Subscribe to the latest project news!

Ardor, Nxt, Ignis Social News Feed

TWITTER

The Marketplace & token creation functionality on #Ignis allows businesses like @EZYcountsuisse to manage digital s… https://t.co/ckWBLr9Zwz


Open Link
TWITTER

RT @madfox1234: Welcome our @Nxter_org Special Guest — @trifficworld ! Watch their tweets and look for the #nxterworddec2 ! Collect all 14…


Open Link
TWITTER

RT @bajodayo: And it was of course a great experience and privilege to present #Ardor ones again to #Africa as we open minds to endless pos…


Open Link
TWITTER

RT @MobsVideo: Big news! We've been selected by @tnwevents as one of top ten startups to compete at the Pitch Battle @HardFork Decentralize…


Open Link
TWITTER

Imagine the payout: just trick a #POS public #blockchain network into spending funds on a malicious fork using long… https://t.co/ZUdeDNS05o


Open Link
RSS

Investigating Long Range Attack

Theoretical attack against proof of stakeLong Range — Photo by William Daigneault on UnsplashFor my dedicated readers, I guess you already know what I’m about to say about long-range attacks … but if you need more convincing, read on.Long-range attacks are a popular reason to discredit proof of stake algorithms together with the concept of “Weak Subjectivity”. The idea is that at some point of time (most likely at the Genesis block), an attacker can use the existing state of the blockchain, together with a significant stake of the token balance, to create a chain that is indistinguishable from the real chain. The attacker then tricks users into using his malicious chain instead of the real one.As I previously observed in my article about the “Nothing at Stake” attack, this seemingly simple attack has never been observed in practice. This is of course a strange oddity given what is at stake.Our friend evil Bob, inspired by articles on the subject, decides to launch a long range attack against Nxt. Bob can easily reproduce the state of the chain at any given block height by simply downloading the blockchain up to this height. Now, he needs to get significant stake of the Nxt token at this block height to create a chain with a better difficulty than the real chain.If Bob is a large stake holder and has more than 50% of the stake he can always attack Nxt using a normal 51% attack. So, let’s assume for a start that Bob has no significant Nxt balance at the moment.Luckily for Bob, when Nxt was distributed back in 2013 it was distributed to only 72 lucky stake holders. All Bob has to do is track down these guys and get their account passphrase. In fact, Bob does not need to track all of them - he just needs to get a stake higher than the forging stake at the time of the Genesis block, which was only around 20% of the stake. Finding give or take 5 of the large genesis stake holders and getting their passphrase would be sufficient. Most of these stake holders already moved their funds to another account or sold it, so giving these old account passphrases to Bob would come with little risk. That said, Bob can’t brute force entry to these accounts. This entire attack could end right here if Bob fails to acquire the necessary passphrases to exceed the Genesis staking balance.Consider that the Nxt distribution is a relatively simple case, most proof of stake tokens were distributed to many more accounts at the Genesis block. Ardor, for example, was distributed to more than 100,000 Nxt holders back in 2016. Still, I assume that getting a stake in the blockchain token larger than the forging power at the time of the Genesis block release is possible for a well-funded and powerful attacker like Bob against any proof of stake coin.Equipped with the Genesis block that is available to anyone after installing the Nxt software, and 20% of the stake at the time of the genesis block, Bob starts to forge his own malicious chain. Alas, nothing happens, all other Nxt nodes blacklist his node and any other node already using Bob’s fork. New users never connect to Bob’s node.It appears that the Nxt software implements several simple layers of protection against long-range attacks:The software itself is distributed with a list of bootstrap nodes known to be on the right fork at the time of the release.The Nxt software implements checkpoints of the state of the blockchain at given block heights. Any fork that does