Logged Conversation (all times UTC)
[00:27] <stellar-slack> @buhrmi: Use NFC tags or QR codes. Or use both. Encrypt the seed, and store.
[00:30] <stellar-slack> Something like this one -> http://buynfctags.com/nfc-pvc-card-ntag213/
[00:30] <stellar-slack> Slap a QR code sticker on top of that.
[00:58] <stellar-slack> so if this is they way to sign with two sigs if I hold both of them but what if the other key ac2 is held by someone else, how do they also sign the envelope? tx.to_envelope(*[ac1, ac2])
[00:59] <stellar-slack> you send the envelope to them
[01:01] <stellar-slack> I'll try that so what's the method to sign an evelope?
[01:01] <stellar-slack> https://github.com/stellar/js-stellar-sdk/tree/master/docs#multi-sig-rpc
[01:07] <stellar-slack> cool thanks that gives me a clue at least
[01:08] <stellar-slack> fakeRPCSigner takes an envelope, signs it, and hands it back
[01:10] <stellar-slack> envelope.addSigner(ac1) ; envelope.addSigner(ac2) is maybe what I'm thinking
[01:11] <stellar-slack> so these partly sighned transacations aren't stored on the stellar network?
[01:12] <stellar-slack> no that is you building the tx to submit
[01:15] <stellar-slack> @sacarlson: nothing happens with the network until server.submitTransaction()
[01:16] <stellar-slack> right but I would have thought there would already be infrastructure in place to setup an exchange of partly signed transactions
[01:18] <stellar-slack> this is how I presently sign when I hold two keys: envelope = tx.to_envelope(keypair1,keypair2)
[01:20] <stellar-slack> there’s plenty of infrastructure. homing pigeons, smoke signals, jungle drums, telegraphs, fax machines, phone calls, text messages. even internet.
[01:22] <stellar-slack> well the first part is figureing out how to sign the envelope on two different lines. the rest I'll figure out later
[01:38] <stellar-slack> @dzham: i mean i want a physical object that stores the neccesary info to sign a transaction
[01:38] <stellar-slack> @dzham: qr code cant do it
[01:39] <stellar-slack> like a verible?
[01:39] <stellar-slack> like a magnetic bank card
[01:40] <stellar-slack> oh ya a qr code can do that
[01:40] <stellar-slack> printed on a paper
[01:40] <stellar-slack> yeah but anyone who snaps a pic of the qr code has my secret seed
[01:41] <stellar-slack> true then a smart card or just a usb flash drive then
[01:42] <stellar-slack> with a properly programed smart card it can even sign transactions no they key never leaves the card
[01:42] <stellar-slack> yeah i wanna do that
[01:43] <stellar-slack> but that's way above my paygrade
[01:43] <stellar-slack> mine too
[01:43] <stellar-slack> need money lol
[01:44] <stellar-slack> got to have money to even have a paygrade so I guess I flunked
[01:44] <stellar-slack> @buhrmi: which is why you store it encrypted, just like your http://launch.stellar.org|launch.stellar.org wallet
[01:45] <stellar-slack> you mean encrypted as in "requires password to decrytpt"
[01:45] <stellar-slack> yes, so you’ve got 2FA — card/QR-code + password
[01:46] <stellar-slack> not sure what the 2FA part is
[01:46] <stellar-slack> dont like "password" as a factor... maybe find something else
[01:46] <stellar-slack> DNA scan?
[01:46] <stellar-slack> haha
[01:46] <stellar-slack> two factor authentication… something you have, something you know
[01:47] <stellar-slack> finger print
[01:47] <stellar-slack> some laptops have the fingerprint reader built in
[01:47] <stellar-slack> neither of which are passwords
[01:50] <stellar-slack> the vault that I was reading is setup with two key authentication, neather is setup to sign a transaction on this account alone
[01:51] <stellar-slack> you hold one key, the server has the other that you never had. when you ask to sign some thing the server responds with sending you an sms to verify you are you then it continues to be the second signer
[01:54] <stellar-slack> Yeah, you could still use something like that for added security (even if sms supposedly are easy to intercept/redirect). That would be on a per-account basis. The NFC/QR-thing would be for protecting a secret key. And that key could be tied to multiple accounts.
