Tag: Multi

How to deal with browser navigation in multi step form with validation

I am not a designer nor UX person. I am implementing an application which has multi-step form. Imagine that in this form some steps (screens) need to be validated before person can proceed to next step.

The application has also its own prev/next buttons with progress (dots), showing the person remaining amount of steps needed to be taken.

I am having issue with how to deal with browser navigation. Ideally I want each step of the form to have its own URL. This means URL would control what is rendered (some data for the form is cached in the browser and prefilled for the user). But what happens when user uses browser navigation to visit an URL that should not be allowed?

Imagine following scenario:

I have screen 1 containing a form and screen 2 containing some content. User needs to fill the form in screen 1 to proceed to screen 2. Let’s say user fills the form and is redirected to screen 2. Now the user decides to go back, either by using application navigation or browser navigation (both is possible). The scenario which I’m trying to figure out is when user clears the form and uses browser back button. At this point the application is in invalid state.

How to deal with this? I don’t know what is the right approach. Maybe I should not let user go to URL that should not be visible to him and instead redirect him to screen 1? But that could be problematic as user would not get any indication.

Docker on host have multi ethernet

We were running a docker container on an host that had an eth1 and an eth2 interface. I configured source base policy-base routing so everything was working fine with the software that was installed on the host level communicating over either IP. However, I can’t communicate with a Docker container over the eth2 (non default interface).

I’m using debian 10 on host.

Thanks,

ldap – 389DS multi master replication with TLS

I would like to replace our existing Directory Server with 389DS multi master replication. Also TLS need to enable for sssd client configuration.

I have searched on internet and did single 389DS but I am not able to configure TLS properly. Could anyone can share me the link which I can refer for the same.

magento2.3 – Configuring Magento 2.3 MSI (Multi Source Inventory) with Multiple Stocks

I am trying to configure Magento MSI with Multiple Stock for a single Sales Channel but it only allows me to assign single stock to a sales channel. Based on Magento’s documentation, this is how it is expected to work. Is there a way I can modify this behavior to have multiple stocks assigned to a single sales channel?

https://docs.magento.com/user-guide/catalog/inventory-stock.html

Below is my scenario. I have three Vendors and each has its own warehouse. At a time, it only allows assigning Sales Channel to just one stock which is below screenshot is Vendor 1.

enter image description here

Thanks for your help!

multi signature – 2-of-2 with different wallets?

I’ve been using 2-of-2 on bitpay for some years, but relying on just one wallet, which can have its source code backdoored with malware, is very dangerous.

I’ve been researching about multisignature over different wallets, which makes it harder for these things to occur.

Electrum works with lots of other wallets but it’s very user unfriendly. The only other one I know is BlueWallet, but its package.json dependencis worry me a lot: https://github.com/BlueWallet/BlueWallet/blob/master/package.json#L67

What would be a good solution for multisignature over 2 different wallets?

Implementation level description of Multi tape Turing Machine

Consider the language A = {0k | k = n2 for some n > 0}. Provide implementation level description of multi-tape TM M such that L(M) = A.
I need answer on urgent basis

multi signature – Electrum: display redeem script of a P2SH utxo

I use Electrum with a multisig wallet. I would like to figure out how to prove ownership of a “coin”.

I understand that I need to share the whole redeem script so that it’s hash can be verified against the UTXO I want to prove ownership off. And then I need to sign a message using at least N of M (as defined when creating the multisig wallets) private keys corresponding to the public keys in the redeem script.

My question is how can I display the redeem script in Electrum, in a human readable way that allows to clearly identify N, M and all of the public keys?

How can I display the data structure encoding the redeem script on the blockchain, whose hash constitutes the ps2h address (without spending the UTXO)?

multi signature – How do I make multisig transactions using hardware wallets truly trust minimized?

Ben Kaufman did a tweetstorm on Twitter on the 10 rules for verification on a Bitcoin hardware wallet.