not reproduce this exact state is rejected.Transactions use pointers to existing blocks when submitted to the blockchain. These pointers prevent multiple forks from including the same transaction with different block histories.Nodes will never switch to another fork whose chain differs for more than 720 blocks. You can think of it as a rolling checkpoint.As we will see, none of these features provide foolproof protection alone, but put together, they make it very difficult to implement a long-range attack.In my previous article, I explained that it will be very difficult for Bob to create a new version of Nxt which does not implement these protections. Even if he does, other users are very unlikely to use his modified version of the software. Therefore, I conclude that Bob can use a modified version on his own nodes, but to effectively implement any attack against Nxt, he will need to cheat users using the official Nxt software without his modifications.With some effort, Bob can circumvent protection #1 and get his nodes into the list of bootstrap nodes provided with the product. He will need to setup some central nodes and follow the normal chain for a while until some of his nodes make it into the bootstrap list. It would be even more difficult to prevent other nodes from blacklisting his nodes once he starts his attack. Perhaps he can maintain two forks, one honest fork he will show existing nodes connecting to his node, and one malicious fork he will show new users. Implementation of this will be very tricky but still possible.This way, Bob can attract some new users to his malicious fork. Next, Bob will need to circumvent protection #2 - the built in checkpoints. This is impossible unless he can convince new users to use his version of the software, which we assume is unlikely. To workaround this, Bob can try to start his fork after the latest built-in checkpoint. Assuming the latest checkpoint is not too recent this might still be possible using some of the techniques above.Another weakness of Bob’s fork is that it won’t be able to accept existing transactions due to protection #3, which means his fork history will differ significantly from the real chain and this will be simple to detect using any block explorer.Finally, Bob won’t be able to trick existing nodes to move into his malicious fork due to protection #4, the rolling checkpoint.The worst damage Bob can cause is if he is able to convince a large exchange or business to use his fork. But exchanges and businesses can easily protect against this by checking their fork against a well-known block explorer, which is guaranteed to be on the right fork.Which brings up the question, can Bob implement a long-range attack in less than 720 blocks to override protection #4, the rolling checkpoint?For Bob’s attack against the Genesis block or some very old block height, users did not lose much by revealing old account passphrases to Bob. The problem with the short-range attack on recent blocks is that Bob cannot expect anyone to give up their current passphrase without payment. To create the short-range version of the long-range attack, Bob will need to purchase more tokens than the current forging stake, but if he does this, he can just implement a simple 51% attack.To summarize, long-range attack against proof of stake is a theoretical threat effectively mitigated using simple practical steps.PostfaceA common procedure for creating a private/public key pair is to base it on 12 words selected randomly from a dictionary of 1626 words. This is how the Nxt wallet generates a passphrase for a new account. There are roughly 3.41*10³⁸ combinations, slightly more than 2¹²⁸. In cryptographic terms, this provides 128 bits of security which is considered safe, even against quantum computers, forever.However, if someone can create memory cells from all the 10⁴⁹ Silicon atoms on Earth and use them to store a pre-image of all possible word combinations and their hashes, they can crack every private key based on its public key in a split second. Still, it is considered safe to use 128 bit keys and rightly so. The point is, we tend to accept algorithms as secure even when theoretical attacks against them exist. The same goes for the Nxt’s proof of stake algorithm.Investigating Long Range Attack was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.

