Bitcoin Forum
December 15, 2018, 05:19:41 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 547 »
1  Bitcoin / Development & Technical Discussion / Re: Question about Bitcoin Digital signatures on: December 14, 2018, 11:58:20 PM
OP, i think you're confused between hash, encryption and signature.

- Bob sends a transaction to Alice's public Key and signs using his private key, what is the method used to sign ? In my understanding, the transaction would be hashed in SHA 256 and then encoded with the private key.

No, AFAIK the method to sign bitcoin transaction is by using ECDSA or secp256k1 with Bob's private key. Hashing is used to make identity or locate transaction easier.
Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) with the curve secp256k1. Part of ECDSA is that the message to be signed is hashed.
2  Bitcoin / Development & Technical Discussion / Re: Why use RFC6979 and is there any downsides? on: December 14, 2018, 05:35:36 PM
So basically k is the same as a private key. So why not use the same process for creating a truly random private key here also? Why make it "deterministic " and most importantly what are the pros and cons of doing this?
When you sign the same message twice, you will get exactly the same signature. This reduces the risk of being vulnerable to attacks that involve multiple k values. Because you are producing the same signature, no new information is being created which reduces the possibility that your private key can be recovered. With non-deterministic signatures (i.e. random k), a new signature on the same message will have a different k and a different signature. So there is a possibility that there is some relationship between the signatures that can be found and exploited to find the private key. However there is no such known attack and it is safe to use randomly generated k's.

Using a deterministic nonce generation algorithm that takes into account the private key and message being signed such as RFC 6979 will allow for avoidance of the reused k attacks. Reusing a nonce in the signatures of multiple different messages signed by the same key will result in the private key being found. A deterministic nonce algo avoids this because including the hash of the message in the nonce makes it such that the nonce will always change for every message.

Also which implementations are doing this?
I can already confirm that Electrum is using RFC6979 ref since it is easier to go through python for me and also I didn't have time to check all of them yet...
Electrum, Bitcoin Core, Armory (I think), and probably many many more. Most wallet software use RFC 6979.
3  Bitcoin / Development & Technical Discussion / Re: Questions around operation of bitcoin with no blocks and dns disabled.. on: December 14, 2018, 05:18:16 PM
Just two more questions.

1.What exactly is the use of "IsInitialBloackDownlaod()" in mining.cpp. For my chain which is pretty new, If I want to check the block template, the functions returns true and I get
Code:
error -10 : Bitcoin is downloading blocks.
Is it same for
This is to prevent people from mining when they are out of sync. If you mine when out of sync, then you can cause a chain fork.

2. What is nMinimumChainWork and how it is calculated initially ?
ChainWork is the sum of all of the difficulties of all of the blocks in the blockchain. nMinimumChainWork is the chainwork for a specific block and is used during the initial sync as a safety check.

3. When Bicoin gui starts up, It says I'm 5 weeks behind.I forked bitcoin completely disabled DNS seeds. There's no reason for it. Why I get the message?
DNS is completely unrelated to this whatsoever. DNS seeds are used for finding nodes to connect to. It has nothing to do with you being behind.

The message appears because the software thinks you are out of sync. The most recent block is 5 weeks old and the software is expecting there to be more recent blocks. It has no way of knowing that there are not more recent blocks, but it assumes that there is because in Bitcoin, blocks are still being produced when you are offline.
4  Bitcoin / Development & Technical Discussion / Re: Is it possible to sign/create a transaction without specifying inputs? on: December 14, 2018, 04:43:13 AM
There's nothing preventing you from creating a raw transaction with no inputs but has outputs. Such a transaction wouldn't be able to be broadcast to the Bitcoin network as they are invalid since there are no inputs. But you could make them and whoever you give the transaction to can add their own inputs.

Furthermore, those who sign the transaction can use SIGHASH_ANYONECANPAY where they only sign the outputs of the transaction and just their input. So other inputs can be added afterwards too.
5  Bitcoin / Development & Technical Discussion / MOVED: Error Validating Transaction. Struggling to forward a payment. on: December 14, 2018, 04:31:58 AM
This topic has been moved to Trashcan.

