NXT :: descendant of Bitcoin - Updated Information

[brooklynbtc]

What actually makes NXT resistant against a +90% attack?

i think a big part is that no one can own 90%+ NXT without the others knowing.. the rest is transparent forging

A government, US, China, Russia, could make a huge investment in ASICS (USAF, Red Army OBVIOUSLY) and let them lurk until they felt the need to pump past 51% on a PoW coin. Bad day, E_War, etc.. then they just FUKCED UP the ecomony

But NXT, needs PoS so you have to OWN the coins, so unless all these people are selling to Galacto-Whales, we are safe, and even then, with TF, the nodes will be agreeing to multiple blocks orders in advance, so the 90%+ would have to commandeer those blocks in a row..

[Anon136]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

A federation could be fine but homogonizing all gatewayes is a VERY bad idea imo. It allows the externalization of costs from the maleficent actor to the good actors. Insurance allows the homogonization of certain actors into federations by pricing the risk so competative federations could be good, though one homogeneous asset would be terrible.

If all the gateways are issuing a BTC asset, why is it a bad idea that all gateway BTC assets are all equal to each other, eg BTC?

Also, if we had a multisig requirement for all withdrawals, would that minimize or eliminate the harm bad actors can do?

It there is something wrong, I would like to understand it and hopefully fix it. This is why I am asking

because Anon136BtcToken is not the same value as SuperScammerSamBtcToken. They are not homogeneous assets. The different risks need to be priced. Insurance companies can help to price in this risk and homogenize it, but if they are homogenizing extremely reliable assets with extremely risky assets than they are infact externalizing the cost of the risk from the risky actors onto reliable actors. They are causing the homodeneous asset to be more expensive than the reliable assets would have been by its self. This is a transfer of cost from superscammersam to anon136.

with that said there are certain advantages to federating. So even though the problem just described will always exist, if the difference in price between the more reliable asset and the less reliable asset is marginal than the advantages of homogeneity can outweigh the problem of externalized costs mentioned in the previous paragraph. Only when the discrepancy is marginal though.

thats why i some federating is good and too much is bad. as for clever scripted workarounds and stuff like that. Like smart contracted bonds or things, or DAC's that allow federation without externalizing costs, that stuff would be great if someone could figure it out. Until we get there though it would be wise to bear some of the previously mentioned things in mind.

Let say there are 5 reputable gateways that are part of the federation. Anybody is free to issue their own BTC, but the federation gateways would only honor the other federation members Assets. They share a single multisig acct for sweeping the deposits and 4+ sign off on withdrawals.

Do you know if this is even possible technically? If it is, wouldnt this provide a much better security for the end users as all the members of the federation are keeping tabs on each other. Kind of the peer verification model NXT nodes do, but at the critical point of withdrawing from the sweep acct.

its overloading my brain trying to figure it out. >.<

[Anon136]

Here are the next videos in the interview I did with Anon136:

What is the nxt arbitrary message system?
http://prisonorfreedom.com/what-is-the-nextcoin-nxt-arbitrary-message-system/

What Is A Nextcoin (NXT) Advance Hallmark?
http://prisonorfreedom.com/what-is-a-nextcoin-nxt-advance-hallmark/

What Is The Timeline For Nextcoin (NXT)'s Infrastructure & Feature Development?
http://prisonorfreedom.com/what-is-the-timeline-for-nextcoin-nxts-infrastructure-feature-development/

I still have more video footage to come so stay tuned...

Tai Zen

Jeez we sure did cover a lot of ground didnt we. It felt like it flew by at the time.

[delulo]

What actually makes NXT resistant against a +90% attack?

Don't know if this answers your question in full, but some relevant discussion here:
https://asktom.cf/index.php?topic=364218.0

Is there any page / post in there that addresses this question in particular?

[User705]

BTC $350 at Gox. Wow.

Good time to buy some cheap NXT.  

[Anon136]

What actually makes NXT resistant against a +90% attack?

What's a 90% attack?

in essence the idea is that we could fork away and invalidate the stake of the attacker. where as with bitcoin you can not invalidate someones asics. technically though the abandoned fork would be nxt and the new fork would be nxt2. so if you want to be super literal than nxt isnt technically 90% resistant. Also this would only work if the attackers were being obvious. If they were clever about it than it would be very difficult to say conclusively enough that they were malicious. So nxt is kind of resistant to certain kinds of 90% attacks.

[Asian Prepper]

Here are the next videos in the interview I did with Anon136:

What is the nxt arbitrary message system?
http://prisonorfreedom.com/what-is-the-nextcoin-nxt-arbitrary-message-system/

What Is A Nextcoin (NXT) Advance Hallmark?
http://prisonorfreedom.com/what-is-a-nextcoin-nxt-advance-hallmark/

What Is The Timeline For Nextcoin (NXT)'s Infrastructure & Feature Development?
http://prisonorfreedom.com/what-is-the-timeline-for-nextcoin-nxts-infrastructure-feature-development/

I still have more video footage to come so stay tuned...