Rule #1: DO NOT TRUST THE COMPUTER SCREEN.

The very reason for using a hardware wallet is that your computer IS
compromised, trusting it makes using the hardware wallet an expensive
security theatre (or 2FA at best). Always verify on the HWW device
screen!

Rule #2: Verify your “receive” addresses BEFORE accepting funds.

A compromised computer can be tricked into displaying addresses that
belong to an attacker. The only way to make sure you own the addresses
is to display them on the HWW device and verify they match.

Rule #3: Verifying change address should be done by the device when sending funds, not before like receive addresses!

It is pointless at best, and misleading at worst, to verify them
beforehand like receive addresses. All hardware wallets support
verifying the change address belongs to you AT TIME OF SIGNING A
TRANSACTION. Verifying before that is pointless and error-prone.

Now let’s talk some multisig…

Rule #4: Verify the xpub of each hardware wallet used in a multisig quorum on the device it belongs to.

This is not 100% mandatory – but if you’re no expert – you really
should do it. If a hardware wallet doesn’t support displaying the
xpub, (like Trezor), it could be fine to just verify each address on
it – so long as you verify consistency on all other devices as well,
but I wouldn’t recommend such a device for non-experts.

Rule #5: Verify “receive” addresses on EVERY device of the multisig quorum.

This is especially true for at least one address (see next rule) but
recommended for all. If using a device that you haven’t verified the
xpub of on-screen, you should verify all receive addresses on it!

Rule #6: While it is best to verify each receive addresses on ALL devices in the multisig setup – you might choose to trust a specific
one, verifying the xpub/ first address on all – then the rely only on
the “trusted” device – ONLY IF YOU ALSO VERIFY XPUBS…

By that, I mean verify on the “trusted” hww used for general
verification, that the xpubs are consistent for all cosigners. This is
needed only once with wallets like ColdCard, Cobo Vault, Bitbox02, and
Specter DIY – since they allow saving the multisig xpubs on the
device.

With Trezor T – you have to verify the xpubs of cosigners every time –
which is why it’s not recommended for that purpose – with Trezor One
it’s simply not possible…

So while you might use a Trezor in a multisig, I would not recommend
it to non-experts.

Rule #7: Do NOT use Ledger in a multisig setup! (unless you are an expert or have a very good reason…)

Ledger currently does not allow verifying multisig addresses on the
device – nor displaying the XPUB on its screen.

This means you have no way to verify it was not swapped by an attacker
in your multisig setup – EVEN IF YOU DO A SUCCESSFUL TEST TRANSACTION!

It is still possible for a (very) sophisticated attacker to make you
think it worked, while it was him signing for you…

Rule #8: For convenience, you may print out/ write down a large batch of your receiving addresses – verify all at the same time, and
rely on that paper list for your day to day verification. This is very
useful for multisig! – where devices might be distributed in various
places.

Rule #9: Multisig change verification should be the same as with Rule #3 – on the device at the time of signing.

Popular devices (besides Ledger as said), can verify that the address
you send from and the change address used belong to the same multisig
wallet (from same xpubs).

If they fail to verify the change address – they will show it as a
standard, independent, recipient – in that case YOU SHOULD NOT MAKE
THE TRANSACTION. This is valid for both single sig and multisig!
(although even more relevant for the latter).

Rule #10: Hardware wallets cannot verify your balances – and that’s great!

Verifying balances requires getting information from the Bitcoin
network – i.e. you need to be online – which would make hww more
vulnerable… This is where a full node comes in!

It is strongly recommended that you run your own Bitcoin full node –
and use it as your main source for verifying your balances and
transaction history! For redundancy, you could double-check against
block explorers or another node (use a different device for either!).

One last thing: These rules apply to any device you use as a
segregated signing device – be it a “traditional” hardware wallet, an
airgapped laptop, a mobile phone etc.

If you want to separate your keys without having a security theatre,
you should verify on your signing device!