Duplicate
6  Bitcoin / Development & Technical Discussion / MOVED: Problem wallet BitcoinPro on: December 13, 2018, 10:50:20 PM
This topic has been moved to Trashcan.

Duplicate
7  Bitcoin / Development & Technical Discussion / Re: Are block/Tx versions signed or unsigned? Why? on: December 08, 2018, 05:59:55 PM
Actually nobody uses those fields as a meaningful number, they are just 4 consecutive bytes.
Incorrect.

For the block version number, due to BIP 34 style soft fork deployments, the block version number must be greater than or equal to 4. This check is always done because of those soft forks. Furthermore, because it is signed, this requirement means that the highest bit cannot be set For this reason, BIP 9 specifies that the highest most bit must be a 0.

For the transaction version number, the version number is always interpreted as a meaningful number. A standard transaction must have a version number between 1 and the maximum version number inclusive. At this time, the maximum is 2.
8  Bitcoin / Development & Technical Discussion / Re: Use of oldest QT wallet on: December 07, 2018, 10:15:57 PM
First of all, bitcoin-qt wasn't introduced until 0.5.0. Prior to that, Bitcoin used wxWidgets. Secondly, Satoshi didn't publish his code to Github; Bitcoin wasn't really on Github until after Satoshi left the project.

To answer your question, if you were to use Bitcoin 0.1.0, it would not work. The software can start, but it won't be able to connect to other nodes and be able to sync the blockchain. This is not because consensus has changed, but because P2P protocol has changed a bit so it is now incompatible with the very first version. Furthermore, Bitcoin 0.1.0 would not be able to find any nodes to connect to as the node discovery method has changed.

However, you could create a shim that translates the original protocol messages to the modern protocol messages and be able to speak to a specific other node. You will need to do some other hacks in order to get Bitcoin 0.1.0 to be able to find your node to connect it. Once you can get it connected to another node, it can sync the blockchain. This sync though is extremely slow and it is unlikely that it will be able to sync the blockchain. Unfortunately the database design used originally does not work well with large blocks. In fact, due to the BDB locks issue that caused the fork in 2013, it will probably crash. This can be worked around by increasing the number of BDB locks.
9  Bitcoin / Development & Technical Discussion / Re: Are block/Tx versions signed or unsigned? Why? on: December 07, 2018, 06:18:40 PM
Both version numbers are signed. In most cases, whether the version number is signed or not doesn't really matter. The same applies for almost every other integer used in Bitcoin.

As for why, it's because satoshi chose to use an int instead of an unsigned int in the original code, so the signedness has stuck around since then.

The only number that changed signedness was nLocktime which was originally an int. At some point, satoshi changed this to an unsigned int.
10  Bitcoin / Development & Technical Discussion / MOVED: Inflection Point BTC; "Proof of Crack" - Scanning more profitable than Mining on: December 07, 2018, 01:42:03 AM
This topic has been moved to Trashcan.

Duplicate
11  Alternate cryptocurrencies / Altcoin Discussion / Re: How to send an alert message to all wallets? on: December 05, 2018, 09:02:13 PM
If this is the same alert system that was in Bitcoin and Litecoin (same meaning you just changed the key and not how it actually works), then it is vulnerable to several Denial of Service Attacks and you should remove it from your coin immediately. Please read http://bitcoin.org/en/posts/alert-key-and-vulnerabilities-disclosure.

If you really want to send an alert anyways, you can download this file: http://gist.github.com/laanwj/0e689cfa37b52bcbbb44 and read the comments. It has instructions on how to use it. Note that it may need some modification.
12  Bitcoin / Development & Technical Discussion / Re: Expaining bitcoin transaction: When does Alice posses the fund? on: December 02, 2018, 11:21:46 PM
When do the 0.5 BTC appear in Alices wallet?
It depends on the wallet software. Typically wallet software will show the BTC as appeared in her wallet as soon as the transaction is received by that wallet. It will be unconfirmed at that point, so it is potientially unsafe to spend the outputs in that transaction.

