Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation on 02/19/2016 in all areas

  1. 2 points
    Twarden

    Guide to Create Hot and Cold Wallets

    Create a hot-wallet: From a computer you trust with an internet connection, go to https://jatchili.github.io/minimalist-ripple-client/ and click generate identity, you will be notified to save your secret key before exiting the window. Click on show/hide secret and then back up your secret on two separate pieces of paper an save them both in safe places (i.e. one in your wallet and one in another location besides your home like a safety deposit box). Save your ripple address on your computer via copying and pasting it into a text file, a bookmark, draft email, or whatever else you prefer. Fund the wallet with 25 XRP to activate the account, once this is done, you can begin to build trust-lines to Gateways. Create a cold-wallet: From a computer that you trust with an internet connection you trust, go to https://raw.githubusercontent.com/jatchili/minimalist-ripple-client/master/index.html and download the latest release of the minimalist client as index.html on a clean USB drive. Eject the removable media and connect it to a standalone PC. Open the index.html file with Chrome or Firefox and click the generate identity button, you will be notified to save your secret key before exiting the window. Click on show/hide secret and then back up your secret on two separate pieces of paper an save them both in safe places (i.e. one in your wallet and one in another location besides your home like a safety deposit box). Save your ripple address on your computer via copying and pasting it into a text file, a bookmark, draft email, or whatever else you prefer. From another computer with internet access, fund the wallet with at least 25 XRP to activate it, once this is done, your cold wallet has been created. Keep your two copies of your secret key safe, it is the only way to access this cold wallet's funds when you will want to spend them in the future. To regain access to your cold wallet: From you computer that you trust with an internet connection you trust, go to https://jatchili.github.io/minimalist-ripple-client/ and enter your secret then press set identity. When you click set identity, your public key will be displayed. Click connect to ripple and you will receive a response within another window. You can now query the balance of your cold wallet, trade, and send funds.
  2. 2 points
  3. 2 points
    base58 is just one way of representing a number. There are lots of others, including decimal, hexadecimal, and even an alphanumeric passphrase can be interpreted as a number. There are a number of places where rippled accepts several formats and guesses which one you provided. It's probably easiest to clarify this with the wallet_propose command which generates the keys for a wallet. (This is an offline operation -- all it does is some math.) If you don't specify a seed value, rippled chooses one randomly. However, if you do specify a seed value, it'll tell you both the secret key and the public address for that key in several different formats. Example: If you run the same command but specify 'snoPBrXtMeMyMHUVTgbuqAfg1SUTb' instead of 'masterpassphrase' the results will be the same. You can even use the RFC-1751 format from the response to generate the same key. And if I'm not mistaken, you can also use any of those three formats as the value of the "secret" field when signing a transaction. Here's a breakdown that should help: Seed value: Just about any number (including anything that can be represented as a number). Trim this to size and you have a secret key. Secret key: A 128-bit (16 byte) number that you keep secret, and use to sign transactions. Anyone who knows the seed value for an account has full control over that account*. When rippled represents these in base-58 it prefaces them with the value 33 which maps to the letter s in Ripple's base-58 dictionary, so secrets look like this in base-58: "snoPBrXtMeMyMHUVTgbuqAfg1SUTb". You use this to generate a public key. Public key: A 264-bit (33-byte) number that can be used to "easily" validate any signature from the corresponding secret key. It's "hard" to figure out a secret key or to create a valid signature using just a public key and past signatures. (Basically you have to make a completely insane number of guess-and-check attempts.) Typically these are represented in hexadecimal. (See the SigningPubKey field of a transaction.) You always have to tell people your public key eventually in order for them to be able to validate your signatures. However, both Bitcoin and Ripple actually put the public key behind one more layer of abstraction: You use the public key to generate an account address. Account ID: a 160-bit (20 byte) number that is derived from a public key using a hash function (technically two, the RIPEMD160 of SHA256) and prefixed with the value 0 which maps to the letter "r" in Ripple's base58 dictionary. Account Address: the Account ID, encoded in base58 with a 4-byte checksum (SHA-256 of SHA-256 of the account ID). This is an easily reversible step that just makes it easier to read and write addresses (big numbers) for human consumption. *The exception is that the owner of an account can disable the master key if they have a regular key(pair) set, in which case you have to know the regular keypair's secret key to control the account. All it takes in order to create an account in Ripple is sending 20 XRP to a validly-formed address (that is, it's a number that fits in 160 bits and the error checking is good). If an account hasn't been created yet, it's not in the ledger, and you'll get a not-found error if you try to check its account info, trust lines, transaction history, etc. However, you can subscribe to an account that doesn't exist yet (and if your subscription is still active when the account gets funded, you'll get notified). Sending a transaction just requires a seed value or secret key, and access to a rippled server. You write some transaction instructions, use ECDSA to sign the message** (curve=secp256k1), and attach your signature, valid pubkey and address to the transaction. Then RCL checks several things: The signature matches the transaction instructions The signature matches the pubkey The pubkey matches either (a) the address of the account sending the transaction, or (b) a regular key address previously stored in the ledger by the account sending the transaction In the case of 3a, it also checks that the account hasn't disabled its master key. ** rippled also has experimental support for the EdDSA algorithm using the ed25519 curve. It works basically the same way. Technically the Ed25519 public keys are 32 bytes instead of 33, so they're prefixed with the byte 0xED to make them a consistent size with the secp256k1 keys. A note on "black hole" addresses: Typically if you have a validly formed address, that's because you started with a seed value and went through all the steps. But it's also possible to just start with a public key and generate a valid address from there. Addresses are typically pretty random because they're based on hash function output, which is basically indistinguishable from random noise. If an address seems incredibly unlikely to be random (for example, rrrrrrrrrrrrrrrrrNAMEtxvNvQ) then it's likely that you generated that address from something that wasn't a real output of RIPEMD160 of SHA-256, which means it's a guessing game to figure out what input could generate that output -- and again, that's a problem that's incredibly hard to solve, involving a ridiculous number of guess-and-check attempts. (Bitcoin mining is based on a variation of that same problem.) And even if you figured out what public key could generate such a nicely ordered output, you still have to solve a ridiculously-hard elliptic curve problem to figure out what the secret key is. So, chances are, nobody in the world actually knows or will ever guess the secret key that would give them full control over rrrrrrrrrrrrrrrrrNAMEtxvNvQ or other "unlikely" accounts like that. We call these addresses black holes, because in all likelihood, any XRP they receive is lost forever. Now if you've read this far, here's a fun side project you can try: Start with a list of most common passwords. Use those as seed values to generate Ripple keys and addresses (wallet_propose). Check the ledger to see if any ill-advised schmucks have funded those addresses. (Here's a freebie: rU1HdiNbCJTdBJhGa22B76QCuDSVBCWGNj is the address for the secret key 'trustno1' but it doesn't exist.) If you find one that does exist, check whether the master key is disabled. (If it is, the Flags value of the account bitwise-AND 0x00100000 is a nonzero value) If the master key is not disabled, then you have full control over that account, and you can take any XRP or other currencies it holds. Now, actually taking it might be legally considered theft and/or computer fraud, so maybe think twice about actually taking it. (Personally, I would view it as the digital equivalent of picking up money from the street, but a jury might think differently.) There are plenty of other things you can do with full control of an account, like sending embarrassing Memos or setting the account's Domain field to point back at your favorite website.
  4. 2 points
    This is a phenomenal analysis focusing on the legal aspects of Ripple and settlements via a distributed system. Very dense – not light reading! Credit to @ClemondFlinch for posting this in the chatbox. Abstract: http://michiganlawreview.org/wp-content/uploads/2016/02/114MichLRev649_RosnerKang.pdf
  5. 2 points
    Hodor