Please note: Some things here might not be fully accurate for the
expert user (especially around multisig address verification), but for
the less advanced users’ sake, I have tried to be on the safe side
when things get tricky…

Also check out some more info on multisig setups over at
https://btcguide.github.io (Michael Flaxman guide)

multi signature – Why is Public Key aggregation in MuSig described as a product of the public keys?

This is purely a matter of notation.

The points on the elliptic curve form a cyclic group. A group is a set with an associated identity element and a group operation. People need a symbol for that group operation. In some contexts it is more common to use an addition symbol (and multiplication representing repeated application of the group operation), and in other contexts it is more common to use a multiplication symbol (and exponentiation representing repeated application of the group operation).

Both notations are commonly used, and it has no effect on the actual operations. It’s just a question of how to write what. There are even somewhat heated debates on this topic. You may even notice one of the MuSig2 paper’s authors commenting in that thread.

One thing to point out that may explain this, is that the MuSig2 paper not ever mentions elliptic curves. It needs prime-ordered groups in which certain assumptions hold, but beyond that it could be any group – and the paper states, in Section 3.1, “The group G is denoted multiplicatively”. This is the case for most cryptography based on the discrete logarithm problem: it works for any group. And historically, the first type of groups used for this purpose were integers modulo a prime numbers (with certain other restrictions) – where multiplication is the obvious choice for the symbol. You may also notice it is called the “discrete logarithm” problem, and not the “discrete division” problem.

At the same time, in the context of elliptic curves, you’re right of course that the operation is called point addition – and repeated application of it is called point multiplication. I personally prefer it as well, as means you get a more obvious correspondence between scalar and group operations (e.g. s = k + H(R,P,m)x for computing a Schnorr signature vs s·G = k·G + H(R,P,M)·x·G = R + H(R,P,m)·P for verifying it, as opposed to Gs = R·PH(R,P,m) in multiplicative notation), and avoids sometimes nested layers of superscripts in typesetting.

sharepoint online – How to convert text to URL in multi line text

I’ve used the multi line text column in SharePoint, where I want the fields to be clickable.

and I used the following JSON:

{ 
    "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", 
    "elmType": "a", 
    "txtContent": "=if(@currentField=='','','Click Here')", 
    "attributes": {
        "target": "_blank", 
        "href": "=@currentField" 
    }
}

but I received the following error when I click on the link:

Sorry, something went wrong An unexpected error has occurred.
TECHNICAL DETAILS GO BACK TO SITE

and this the link:

https://universityoftripoli.sharepoint.com/sites/RC1/Lists/20201/%3Cdiv%20class=%22ExternalClass845D4BA456454283A4484A971DA3DE91%22%3Ehttps://universityoftripoli-my.sharepoint.com/personal/rcc_uot_edu_ly/Documents/Apps/Microsoft%20Forms/%D9%85%D8%B9%D8%A7%D9%8A%D9%8A%D8%B1%20%D8%A7%D9%84%D8%AA%D8%B5%D9%86%D9%8A%D9%81%20%D8%A7%D9%84%D8%A8%D9%8F%D8%B9%D8%AF%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20(Copy)%203/Question/%D8%AF.%D8%B9%D8%B2%D9%8A%D8%B2%D8%A9_AHLAM%20ELKHESHEBI.pdf%3C/div%3E

and my original link is:

​https://universityoftripoli-my.sharepoint.com/personal/rcc_uot_edu_ly/Documents/Apps/Microsoft%20Forms/%D9%85%D8%B9%D8%A7%D9%8A%D9%8A%D8%B1%20%D8%A7%D9%84%D8%AA%D8%B5%D9%86%D9%8A%D9%81%20%D8%A7%D9%84%D8%A8%D9%8F%D8%B9%D8%AF%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20(Copy)%203/Question/%D8%AF.%D8%B9%D8%B2%D9%8A%D8%B2%D8%A9_AHLAM%20ELKHESHEBI.pdf

enter image description here

This is a print screen of the Inspect Element