Dec. 10, 2018, 5:23 p.m.
Open Link
RSS

Investigating Long Range Attack

Theoretical attack against proof of stakeLong Range — Photo by William Daigneault on UnsplashFor my dedicated readers, I guess you already know what I’m about to say about long-range attacks … but if you need more convincing, read on.Long-range attacks are a popular reason to discredit proof of stake algorithms together with the concept of “Weak Subjectivity”. The idea is that at some point of time (most likely at the Genesis block), an attacker can use the existing state of the blockchain, together with a significant stake of the token balance, to create a chain that is indistinguishable from the real chain. The attacker then tricks users into using his malicious chain instead of the real one.As I previously observed in my article about the “Nothing at Stake” attack, this seemingly simple attack has never been observed in practice. This is of course a strange oddity given what is at stake.Our friend evil Bob, inspired by articles on the subject, decides to launch a long range attack against Nxt. Bob can easily reproduce the state of the chain at any given block height by simply downloading the blockchain up to this height. Now, he needs to get significant stake of the Nxt token at this block height to create a chain with a better difficulty than the real chain.If Bob is a large stake holder and has more than 50% of the stake he can always attack Nxt using a normal 51% attack. So, let’s assume for a start that Bob has no significant Nxt balance at the moment.Luckily for Bob, when Nxt was distributed back in 2013 it was distributed to only 72 lucky stake holders. All Bob has to do is track down these guys and get their account passphrase. In fact, Bob does not need to track all of them - he just needs to get a stake higher than the forging stake at the time of the Genesis block, which was only around 20% of the stake. Finding give or take 5 of the large genesis stake holders and getting their passphrase would be sufficient. Most of these stake holders already moved their funds to another account or sold it, so giving these old account passphrases to Bob would come with little risk. That said, Bob can’t brute force entry to these accounts. This entire attack could end right here if Bob fails to acquire the necessary passphrases to exceed the Genesis staking balance.Consider that the Nxt distribution is a relatively simple case, most proof of stake tokens were distributed to many more accounts at the Genesis block. Ardor, for example, was distributed to more than 100,000 Nxt holders back in 2016. Still, I assume that getting a stake in the blockchain token larger than the forging power at the time of the Genesis block release is possible for a well-funded and powerful attacker like Bob against any proof of stake coin.Equipped with the Genesis block that is available to anyone after installing the Nxt software, and 20% of the stake at the time of the genesis block, Bob starts to forge his own malicious chain. Alas, nothing happens, all other Nxt nodes blacklist his node and any other node already using Bob’s fork. New users never connect to Bob’s node.It appears that the Nxt software implements several simple layers of protection against long-range attacks:The software itself is distributed with a list of bootstrap nodes known to be on the right fork at the time of the release.The Nxt software implements checkpoints of the state of the blockchain at given block heights. Any fork that does not reproduce this exact state is rejected.Transactions use pointers to existing blocks when submitted to the blockchain. These pointers prevent multiple forks from including the same transaction with different block histories.Nodes will never switch to another fork whose chain differs for more than 720 blocks. You can think of it as a rolling checkpoint.As we will see, none of these features provide foolproof protection alone, but put together, they make it very difficult to implement a long-range attack.In my previous article, I explained that it will be very difficult for Bob to create a new version of Nxt which does not implement these protections. Even if he does, other users are very unlikely to use his modified version of the software. Therefore, I conclude that Bob can use a modified version on his own nodes, but to effectively implement any attack against Nxt, he will need to cheat users using the official Nxt software without his modifications.With some effort, Bob can circumvent protection #1 and get his nodes into the list of bootstrap nodes provided with the product. He will need to setup some central nodes and follow the normal chain for a while until some of his nodes make it into the bootstrap list. It would be even more difficult to prevent other nodes from blacklisting his nodes once he starts his attack. Perhaps he can maintain two forks, one honest fork he will show existing nodes connecting to his node, and one malicious fork he will show new users. Implementation of this will be very tricky but still possible.This way, Bob can attract some new users to his malicious fork. Next, Bob will need to circumvent protection #2 - the built in checkpoints. This is impossible unless he can convince new users to use his version of the software, which we assume is unlikely. To workaround this, Bob can try to start his fork after the latest built-in checkpoint. Assuming the latest checkpoint is not too recent this might still be possible using some of the techniques above.Another weakness of Bob’s fork is that it won’t be able to accept existing transactions due to protection #3, which means his fork history will differ significantly from the real chain and this will be simple to detect using any block explorer.Finally, Bob won’t be able to trick existing nodes to move into his malicious fork due to protection #4, the rolling checkpoint.The worst damage Bob can cause is if he is able to convince a large exchange or business to use his fork. But exchanges and businesses can easily protect against this by checking their fork against a well-known block explorer, which is guaranteed to be on the right fork.Which brings up the question, can Bob implement a long-range attack in less than 720 blocks to override protection #4, the rolling checkpoint?For Bob’s attack against the Genesis block or some very old block height, users did not lose much by revealing old account passphrases to Bob. The problem with the short-range attack on recent blocks is that Bob cannot expect anyone to give up their current passphrase without payment. To create the short-range version of the long-range attack, Bob will need to purchase more tokens than the current forging stake, but if he does this, he can just implement a simple 51% attack.To summarize, long-range attack against proof of stake is a theoretical threat effectively mitigated using simple practical steps.PostfaceA common procedure for creating a private/public key pair is to base it on 12 words selected randomly from a dictionary of 1626 words. This is how the Nxt wallet generates a passphrase for a new account. There are roughly 3.41*10³⁸ combinations, slightly more than 2¹²⁸. In cryptographic terms, this provides 128 bits of security considered safe, even against quantum computers, forever.However, if someone can create memory cells from all the 10⁴⁹ Silicon atoms on Earth and use them to store a pre-image of all possible word combinations and their hashes, they can crack every private key based on its public key in a split second. Still, it is considered safe to use 128 bit keys and rightly so. The point is, we tend to accept algorithms as secure even when theoretical attacks against them exist. The same goes for the Nxt’s proof of stake algorithm.