Does she now posses the Output of transaction A? Because this is an unspent output. Only when she wants to pay her employee, she unlocks this output, such that the input of transaction B consumes the output of transaction A. Then, her empoyee "holds" the output of transaction B.

Is this the correct way? In my understanding, an input only consumes a previous output, when someone wants to make a subsequent transaction. This is why this picture irritates me a little, because it says "Alice receives"... But isn't she already the owner of the output, before the input of transaction B consumes the output of transaction A?

So, in my optionen: Alice won't unlock the 0.5 BTC in order to possess them, but in order to spend them.
Yes, that is correct. Alice does not have to do anything in order to receive the Bitcoin. Once Bob has created an unspent output that Alice can spend, she can say that she has received the Bitcoin.

Of course, there is a caveat to this. Bob can't just make any output script that he wants that Alice can spend. There are a lot of output scripts that Alice could theoretically unlock and spent as an input in another transaction. However Alice is not tracking all of those things. Rather she has a specific set of output scripts that she can spend and she gives out addresses that correspond to those scripts. In order for Alice to consider Bob to have paid her, he needs to make an output with a script that corresponds to the address Alice gave him, otherwise Alice will not consider that transaction to be hers.
13  Bitcoin / Development & Technical Discussion / Re: Bitcoin Scaling Solution Without Lightning Network... on: December 01, 2018, 11:50:24 PM
This thread is so far off topic it is beyond rescue.

/locked
14  Bitcoin / Development & Technical Discussion / Re: Raspberry Pis Full node and Double spending problem on: November 24, 2018, 09:25:53 PM
How can Nodes protect me from Double spending?
They don't really.

What if i have like 10000 and ever more of Raspberry Pis at my home and therefore the maxm. no. of nodes in the network
There is no maximum number of nodes on the network. There is not and cannot be a maximum.

wid all of them saying DOUBLE SPENDED transcation is the real one???
It doesn't matter. Double spends are resolved by miners, not non-mining nodes. The number of nodes doesn't matter.

Would it mean, if i as i miner, successfully double spended my coins?
If you are a miner, you could double spend your own coins. Note that it isn't really a true double spend. You are not actually spending the same coin twice; rather you are simply spending the same coin in two transactions and only one of those transactions becomes final when it is included in the blockchain, presumably by you. However. double spending as a miner requires a significant amount of hashrate so the initial investment in mining hardware is very large and infeasible for most people.
15  Bitcoin / Development & Technical Discussion / MOVED: An Introduction to Hard Fork on: November 22, 2018, 04:25:55 PM
This topic has been moved to Trashcan.

Duplicate
16  Bitcoin / Bitcoin Technical Support / Re: Unable to find the correct transaction hash on: November 21, 2018, 02:55:06 PM
you did not quite understand my question
This transaction has 237 bytes. (along with SegWit data)
double sha256 does not give the same result as on the blockchain.info.
But what needs to be done in such a transaction instead of double sha256 ?

Thanks.

PS
your link, unfortunately, there is no described algorithm how to get a hash
You did not quite understand my answer.

A transaction is a binary format where each byte has a meaning. If you break up the bytes into the fields that they represent, and then remove the byte for the segwit data, concatenate the remaining bytes, and hash that, you will get the transaciton id. This is specified in what I linked; it tells you what fields need to be concatenated and hashed to get the txid.