    Benefits of an industry-standard ILP

    Pointed to from Alec Liu, this paper is a fantastic article that points at the massive wave of fintech pushing against banks right now: http://www.oliverwyman.com/content/dam/oliver-wyman/global/en/2016/feb/BlockChain-In-Capital-Markets.pdf
  6. 2 points
    Creating an offline wallet an hot wallet are simple. These instructions will let you create either wallet using the minimalist client. Create a hot-wallet: From a computer you trust with an internet connection, go to https://jatchili.github.io/minimalist-ripple-client/ and click generate identity, you will be notified to save your secret key before exiting the window. Click on show/hide secret and then back up your secret on two separate pieces of paper an save them both in safe places (i.e. one in your wallet and one in another location besides your home like a safety deposit box). Save your ripple address on your computer via copying and pasting it into a text file, a bookmark, draft email, or whatever else you prefer. Fund the wallet with 25 XRP to activate the account, once this is done, you can begin to build trust-lines to Gateways. Create a cold-wallet: From a computer that you trust with an internet connection you trust, go to https://raw.githubusercontent.com/jatchili/minimalist-ripple-client/master/index.html and download the latest release of the minimalist client as index.html on a clean USB drive. Eject the removable media and connect it to a standalone PC. Open the index.html file with Chrome or Firefox and click the generate identity button, you will be notified to save your secret key before exiting the window. Click on show/hide secret and then back up your secret on two separate pieces of paper an save them both in safe places (i.e. one in your wallet and one in another location besides your home like a safety deposit box). Save your ripple address on your computer via copying and pasting it into a text file, a bookmark, draft email, or whatever else you prefer. From another computer with internet access, fund the wallet with at least 25 XRP to activate it, once this is done, your cold wallet has been created. Keep your two copies of your secret key safe, it is the only way to access this cold wallet's funds when you will want to spend them in the future. To regain access to your cold wallet: From you computer that you trust with an internet connection you trust, go to https://jatchili.github.io/minimalist-ripple-client/ and enter your secret then press set identity. Click connect to ripple and you will receive a response within another window. You can now query the balance of your cold wallet, trade, and send funds.
  7. 2 points
    Zen1