Tai Zen

Jeez we sure did cover a lot of ground didnt we. It felt like it flew by at the time.

That's only half of it.  I still have half more to edit and still working on it.

I'm getting good feedback on it though because people like to associate a face with nxt.

Tai Zen

[allwelder]

5 thousand NXT to the person who would talk to BTER owner in Chinese and solve my problem, I need my 100k NXT.

I can help you freely if you need.

[allwelder]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

Keep in mind this is the first step on the path toward fully automated DAC gateways. Also, to remove the confusion that is inherent in having many different Assets that are all representing the same thing I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.

I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.

So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.

This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.

No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.

Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.

I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works

James

P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!

IMO,it is like XRP gateway.Right?

[Anon136]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

Keep in mind this is the first step on the path toward fully automated DAC gateways. Also, to remove the confusion that is inherent in having many different Assets that are all representing the same thing I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.

I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.

So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.

This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.

No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.

Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.

I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works

James

P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!

IMO,it is like XRP gateway.Right?

just like it only without a central point of weakness

[User705]

What actually makes NXT resistant against a +90% attack?

What's a 90% attack?

in essence the idea is that we could fork away and invalidate the stake of the attacker. where as with bitcoin you can not invalidate someones asics. technically though the abandoned fork would be nxt and the new fork would be nxt2. so if you want to be super literal than nxt isnt technically 90% resistant. Also this would only work if the attackers were being obvious. If they were clever about it than it would be very difficult to say conclusively enough that they were malicious. So nxt is kind of resistant to certain kinds of 90% attacks.

What possible purpose would that serve?

[Anon136]

Here are the next videos in the interview I did with Anon136:

What is the nxt arbitrary message system?
http://prisonorfreedom.com/what-is-the-nextcoin-nxt-arbitrary-message-system/

What Is A Nextcoin (NXT) Advance Hallmark?
http://prisonorfreedom.com/what-is-a-nextcoin-nxt-advance-hallmark/

What Is The Timeline For Nextcoin (NXT)'s Infrastructure & Feature Development?
http://prisonorfreedom.com/what-is-the-timeline-for-nextcoin-nxts-infrastructure-feature-development/

I still have more video footage to come so stay tuned...

Tai Zen

Jeez we sure did cover a lot of ground didnt we. It felt like it flew by at the time.

That's only half of it.  I still have half more to edit and still working on it.

I'm getting good feedback on it though because people like to associate a face with nxt.

Tai Zen

im glad to hear you are getting good feedback. i haven’t gotten much myself.

[jl777]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

Keep in mind this is the first step on the path toward fully automated DAC gateways. Also, to remove the confusion that is inherent in having many different Assets that are all representing the same thing I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.

I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.

So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.

This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.

No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.

Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.

I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works

James

P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!

IMO,it is like XRP gateway.Right?

just like it only without a central point of weakness

And fully automated gateways that automatically peer review each other AND is guaranteed to be 100% backed by actual BTC and nobody has to fiddle with trustlines, etc. This is just like XRP except everything is better!

Since nobody that knows exactly how multisig works, I will try to read up on it and see if this really does the trick. If it does, that means we get somewhat decentralized automatic gateways that we can can trust. All the gateway deposits and withdrawals will be publicly viewable, so there are no controversies in that area. If ever anything like lophie is going happened, it would just be a matter of looking in the NXT blockchain, reparse the AM's and find out where it went.

We probably need to have some sort of manual "fix it" mechanism, but this should be a pretty rare event. All the gateways would have to work together to clear this up. Maybe all minus 1, in case one of the gateways goes MIA, wouldn't want all the funds to become inaccessible. Maybe a deadman's switch can be invoked in case one of the gateways goes away and the key delivered to an independent party. I heard about an electronic escrow service that can be setup for this.

Notice that even if one of the gateways goes defunct, nobody loses anything. At that point, the missing gateways passkey  would be used one last time to transfer all the funds to a new account with appropriate new multisig signers. So no gateway can withdraw any money that all the other gateways dont approve. It seems safer than any centralized exchange to me, but I hope someone more versed in this stuff will comment.

The more I think about this, the more I think it could work. I just wish I knew more details about how multisig works...

James

[Anon136]

What actually makes NXT resistant against a +90% attack?

What's a 90% attack?

in essence the idea is that we could fork away and invalidate the stake of the attacker. where as with bitcoin you can not invalidate someones asics. technically though the abandoned fork would be nxt and the new fork would be nxt2. so if you want to be super literal than nxt isnt technically 90% resistant. Also this would only work if the attackers were being obvious. If they were clever about it than it would be very difficult to say conclusively enough that they were malicious. So nxt is kind of resistant to certain kinds of 90% attacks.