Dec. 10, 2018, 5:23 p.m.
Open Link
TWITTER

RT @Ardorgate: Thank you @Nxter_org for adding us to https://t.co/wR6bfWfuOi


Open Link
TWITTER

RT @trifficworld: https://t.co/nCQ1HZmQ3Z Triffic is a groundbreaking augmented reality app that utilizes the Ardor blockchain to issue loy…


Open Link
TWITTER

RT @jrgros: Take a closer look at @Jelurida’s projects. Look deep into $Nxt, $Ardr, and $Ignis. https://t.co/i6VeG3oPYV


Open Link
TWITTER

Original #art behind #cryptocollectables of @TarascaD are up for #auction right now. Pay with $IGNIS or #AEUR. All… https://t.co/OaMTP0RhDW


Open Link
REDDIT

AEUR - blockchain token backed by EURO | NXTER.ORG



/r/Ardor
Dec. 10, 2018, 10:42 a.m.

Open Link
TWITTER

Are you ready for another #NxterPuzzle #giveaway? This week we'll spend with @trifficworld. Collect words, log in t… https://t.co/DV4fKsRzct


Open Link
RSS

A Week With Triffic

Lost your way? Stranded? Broke and unhappy? We are happy to announce this week's NxterPuzzle guest: James Malach! As the founder and CEO of the first company that will reward you with cryptocurrency for wandering clueless and lost around with a GPS app open, James should be able to run this week's giveaway. It will be raining ... Read more The post A Week With Triffic appeared first on NXTER.ORG.

Dec. 10, 2018, 9:20 a.m.
Open Link
TWITTER

RT @Nxter_org: @madfox1234 @m4kstep @Ardor_Nxt_Group Well done, ARDOR-TSKW-4JPV-83T9-9LCWT! Also grabbing the small bonus on 29-11-2018. ;)


Open Link
TWITTER

RT @CoinWatcherBot: Best returns (24h): 1. aelf +20.2% $ELF 2. Bitcoin Private +17.5% $BTCP 3. @NxtCommunity +13.3% $NXT #blockchain #altco…


Open Link
TWITTER

RT @antgrasso: Comparison of Blockchain Platforms. @TheCryptoWoman @MrV_777 via @antgrasso thx to @AvdiuSazan. #blockchain #cryptocurrencie…


Open Link
TWITTER

RT @TarascaD: Do you want to participate in the #Auctions? Here you have a simple tutorial to do it. #blockchainauctions $ARDR $Ignis $AEUR…


Open Link
TWITTER

RT @AvdiuSazan: Ardor is a backbone of a powerful ecosystem of assets, currencies, and most importantly #childchains. What #Ardor will even…


Open Link
TWITTER

We're #hiring even as many #blockchain projects downsize. We're welcoming #Java engineers, web/mobile #developers &… https://t.co/ovRybuoX3L


