network – Did the FIBRE protocol reduce the occurrence of chain forks?

Is Fibre protocol deserved for rare temporary forking? If blocks are propagate that fast, there are less chances for temporary fork to happen and even if it do, they are short (small length)? Miner can fast continue to work on (what it seems to him) block head of the chain?

Well the point is that a miner can more quickly switch to a new block that has been found on the network. The time a miner spends on building on top of block A, while a block B has already been found by someone else, is very likely a waste of money and energy.

Note that this is not just in the interest of the miner, but of the entire network: a hypothetical 51% attacker is not subject to these losses, as they only build on top of their own blocks. Thus, faster propagation of blocks on the network means that this advantage 51% attackers have over honest miners is reduced.

Is Fibre protocol deserved why mining difficulty is pretty much the same across the network (I assume it’s the same, otherwise it would be problematic, right)? If difficulty changes after 2016 blocks on average and block propagation is fast, everyone can adjust their mining difficulty pretty easy and there wont be much difference inside the network (most of the nodes will up to date)?

No, difficulty is not a function of time, but of the previous blocks. So regardless of which block a miner is working on, they always know exactly what the difficulty of that block needs to be (as they have the block’s ancestors).

Better block propagation means they can switch to the next block faster, along with the difficulty change that that entails, however.

PS: Note that as of September 2020 the public FIBRE network is no longer operational, and I don’t know if any private deployments exist.

network – Are my assumptions for benefits of Fibre protocol correct?

Is Fibre protocol deserved for rare temporary forking? If blocks are propagate that fast, there are less chances for temporary fork to happen and even if it do, they are short (small length)? Miner can fast continue to work on (what it seems to him) block head of the chain?

Well the point is that a miner can more quickly switch to a new block that has been found on the network. The time a miner spends on building on top of block A, while a block B has already been found by someone else, is very likely a waste of money and energy.

Note that this is not just in the interest of the miner, but of the entire network: a hypothetical 51% attacker is not subject to these losses, as they only build on top of their own blocks. Thus, faster propagation of blocks on the network means that this advantage 51% attackers have over honest miners is reduced.

Is Fibre protocol deserved why mining difficulty is pretty much the same across the network (I assume it’s the same, otherwise it would be problematic, right)? If difficulty changes after 2016 blocks on average and block propagation is fast, everyone can adjust their mining difficulty pretty easy and there wont be much difference inside the network (most of the nodes will up to date)?

No, difficulty is not a function of time, but of the previous blocks. So regardless of which block a miner is working on, they always know exactly what the difficulty of that block needs to be (as they have the block’s ancestors).

Better block propagation means they can switch to the next block faster, along with the difficulty change that that entails, however.

PS: Note that as of September 2020 the public FIBRE network is no longer operational, and I don’t know if any private deployments exist.

tpm – Are there any communication protocol other than TLS?

TLS can be interpreted as “Authenticated Key Exchange” protocol.
Are there any other way to establish secure channel (producing shared secret after handshake) other than TLS?

I’ve always heard the advise “don’t roll your own crypto”, which just translate to use TLS instead. Does it means that the whole security community does not have any other solution than TLS?

Put in this way, do we have any proof existed, that key exchange must be “authenticated”, and that authentication must be derived from shared certificate or shared secret; otherwise secure channel can not be created.

Are there any way to create secure channel from unauthenticated channel or from anonymous channel or from direct attestation?

Is there any other protocol in use besides a "Gossip protocol"

I’m interesting is there any other protocol that is being used inside Bitcoin network besides "Gossip"? And if there is, in which layer of communication and for which purpose is being used? Thanks!

protocol – Candass Idiōt brain

There is a dumba** low IQ idiot named Candass Owens. I don’t know what her problem is.

What is that contard even thinking? She pimps out for idiots. Her ideology always loses. She would enslave herself if she lived 2 centuries ago to please her master.

She needs to go to a mental hospital. Now!!

Why Kerberos protocol defines two servers? [migrated]

If someone can implement the all the functionalities that Authorization server and Ticket Granting Server in one server, why not do it?

DeFiXy Protocol Announces Its Product Offerings – Cryptocurrencies Corner

8hSvsgZ.png

The growth of the blockchain industry seems not to slow down anytime soon. The blockchain technology has enabled both individuals and institutions to create different decentralized projects with the intention of making life more meaningful to the human race. However, due to some complexities and inherent challenges, the unbanked members of the public are completely shut out from enjoying the benefits of blockchain solutions. 

In light of the above, the team behind DeFiXy Protocol is pleased to announce its product offering geared towards the unbanked members of the public to empower them and onboard them to take advantage of blockchain technologies or solutions. The mission of the team is to successfully onboard underserved or unbanked crypto communities with ease so that they can take a step further into the future. 