What possible purpose would that serve?

sure so like if some group of people formed a cartel with 90% of the stake and started forging empty blocks. we could just fork away and invalidate their stake.

[Anon136]

i understand how multisig works. thats not the confusing part. its the idea of people honouring each others obligations and doing multisig. when i think of federating i think of people honouring each others agreements but then clearing their balances with each other periodically. so like if you and i federated and we issued 10 silver bars each. and then all 20 bars were redeemed through my gateway. you would owe me 10 silver bars. you would send the bars and then the balances would be cleared. we were able to federate because i trusted you.

oooh i get it now. i see why the wires were getting crossed. if you did a multisig account you wouldn’t be federating you would be incorporating!

[lophie]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

Keep in mind this is the first step on the path toward fully automated DAC gateways. Also, to remove the confusion that is inherent in having many different Assets that are all representing the same thing I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.

I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.

So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.

This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.

No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.

Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.

I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works

James

P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!

IMO,it is like XRP gateway.Right?

just like it only without a central point of weakness

And fully automated gateways that automatically peer review each other AND is guaranteed to be 100% backed by actual BTC and nobody has to fiddle with trustlines, etc. This is just like XRP except everything is better!

Since nobody that knows exactly how multisig works, I will try to read up on it and see if this really does the trick. If it does, that means we get somewhat decentralized automatic gateways that we can can trust. All the gateway deposits and withdrawals will be publicly viewable, so there are no controversies in that area. If ever anything like lophie is going happened, it would just be a matter of looking in the NXT blockchain, reparse the AM's and find out where it went.

We probably need to have some sort of manual "fix it" mechanism, but this should be a pretty rare event. All the gateways would have to work together to clear this up. Maybe all minus 1, in case one of the gateways goes MIA, wouldn't want all the funds to become inaccessible. Maybe a deadman's switch can be invoked in case one of the gateways goes away and the key delivered to an independent party. I heard about an electronic escrow service that can be setup for this.

Notice that even if one of the gateways goes defunct, nobody loses anything. At that point, the missing gateways passkey  would be used one last time to transfer all the funds to a new account with appropriate new multisig signers. So no gateway can withdraw any money that all the other gateways dont approve. It seems safer than any centralized exchange to me, but I hope someone more versed in this stuff will comment.

The more I think about this, the more I think it could work. I just wish I knew more details about how multisig works...

James

Hello guys, I woke up from my slumber . I had the pleasure to fiddle with multisig a little. What you are suggesting (automatic gateways), are NOT applicable. The closest you can reach to automation is that every stake holder that you require his/her signature must have a signing bot or a signing mechanism that is online 24/7, But then again if it is 100% automated....... which trust 5 and not only one? it would certainly make things faster and easier!

If it is about trust then yes, no one can steal and if ONE refused to sign, the coins are as good as burned.

[jl777]

i understand how multisig works. thats not the confusing part. its the idea of people honouring each others obligations and doing multisig. when i think of federating i think of people honouring each others agreements but then clearing their balances with each other periodically. so like if you and i federated and we issued 10 silver bars each. and then all 20 bars were redeemed through my gateway. you would owe me 10 silver bars. you would send the bars and then the balances would be cleared. we were able to federate because i trusted you.

oooh i get it now. i see why the wires were getting crossed. if you did a multisig account you wouldn’t be federating you would be incorporating!

I am probably using the wrong terminology, looking at https://en.bitcoin.it/wiki/Contracts#Example_2%3a_Escrow_and_dispute_mediation

makes my head hurt. I am not sure if a transaction can be passed from one party to the next, each adding a signature, without being privy to any of the other signatures. If that is possible, then the only way a withdrawal is authorized is if enough of the group approve it.

I am not caring about the specific method, the key is to require a trustless way that all (or all - 1) members of the group need to securely sign it before it gets disbursed.

James

P.S. Will my silver bars have a nice NXT logo on them?

[User705]

What actually makes NXT resistant against a +90% attack?

What's a 90% attack?

in essence the idea is that we could fork away and invalidate the stake of the attacker. where as with bitcoin you can not invalidate someones asics. technically though the abandoned fork would be nxt and the new fork would be nxt2. so if you want to be super literal than nxt isnt technically 90% resistant. Also this would only work if the attackers were being obvious. If they were clever about it than it would be very difficult to say conclusively enough that they were malicious. So nxt is kind of resistant to certain kinds of 90% attacks.

What possible purpose would that serve?

sure so like if some group of people formed a cartel with 90% of the stake and started forging empty blocks. we could just fork away and invalidate their stake.