    Q&A with Earthport's Jon Lear

    On page 42... https://issuu.com/paymentweek/docs/pq3_final/46?e=11134839/33390401
  8. 1 point
    https://medium.com/@filesofnerds/margaret-runchey-invented-bitcoin-not-satoshi-nakamoto-bfc1eddeeff#.5m1a39coa I was almost sold. Then I read: And thought the whole “permissions” and “blocksize” debates — back in 2007. What sold me was: …virtual transaction artifacts that own people as data. Barring all the mathematical gymnastics — that is the solve for double-spending in the simplest form. A distributed database that correlates and differentiates identities, etc. with two key criteria: “you own the event and can prove it with a link to a real authority that has a real instantiating artifact.” I thought: There’s no way a patented invention with +50 citations in Google Patents about distributed network architecture that describes “virtual transaction artifacts that own people as data” can be overlooked by a “cottage industry” with a $6 billion dollar market cap. How awesome would that have been for women and STEM if, as per my apparent finding, “Satoshi Nakamato” were actually some reclusive female academic living in Florida (besides the Florida part)? That is, she probably didn’t come up with the best pen name evar! The true creator of “Bitcoin” is a woman named Margaret Runchey. She authored a distributed systems architecture relying on digital signatures using “unifying constraint” of timestamps and geolocation data for “multiple mints independently of one another, and requires no central authority” where “transactions with identity own people with identifiers” and “transaction is the assertion of performance." Here’s her Model of Everything: https://d262ilb51hltx0.cloudfront.net/max/800/1*FliNSTPL30SmZn9Qc7w6PQ.png “The rules we share are the reference architecture of society.” — Margaret Runchey Runchey’s patented invention was published a year (Aug 18, 2007) before, if not earlier, Nakamoto’s, and it founds all of the fundamental concepts of Bitcoin, including Autonomous Agents as “miniature machine agents, biological agents, information agents”, Chain of Ownership, Data Artifacts of Data Commons, Smart Contracts, Upgrades, Miners as Mints (though “S.N.” mentions mints he doesn’t point out that M.R.’s systems takes the weight or footprint of transaction artifacts — so it goes without saying that they’re less efficient overtime to duplicate or double-spend or forge), other things not in the white paper. She skips out on “physical location constraints” as meaningless and assumes a finite virtual system even offline addresses might participate in through the address space of 33,452,526,613,163,800,000,000,000,000,000,000,000,000,000,000,000 unique identifiers which can be “lumped with other math-based computer functions” to achieve uniqueness as a “strong control of ownership”. She adds that “Privacy isn’t about “trust providers” protecting private information; it’s about their not owning and controlling it in the first place”. She defines a molecular transaction artifact system with W3C technologies and principles of “Simplicity, Modular Design, Tolerance, Decentralization, Test of Independent Invention, and Principle of Least Power” that is both decentralized and distributed with identifiers generated from a “combination of location/date/time with assertion of incept identity ownership…” Her work sits right at home with the likes of IPFS or Lelylan. Why now? That’s a great question! It’s clear that Margaret Runchey wrote “Model of Everything” that is no less complex than Blockchain Thinking, and that she actually founds the general idea of distributed transactional ledger with “transaction artifacts”. She, like “Satoshi”, emphasizes that “agreement is the unifying force”. Depending on how you define “transaction artifact” that could mean “longest chain” — but that’s really up in the air for a distributed network, though it seems fair to say that a “chain” is, in the broadest sense of things, a “transaction artifact” (any abstract document?). https://d262ilb51hltx0.cloudfront.net/max/600/1*7f_1bA_80U-y1wKPCLzZbA.png All the Turtles, All the Transactions She says: “Financial purposes, which represent operations as event transactions, are the basis of information architecture: the unitary term is a transaction that has a unique identifier as a property that differentiates it from all the other transactions. Everything is a transaction with properties.” But she also says: “Events come in two sizes: all in one, and one in all” and “Events come in two varieties: the first now, or incept, and other nows, or updates” which is not exactly “decide which arrived”. Runchey is saying there is First, and then every other transaction is Not-First (Updates). So she already has the idea of there being a canonical transaction that is shared throughout the set of collocated nodes. Who is she? But it seems there is a scant of information on her. Perhaps she is Satoshi Nakamoto? It’s obviously quite surprising that she has a patent for the same paper three times, on three different dates, roughly with the same contents and title. To be honest, Model of Everything looks like a “first draft” of the Bitcoin White Paper — where the Bitcoin White Paper just adds crypto-spices and “unstructured simplicity” (so it removes all the W3C “discoverability” kruft). Considering the relations to Microsoft… I wouldn’t be shocked if Bitcoin had been invented (along with Farsite), and Microsoft decided to delay it because Internet Explorer. Or, more generally, Microsoft thought decentralization of the Web would hurt their profit motive. Do you realize how many women who feel empowered, having such a role model as the Queen of the Crypto-Enlightenment? Whatever unfolds of this finding, I will forever call miners by their appropriate appellation — bitmints.
  9. 1 point
    We may never know but this author's claim does provide some strong evidence nonetheless an it was quite noteworthy news as S.N's identity is currently a mystery of our time; Why not speculate for curiosity's sake?
  10. 1 point
    Twarden