What You Will Get With DeFiXy Protocol?

DeFiXy Protocol has exciting features that crypto users and newcomers will find pleasing. Some of the features are P2P Marketplace, where crypto enthusiasts can trade different cryptocurrencies in a decentralized manner. Users can set up mini-markets to give inexperienced ones a legwork. Other features are lending and borrowing, where users can take loans with competitive interest rates to implement their private projects. 

The interest rate depends on the users’ collateral blend ratio. Lastly, DeFiXy Protocol offers debit card integration, where you can spend your cryptocurrencies directly to buy goods or pay for services. Once the project has been launched, tokens would be available for purchase on exchanges. About 4 million tokens would be released initially for stakers to invest. 

About DeFiXy Protocol

DeFiXy Protocol is a blockchain-powered Amazon-like platform for everyday crypto-asset users and newcomers. The goal of the project is to empower the unbanked members of the public by bridging the gap between the crypto space and the fiat-driven economy. 

DeFiXy Protocol promises to be rewarding, as their P2P marketplace would allow users with reputation and collateral to set up their own mini marketplace where they serve the less experienced users. In addition, all the features of the project are highly decentralized to enable users to enjoy top-notch payment services.

DeFiXy Features:

1. P2P market place (exchange): Where individuals can trade crypto-assets in a decentralized manner. The main feature of the P2P market-place are as follows:

• The ability of users to create trades or setup barter between any pair of whitelisted asset, even between assets that defer in blockchain and also between a whitelisted asset and any of the supported fiats. 

• Individuals with staked assets can create mini-kiosk within the platform, offer customized products and services to other users. Such kiosk owners enjoy a share of the transaction fees accumulated on the platform among other benefits.

2. Staking 2.0: The staking feature offered by DeFiXy protocol provide users with different reward thresholds, these thresholds are functions of two variable, the lockup duration τ measured in days and the dynamic demand-supply (δd δs (t)) factor of the asset staked. 

• The protocol also offers lockup buyout. With this, an individual who initially staked his/her 

• Assets for a duration (say 30 days lockup) can unstake prematurely but the action incurs a lockup buyout fee.

3. DeFi services: DeFiXy protocol offers DeFi services such as lending and borrowing. Users can take out collaterized loans with competitive interest rates. The rates for borrowers and lenders are determined by the users collateral blend ratio (βr).

• Since the loans offered do not have maturity period, there are no late payments but the borrower can setup a periodic payment that are deducted automatically in any of the supported assets or fiats as specified by the borrower.

• Similarly, a lender can lend asset on a flex period lending mode or on a fixed period lending mode. With the latter offering a better interest rate.

4. Debit Card Integration: After meeting the regulatory requirement of target regions, 2 DeFiXy protocol will integrate card payment solutions which will allow users to directly spend crypto assets.

DeFiXy protocol will implement all the said features with the average individual with little to no blockchain understanding in mind. The platform will integrate user interface that are highly user-friendly. Individuals will be able to interact with the platform in a smooth and seamless manner, even those that are new to the space.

Important Notes:

ICO: There was no ICO, and there will be no ICO. Also no early investor that can dump on the Market.

How to purchase: The tokens will be available for purchase on exchanges after the platform release in 5 to 6 weeks’ time.

Supply will be limited to about 4 million at launch. While stakers can get up to 50% staking rewards, no definite lockup required, longer the staking is for, the higher the rewards rate (dynamic rewards).

Circulating supply will remain 4,000,000 + claimed rewards by holders until main features are Integrated, this include DeFi (lending and borrowing) and decentralized P2P market-place.

Further information at: 


Website:
https://defixy.com/

Medium:
https://medium.com/@DeFiXy/introducing-defixy-protocol-94fd3b572949

protocol – How exactly does “CoinDance” determine the current number of public Bitcoin nodes?

On this URL: https://coin.dance/nodes

It says how many public Bitcoin nodes are currently active in the world, and how many Bitcoin Core ones.

While it’s good that I can grab these numbers from that webpage, I’d like to know how exactly they determine this, and if it’s simple, I’d like to calculate it myself rather than relying on a third party which could disappear tomorrow or lie to me or have a bug or anything.

Is this simple to determine? What steps have they likely taken to calculate this? Does it involve scanning every public IP address in the world repeatedly and checking for listening Bitcoin ports? If so, I’ll probably leave it to them as I don’t need to emit that kind of insane amount of traffic from my home… not to mention it would probably require me to use tons of IP addresses lest I want to get banned from various network and thus get inaccurate statistics.

