stake into 100 equal parts (with overwhelming probability at least one of his accounts gets the maximal m=R).

What do you think of this attack?  In general, the situation that many small holders cannot forge anything together is worrying, I think...

I'll check both IPoS / Nxt against that, but intuitively, in this case a system is probably vulnerable. I don't worry much about such a scenario though. Economy is about Pareto distribution of wealth. Paper ( http://arxiv.org/abs/1308.3892 ) shows the Bitcoin is about stretched exponential distribution. I can't imagine a system with a single 10+% account and others hold < 0.1%.

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 12, 2016, 08:27:52 pm »

It's m times binary logarithm of b, correct?  Then there should be kind of "best splitting strategy" to maximize the forging chances (with logarithms, it's clear that getting the highest possible value of m is the best strategy). It would be interesting to do the calculations...  But it is important to observe that if everybody uses some kind of splitting strategy, then this l parameter (the number of blocks you must skip before forging the next one) is essentially unimportant (if you have a lot of small accounts, you won't "feel" this restriction).

Also, do I understand correctly that with this algorithm "small" accounts will never forge?  I mean, assume that a rich guy has balance B, and splits it into (say) 10R*l equal accounts. Then, any account that has less than B/(10R*l) has almost no chance to forge?..

First of all, updated version of the paper is on Arxiv (http://arxiv.org/abs/1601.00275).

Yes, small-stake accounts as well as big stakeholder generate a disproportionally low number of tickets. So for a big stakeholder, aside of attacks, there's the economic incentive to split stake into middle-class accounts.

For attack with stake-splitting, now best number of accounts for 33% stakeholder is about 180(R=16, l=10)(old number with b^m was about 96). Bigger swarm reduces chances to generate a better chain than network's.

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 11, 2016, 08:28:15 pm »
Well, even with R=8 there is a big problem with the "hidden chain" attack performed by the guy with max balance. Assume, for example, that the richest guy has 5% of the stake, and others less than 1%. Then, even if he forges alone, he'll get sometimes very heavy weights (5⁸=390625), one his block will easily overweight a very long blockchain created by all others.

Oh, that's true. I've fixed ticket's score formula with m * log2 b. Happily, simulations show the updated formula works better against attacks, so adversarial power IPoS is claimed to be safe against is raised to 1/3(33.33%). I've added you to Acknowledgement section  :)  Uploading fixed paper to the Arxiv...

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 09, 2016, 08:06:12 pm »
And what value of R you're thinking of? 16, as in the paper?

With R=16, 1/16 of all accounts in average are participating in a round. Appropriate choice for few hundreds online non-empty accounts. For a bigger network, R=8(or even less) is safer. Adaptive R calculation is needed for a public network(see "Further Work"), as number of generators will go up and down. R=16 was used for simulations.

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 09, 2016, 06:22:52 pm »
I'm through the paper; but let me first ask the following to remove any doubt: do you really mean that the score of a ticket is b^m (b to power m), and not simply bm? I thought it was a misprint, but it happens two times, on pp. 4 and 5...

Alright, b^m (b to power m). I also tried b*(m^k), with k=8 seems more or less ok. With k=1, big stakeholders have too much advantage.

Consensus Research / Re: Interactive Proof-of-Stake
« on: January 07, 2016, 05:00:27 pm »
I'm going further. There are some very new approaches hopefully could resolve concerns around PoS entirely and make it provably more safe than PoW even. I mean the paper from 2015 about decentralized public randomness generation http://eprint.iacr.org/2015/366.pdf (it uses non-standard cryptography assumptions though) and Cothorities(http://dedis.cs.yale.edu/dissent/pres/151009-stanford-cothorities.pdf), also very new approach providing public randomness as well and chain enforcement probably. Another way is a hybrid consensus protocol, and instead of PoW I have an idea of an alternative principle based on Proof-of-Retrievability(http://cs.umd.edu/~amiller/permacoin.pdf). Paper on that will be available in February, hopefully.


Consensus Research / Re: Interactive Proof-of-Stake
« on: January 05, 2016, 03:41:37 pm »
Thanks for sharing! Will read...

Thanks! I would be happy to get a feedback, in form of heavy but constructive criticism preferably :)

Consensus Research / Interactive Proof-of-Stake
« on: January 05, 2016, 07:54:46 am »
Hi guys! And Happy New Year!   ;D

A new proposal for a new pure Proof-of-Stake protocol by me(solely this time):



1. Nxt has similar %% against private fork attack with better distribution (with 28.57% online stake an attacker has ~10% chance to generate a better chain of 10 confirmation, ~.1% to generate a better chain of 60 confs).

2. Dunno anything about implementation. Probably will be implemented in Scorex, mb in form of hybrid though.

Pages: [1] 2 3 ... 20