    Stuck with SnapSwap USD IOUs?

    JoelKatz wrote a great explanation for how to solve this issue on the official ripple forum.
  11. 1 point
    The minimalist client uses ripple-lib which is based on java-script and operates directly in a browser. Anyone can audit the full code which accesses all function before usage. The portions of the software which create new identities calls the generateAddress() method from ripple-lib without passing any arguments in his code which returns a new secret and public key-pair which is set to their respective fields within the web page. The portion of his code that deals with setting the secret is all handled within the browser an does not require access to the ripple network for the set identity function to work. The function jatchili created, pressSetIdentity(), will assign the secret key entered to a secret variable, checks if there is already an identity set an if true notifies the user if that condition is true, otherwise the script checks if the secret variable has been set an if that condition is true then the script checks the encoding of the user's inputted secret by checking for the correct character at the beginning of the secret for each possible encoding the secret could be in. The functions setOrdinarySecret, setRekeyedSecret, and setEncryptedSecret receive the secret variable to more user-defined functions which validate the user's secret to return a true or false return; For this portion of the script to set your identity, both the characters at the first position (0) and the validation from the secret validation functions must be true to hit a pass comment, which tells java-script to essentially do nothing and proceed to continue to wait for another event to occur. The last two else clauses at the end of this block ensure that the user either sets a valid secret (entered it wrong) or forgot to input their secret before pressing set identity.
  12. 1 point
    RafOlP

    Guide to Create Hot and Cold Wallets

    You can check the code, its opensource. And you can download the html file and run it from your machine.
  13. 1 point
    I don't know, folks, this paper is a depressing read if you think that Ripple will make it through enough regulatory hoops to make a difference, this year or next, or even beyond. Sure it can be used privately inside banks, but if you talk to bankers these days they will say they feel that they are compliance organizations who happen to accept deposits, so the chance for widespread public usage is probably years away. The Big 20 have paid $235 *billion* in fines just in the last 8 years, they're really not going to do anything to potentially increase that number. 95% of those fines were for practices where they could make money illegally (LIBOR, etc) and I don't see any way Ripple is a big illegal money maker for them.
  14. 1 point
    I haven't seen better homage to Sloth than his mural with Magnum PI, at the Burial Brewery in Asheville, NC.
  15. 1 point
    This is not true. You can have a chain specifically for inter-chain transactions, and it can be a side chain. Alternatively, market makers can perform cross-chain transactions and settle on a completely private system like CoinBase. Some of these things may or may not make sense, but you can do whatever makes the most sense, using the main block chain only where that is what makes the most sense.
  16. 1 point
    Dense legalese relating to Ripple? Already salivating ... Good find, thanks for posting. Sent from my iPad using Tapatalk
  17. 1 point
  18. 1 point
    JoelKatz

    Ripple's real competition?

    One possible plan for the project is to build a set of tools that could be assembled to form private/permissioned blockchain/ledger systems to meet a variety of use cases. Participants could, for example, build a proprietary blockchain solution around this toolkit. The project could also produce various functional units (such as optimized storage, smart contracts, or a reference consensus implementation) that participants could use to build proprietary blockchain systems.
  19. 1 point
    Nothing is 100% certain. You could get hit by a bus. If you die your ripple will be worthless to you. I know a few wealthy people who are so obsessed with the thought of losing their money that it consumes them and takes their happiness. Just do your best to be as secure as possible and enjoy life.
  20. 1 point
    It's kind of funny, I got the inside scoop from someone high up at the central bank in Canada and she said that all the banks are trying to get the seigniorage from the application of the technology. So I'd expect a lot of different coins will be issued, but the problem will be how they drive demand to generate revenue. And in this space anybody can come up with a coin but companies like Ripple are really innovating the ways it can be used within networks. Ripple has said that they are taking steps to make XRP more attractive and features like SUSpay just seem to knock any bank (thinking about seigniorage in a traditional sense) project out of the water. I wonder if ripple is really involved with this or is this another misprint?
×
×
  • Create New...