So with the transaction you provided, it can be broken down as follows:
Code:
01000000 - nVersion
00 - Segwit marker
01 - Segwit flag
01 - Number of inputs
0000000000000000000000000000000000000000000000000000000000000000 - coinbase prevtx (must be all 0's)
ffffffff - coinbase prev index (must be all f's)
45 - length of coinbase script
03b5c207fabe6d6de2bf72f174e206a0b32192a50518322f7c58fd1cc2c2f5ebc60a5ca93e7a12450100000000000000626508006c639309c00100bb91182f736c7573682f - Script
00000000 - nSequence
02 - Number of outputs
8180fb5000000000 - Output value in satoshis
19 - Length of output script
76a9147c154ed1dc59609e3d26abb2df2ea3d587cd8c4188ac - Output script
0000000000000000 - Output value in satoshis
26 - Length of output script
6a24aa21a9ed470198ecd62086bfb66b96ccf86004de9e00899b00de495fff200cbb17ba55c0 - Output script
01 - Number of witness stack items
20 - Length of item on witness stack
0000000000000000000000000000000000000000000000000000000000000000 - coinbase witness stack item (must be all 0's for coinbase)
00000000 - nLocktime

So if you remove the segwit stuff, you get:
Code:
01000000 - nVersion
01 - Number of inputs
0000000000000000000000000000000000000000000000000000000000000000 - coinbase prevtx (must be all 0's)
ffffffff - coinbase prev index (must be all f's)
45 - length of coinbase script
03b5c207fabe6d6de2bf72f174e206a0b32192a50518322f7c58fd1cc2c2f5ebc60a5ca93e7a12450100000000000000626508006c639309c00100bb91182f736c7573682f - Script
00000000 - nSequence
02 - Number of outputs
8180fb5000000000 - Output value in satoshis
19 - Length of output script
76a9147c154ed1dc59609e3d26abb2df2ea3d587cd8c4188ac - Output script
0000000000000000 - Output value in satoshis
26 - Length of output script
6a24aa21a9ed470198ecd62086bfb66b96ccf86004de9e00899b00de495fff200cbb17ba55c0 - Output script
00000000 - nLocktime

Recombining the bytes results in
Code:
01000000010000000000000000000000000000000000000000000000000000000000000000ffffffff4503b5c207fabe6d6de2bf72f174e206a0b32192a50518322f7c58fd1cc2c2f5ebc60a5ca93e7a12450100000000000000626508006c639309c00100bb91182f736c7573682f00000000028180fb50000000001976a9147c154ed1dc59609e3d26abb2df2ea3d587cd8c4188ac0000000000000000266a24aa21a9ed470198ecd62086bfb66b96ccf86004de9e00899b00de495fff200cbb17ba55c000000000

When that is hashed, the result is 2e5bdebe7d5a3bda6f173875cae1ffff2d5a6e84257cd9f5cf99f7f31e7741bb which then must be byteswapped because txids are displayed in reverse byte order. So byteswapping this results in a txid of bb41771ef3f799cff5d97c25846e5a2dffffe1ca7538176fda3b5a7dbede5b2e.
17  Bitcoin / Development & Technical Discussion / Re: v0.17.0.1: Different EXE hashes in ZIP versus setup on: November 20, 2018, 09:05:51 PM
I'm pretty sure this is expected behavior. Other versions exhibit the same behavior.
18  Bitcoin / Bitcoin Technical Support / Re: Unable to find the correct transaction hash on: November 20, 2018, 04:00:41 PM
This transaction is a segwit transaction (all coinbase transactions for blocks containing segwit transactions must also be segwit transactions). So you need to compute the txid as defined in BIP 144.
19  Bitcoin / Development & Technical Discussion / Re: Technical Perspective of bitcoins. on: November 20, 2018, 04:21:54 AM
I will like to know is anything that block chain and bitcoin is solving that earlier was unsolved and blockchain technology is first in solving it.
What Bitcoin solved with the blockchain was the problem of other payment providers and digital currency systems being centralized and prome to being shutdown. Using cryptography and hashcash as a Proof of Work system had been used before in Chaumian Ecash and B-money. However those relied on a centralized servers to order transactions and resolve double spends. Bitcoin's primary innovation from those systems was a method to resolve the double spend problem without relying on a central source of truth.
20  Bitcoin / Development & Technical Discussion / Re: Someone says about "running your own full node" but.. on: November 17, 2018, 08:32:24 PM
This thread got derailed, so it's being locked.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 547 »
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!