Open Link
TWITTER

If we are meant to see mass adoption of #blockchain technology, one thing is for certain: it is unrealistic to expe… https://t.co/TI9XlNMvCJ


Open Link
TWITTER

Looking for a distributed #cloud storage solution? #Ignis is here for you, backed by an immutable #blockchain ledge… https://t.co/wsiXDA4Xy4


Open Link
TWITTER

RT @hackernoon: FRIDAY’s TECH STORIES THAT MATTER: https://t.co/vgBY8GYQKJ https://t.co/RozvR1fpiP


Open Link
TWITTER

RT @wire_master: #blockchain tech is improving dramatically. Look at #Ardor and the new features introduced recently (eg #Lighweightcontrac…


Open Link
TWITTER

RT @TarascaD: Important announcement! We are going to #Auction the first five original physical paintings of the cards! What better gift co…


Open Link
TWITTER

Back from a short and well needed vacation in sunny Eilat. All systems are go! Looking forward to a great new year… https://t.co/Q8hLvvywb0


Open Link
RSS

David, thanks for referencing my article.

David, thanks for referencing my article. Minor correction, please note that in the article description “²²⁵⁵ hash operations.” should be “2²⁵⁵ hash operations.”

Dec. 7, 2018, 5:56 p.m.
Open Link
TWITTER

@Sir_Gelson @ConsenSys @itsamyjung EUR and CHF


Open Link
TWITTER

We're #hiring during the @Consensys firing! Join the only #blockchain platform w/ a working multi-chain, lightweigh… https://t.co/eZtktnyc9U


Open Link
TWITTER

Join our mailing list, stay up to date with all #Nxt #Ardor #Ignis news, upcoming events, #hackathons and software… https://t.co/amunk0dpxF


Open Link
TWITTER

An exciting #gamification app has been under development on #Ignis for the past year - find out how @trifficworld i… https://t.co/5ORGzPk5nH


Open Link
REDDIT

Just some small talk,

Hi everyone, So what are your opinions about the current state of the market? What will be te bottom? Will bitcoin pull te whole market to 0? Is the downside in bitcoin good for the long term in Ardor/ other coins? I have been in ardor since may 2017. Made some mistakes in the december rally, but i will never forget the experience i got. The life lessons. Like i said just some small talk in this reddit group.

/r/Ardor
Dec. 7, 2018, 6:18 a.m.

Open Link
TWITTER

RT @bajodayo: Once again, as its time to turn the table towards a more #decentralized direction, I will be representing @Jelurida speaking…


Open Link
TWITTER

RT @CryptoDemetrius: Article > Headline. Key pain points of #blockchain technology are keenly identified & ideal solution would be energy e…


Open Link
TWITTER

RT @Ardorgate: Now you can pay $AEUR for @MaxPropertyG MPG tokens at https://t.co/nnW0MlhIsm


Open Link
TWITTER

RT @madfox1234: You know what? Here is this $NXT account NXT-33F8-KL8N-6ZDE-3LRSU Just grab this crypto by solving the puzzle :-) @Nxter_or…


Open Link
TWITTER

ICYMI: The latest #Ardor $IGNIS $NXT update in English: https://t.co/GYwjmjspsL Russian: https://t.co/ESCwuE1V8k Ch… https://t.co/lNk4F2ZNaH


Open Link
RSS

Nxter News — Декабрь 2018 I: Считайте возраст по друзьям, а не годам. Считайте жизнь по улыбкам, не слезам.

Nxter News | December 2018 (I) Считайте возраст по друзьям, а не годам. Считайте жизнь по улыбкам, не слезам.   Добро пожаловать, дорогие Некстеры и прочие последователи! Таковы все дети, они ползают, дерутся, носятся. А потом вырастают. С момента последнего выпуска Nxter News мы отметили пятую годовщину Nxt. Вскоре (25 декабря) мы будем присутствовать при рождении ... Read more The post Nxter News — Декабрь 2018 I: Считайте возраст по друзьям, а не годам. Считайте жизнь по улыбкам, не слезам. appeared first on NXTER.ORG.