Or does Bitcoin Core itself have this information baked in? Does the Bitcoin network send around an integer saying how many nodes there are to each other as part of the protocol, and I can just use the RPC API to my local Bitcoin Core to get this info?

web browser – Does this registry entry for implementing custom protocol handlers in Windows present a security risk?

Background

Some features are not yet available on the web platform and thus require cooperation with a native application in order to provide them. One method for a web application and a native application to communicate with each other is a custom protocol handler.

For instance, the web application can call “mycustomproto://some/params”, where “mycustomproto” must first be registered with the operating system as a valid URI protocol. On Windows, this is done in the registry. There are a few keys/subkeys/values etc that must be added to the registry, but only one actually deals with specifying the executable and it’s parameter(s).

Note that once the protocol handler is registered with the operating system, it can be launched by any website that knows of its existence, subjecting it to potential abuse.


Example Windows registry value for this purpose

All of the examples that I’ve found documenting this show the following:

C:myapp.exe “%1”


Primary Question

Assuming that the registered handler (e.g. “myapp.exe”) has zero possible security flaws, is the above example registry value sufficient for ensuring that malicious websites are unable to piggyback additional commands and/or arguments?


Clarifications

  • For the purpose of this question, please assume that the protocol handler (e.g. “myapp.exe”) is incapable of exposing vulnerabilities of its own – it’s idle – it launches, does nothing, and quits. This question is specifically related to the browser and/or OS and the “execution” of this registry value.
  • Can malicious actors somehow escape out of the “%1” double quotes and cause the browser and/or OS to run additional commands (e.g. && C:Win32do-something-malicious.example.exe)?
  • Similarly, can malicious actors somehow send additional arguments to the protocol handler? Or does the “%1” ensure that the handler will only ever receive a single argument?
  • If this registry value is insufficient to only ever call the protocol handler (and nothing more) with a single argument, is there a better way?

swift – Protocol with generic array-like property

I’m creating a protocol to abstract different models (hand-crafted, decodable, and thrift-generated) like so:

protocol FeedItemModeling {
    var text: String? { get }
    var url: URL? { get }
}

protocol FeedModeling {
    var items: (FeedItemModeling)? { get }
}

This would work great except that thrift models aren’t using a basic array, but a TList which conforms to RandomAccessCollection among other things. Since both Array and Tlist conform to RandomAccessCollection, I’m trying to change the protocol definition to:

Attempt A)

var items: RandomAccessCollection<FeedItemModeling>? { get }

which gives the error: “Cannot specialize non-generic type ‘RandomAccessCollection’.” I assume it’s because associatedtype is a half-baked generics in the sense that it can enforce constraints internally in the protocol itself, but isn’t exposed externally; meaning that in our case, RandomAccessCollection‘s associatedtypes are resolved within RandomAccessCollection but there’s no way for FeedModeling to access it?

Attempt B)

var items: RandomAccessCollection? { get }

gives “Protocol ‘RandomAccessCollection’ can only be used as a generic constraint because it has Self or associated type requirements” and loses the constraint on FeedItemModeling anyway.

Attempt C)

associatedtype C: RandomAccessCollection
var items: C? { get }

works, but we lost the constraint on FeedItemModeling, so that’s not acceptable.

Attempt D)

associatedtype C: RandomAccessCollection
var items: C<FeedItemModeling>? { get }

gives “Cannot specialize non-generic type ‘Self.C’.” I assume it’s for the same reason as above?

Attempt E)

associatedtype C<E>: RandomAccessCollection where E: FeedItemModeling
var items: C? { get }

gives “Associated types must not have a generic parameter list”. I assume it’s because now there’s a constraint on a constraint, which can’t be expressed this way?

Attempt F)

typealias C<E> = RandomAccessCollection
var items: C<FeedItemModeling>? { get }

gives: “Protocol ‘RandomAccessCollection’ can only be used as a generic constraint because it has Self or associated type requirements”. Same reason?

Attempt G)

associatedtype FeedItemModelingList = RandomAccessCollection where RandomAccessCollection.Element: FeedItemModeling
var items: FeedItemModelingList? { get }

gives “Associated type ‘Element’ can only be used with a concrete type or generic parameter base”. I don’t understand this one; please let me know why?

Attempt H)

protocol FeedItemModelingList: RandomAccessCollection {}
...
var items: FeedItemModelingList? { get }

gives: “Protocol ‘FeedItemModelingList’ can only be used as a generic constraint because it has Self or associated type requirements”.

Attempt I)

protocol FeedItemModelingList: RandomAccessCollection where Element == FeedItemModeling {}
...
associatedtype L = FeedItemModelingList
var items: L? { get }

seems to work (so far), but is really a clusterf*. Any better idea?