Who is we?  What would be the point if "we" only has 10%?  Also why is it 90% and why would they forge empty blocks?  Other then forging empty blocks what can 90% stake do that's not agreeable to the minority?

[jl777]

you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.

It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.

If I read this right - 'No escrow' or atomic completion?
so buyer beware....

Keep in mind this is the first step on the path toward fully automated DAC gateways. Also, to remove the confusion that is inherent in having many different Assets that are all representing the same thing I think it is crucial that we consolidate all assets of the same denomination to a single community asset. This will allow all users to go to a single asset name within AE for BTC and ALL the bids and asks for BTC within AE will be for BTC backed by the federation of gateways. All the federation members take blood oaths, trade first born children, etc. so they work out a way to trust each other. This shifts the risk of choosing the right gateway from the hapless end user who has no clue which gateway is better to each gateway itself. A much better chance of making correct decisions. In the event one of the gateways is lacking somehow, the other gateways could require posting of a bond to cover the risk.

HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.

I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.

So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.

This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.

No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.

Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.

I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works

James

P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!

IMO,it is like XRP gateway.Right?

just like it only without a central point of weakness

And fully automated gateways that automatically peer review each other AND is guaranteed to be 100% backed by actual BTC and nobody has to fiddle with trustlines, etc. This is just like XRP except everything is better!

Since nobody that knows exactly how multisig works, I will try to read up on it and see if this really does the trick. If it does, that means we get somewhat decentralized automatic gateways that we can can trust. All the gateway deposits and withdrawals will be publicly viewable, so there are no controversies in that area. If ever anything like lophie is going happened, it would just be a matter of looking in the NXT blockchain, reparse the AM's and find out where it went.

We probably need to have some sort of manual "fix it" mechanism, but this should be a pretty rare event. All the gateways would have to work together to clear this up. Maybe all minus 1, in case one of the gateways goes MIA, wouldn't want all the funds to become inaccessible. Maybe a deadman's switch can be invoked in case one of the gateways goes away and the key delivered to an independent party. I heard about an electronic escrow service that can be setup for this.

Notice that even if one of the gateways goes defunct, nobody loses anything. At that point, the missing gateways passkey  would be used one last time to transfer all the funds to a new account with appropriate new multisig signers. So no gateway can withdraw any money that all the other gateways dont approve. It seems safer than any centralized exchange to me, but I hope someone more versed in this stuff will comment.

The more I think about this, the more I think it could work. I just wish I knew more details about how multisig works...

James

Hello guys, I woke up from my slumber . I had the pleasure to fiddle with multisig a little. What you are suggesting (automatic gateways), are NOT applicable. The closest you can reach to automation is that every stake holder that you require his/her signature must have a signing bot or a signing mechanism that is online 24/7, But then again if it is 100% automated....... which trust 5 and not only one? it would certainly make things faster and easier!

If it is about trust then yes, no one can steal and if ONE refused to sign, the coins are as good as burned.

I am assuming that regardless of how cumbersome the process is, that we can automate it by passing the required info via AM. Might take a few blocks to get through the whole process, but it is worth it for what we get.

Once we can figure out a cumbersome manual process that solves the requirements, we automate it.

Instead of unanimous, just do N - 1. Or 2/3'rds. also I heard there was a way to have an electronic escrow so that if a certain event happened or didnt happen, a message is delivered. We can set up a dead man's switch so that if a gateway disappears, their key is sent to an independent trusted party. Or maybe under some scenarios, the key can be recovered. Not sure about this. Getting a bit late and not the best time for complicated scenarios

[jl777]

This seems somewhat relevant to the current discussion here: https://asktom.cf/index.php?topic=462236.60

I saw that, havent fully digested it, but it sure seems to indicate that we can solve this!

It does seem that even without using zeroknowledge proofs or indistinguishability obsfucators, there are some pretty useful things that can be done with bitcoin scripts as it is. Until now I didnt realize all the flexibility bitcoin has built into the payment mechanism. https://en.bitcoin.it/wiki/Contracts#Example_2%3a_Escrow_and_dispute_mediation

Rather than have me bumble around trying to figure out how to set up the details, maybe I can write out the requirements and somebody experienced with this can figure out how best to implement it.

I will use a specific number of 5 gateways, but of course it can be more (but probably not less). All these gateways will run the same software so they are all in agreement about what to do, the only difference is that each server will have a different private key that is only accessible to that gateway's trusted personel. For each withdrawal 4 of the 5 gateways would need to independently and securely approve the payment, which will be made by the gateway selected by the user.

The issues I see are:
a) how does the selected gateway securely get the approvals from the other gateways, since the different gateway servers are presumably in totally different locations.
b) there must be other problems, but I am not sure what they are

Since all gateways commit to running the same software, the moment any of the gateways start doing unexpected things, the other gateways can take corrective action.