Dec. 6, 2018, 2:20 p.m.
Open Link
TWITTER

Combine fantastic art w/ card games, #Ignis and #LightweightContracts - things quickly get exciting. Check out the… https://t.co/2YxqGLYBlo


Open Link
REDDIT

ardor price



/r/Ardor
Dec. 5, 2018, 11:28 p.m.

Open Link
TWITTER

RT @madfox1234: It's been an amazing week with @m4kstep ! Thanks for participating! #ARDOR account ARDOR-TSKW-4JPV-83T9-9LCWT was fast enou…


Open Link
TWITTER

RT @FatihSK87: @zooko Double spending and 51% attacks was 1st solved by $NXT; https://t.co/BGEcZOnOq1


Open Link
RSS

Nxter News | Diciembre 2018 (I): Cuenta Tu Edad por Amigos, No por Años. Cuenta Tu Vida por Sonrisas, No por Lágrimas

Nxter News | Diciembre 2018 (I) Cuenta Tu Edad por Amigos, No por Años. Cuenta Tu Vida por Sonrisas, No por lágrimas.   ¡Bienvenidos apreciados Nexteros y resto de seguidores! Todavía somos niños, gateando, andando, corriendo. Haciéndonos grandes. Desde nuestro último boletín de noticias de Nxter, se ha alcanzado el quinto cumpleaños de Nxt. Pronto ... Read more The post Nxter News | Diciembre 2018 (I): Cuenta Tu Edad por Amigos, No por Años. Cuenta Tu Vida por Sonrisas, No por Lágrimas appeared first on NXTER.ORG.

Dec. 5, 2018, 5:56 p.m.
Open Link
REDDIT

Track Ardor's Rise at Chainsage.com, New Cryptocurrency Market Data Site

Hi everyone, We've recently launched our cryptocurrency pricing site we have been working on for a few months! **Here's our page for Ardor, which you can see the aggregate prices and trading volumes per exchange and per trading pair. You can paginate over 15 trading pairs of Ardor, filter and sort them!** # [https://chainsage.com/assets/ardr/](https://chainsage.com/assets/ardr/) At Chainsage, you can track 2700+ cryptoassets traded on 230+ exchanges, filter and sort them based on various fields such as market cap and volume. **https://chainsage.com** We would love to get feedback from the community on how we can improve, as well as features you want to see on our site. Thank you! https://i.redd.it/hr57u975ig221.jpg ​

/r/Ardor
Dec. 5, 2018, 12:55 p.m.

Open Link
TWITTER

.@albefero from #Jelurida participating in the Asia Tech Podcast with Graham Brown! Stay tuned for the recording!… https://t.co/hhD4pho4Rj


Open Link
TWITTER

A website that is a work of art - just like the #cryptocollectibles of @TarascaD and originals listed as assets on… https://t.co/GeoTrGRmAx


Open Link
REDDIT

Ardor online hackathon will be running until January 10, 2019

[https://twitter.com/ArdorPlatform/status/1069936865753661440](https://twitter.com/ArdorPlatform/status/1069936865753661440) [https://www.jelurida.com/ardor-hackathon-2018](https://www.jelurida.com/ardor-hackathon-2018) ​

/r/Ardor
Dec. 5, 2018, 9:18 a.m.

Open Link
TWITTER

You missed the #Ardor #hackathon #AMA? No problem, read the transcript here https://t.co/pj3eoxIFCa Still have ques… https://t.co/FDhiMkvnnK


Open Link
TWITTER

Alias System on #Ignis translates text into almost anything: #Ardor addresses, email addresses, URLs, phone #s, SKU… https://t.co/zsVzrEnQsw


Open Link
TWITTER

RT @CryptoDemetrius: Innovative solutions are hiding in the most unassuming places- #Ardor community member @galeki3 made a brilliant disco…


Open Link
More ...