[01:56] <stellar-slack> I’d probably use Google Authenticator instead
[01:57] <stellar-slack> might this be a method to sign a tx with two keys on two lines? tx.sign(ac1) ; tx.sign(ac2)
[02:02] <stellar-slack> it's seems to be valid in the ruby-stellar-base that you can sign a tx in this way, so I'm down to weather I can sign a tx more than one time this way. so we will trial and error as I find no examples
[02:08] <stellar-slack> nope {"status"=>"ERROR", "error"=>"AAAAAAAAAAr/////AAAAAf////8AAAAA"}
[02:21] <stellar-slack> so we now know that the envelope stores the sigs not the tx
[02:41] <stellar-slack> @sacarlson: You’re in Thailand right? What’s the status regarding "working online” there nowadays?
[02:42] <stellar-slack> ...as a foreigner
[02:43] <stellar-slack> what they don't know can't hurt you. just don't tell them
[02:44] <stellar-slack> OK, I thought I read some news about changes, but that might have been somewhere else
[02:44] <stellar-slack> we should start a commune here with a bunch of programes, that would be cool and cheap
[02:45] <stellar-slack> that’s what me and a buddy of mine set out to do when we move to the Philippines.
[02:46] <stellar-slack> ya how was that? some of my friends like it more than here
[02:46] <stellar-slack> girls speak better english there
[02:47] <stellar-slack> well, I’m still here four years later :) it’s alright. I met a girl. my buddy went back home. nobody else joined us.
[02:48] <stellar-slack> oh I thought you were in canada
[02:48] <stellar-slack> is the infrastructure ok like internet speeds, power stable? people rob you ?
[02:49] <stellar-slack> funny you should mention robberies… I got robbed my first night here, but since then I’ve been fine
[02:49] <stellar-slack> power is OK, internet sucks
[02:50] <stellar-slack> internet speed here is good, power has started to become unstable here over the past few weeks. almost always an outage about every 6 months for at least 1 hour or more
[02:50] <stellar-slack> I’m on dual 5mbps lines (for redundancy), $70 per month
[02:50] <stellar-slack> I have a single line 12mb for about $36
[02:51] <stellar-slack> I had two line for a bit but droped the tot that was so poor at fixing the problem I had
[02:52] <stellar-slack> tot at like 4mb is like $15 but they suck if it breaks
[02:53] <stellar-slack> I had tot for 3 months after it broke and they never fixed. when I had it canceled they still tried to bill my account that I had to close at the bank to stop them from taking my money
[02:55] <stellar-slack> now for redundancy we have good 4G wireless
[02:57] <stellar-slack> I've been robed 2 times here over the past 13 years. but the trick is don't cary a bag they think has something in it. no roberies in over 8 years now
[02:58] <stellar-slack> What if the bag itself is super expensive
[02:58] <stellar-slack> Carry it in a cheap bag
[03:02] <stellar-slack> no they seem to look at size and expect a white boys to be carring expesive cameras and such
[03:03] <stellar-slack> they were disapointed that all I had was $3 worth of baht and a baby rabit I had planed to sell to pay for the rest of the beer for that night
[03:03] <stellar-slack> I got to keep the rabit, they didn't want it
[03:04] <stellar-slack> I ended up selling the rabit for $3 so still had beer money
[03:12] <stellar-slack> There's a market for rabbit?
[03:12] <stellar-slack> How many CHP for 1 RABBIT
[03:13] <stellar-slack> I would sell them from 100 - 200 baht depending on what it looked like my buyer would give me
[03:14] <stellar-slack> Lol u sell them as food?
[03:14] <stellar-slack> CHP are worthless so would take infinite>
[03:14] <stellar-slack> no as pets, well they could do what they want with them but the girls love flufy things
[03:14] <stellar-slack> Maybe. Unless people like your poker and want to have CHP to play it
[03:15] <stellar-slack> ya good point that would be cool, I could just issuer infinite amounts of CHP and live on that
[03:17] <stellar-slack> Yeah
[03:17] <stellar-slack> Well u have to be careful not to inflate
[03:19] <stellar-slack> ya set it up like my beertokens exchange bot that just keep it stable by having the bot buy and sell them between a price range
[03:20] <stellar-slack> up until the point you buy them all back or run out of the other fiat currency needed to keep it stable
[04:22] <stellar-slack> ok I'm getting close now, must be a better way but this seems to work to add a key sign to an envelope
[04:23] <stellar-slack> problem with this one is that at present it only accepts 2 sigs, so next step is to allow it to add to an env that already has 2 or more sigs in it
[04:24] <stellar-slack> I'm sure later I will find that there was already a better way to do this that was already done
[05:00] <stellar-slack> so this is what I came up with to allow an envnvelope that already has multiple sigs in it to be signed by as many more keys as you want to add
[05:02] <stellar-slack> so the next step is to figure out how the users will pass the tx and env packages to each other so each can sign them and finaly submit it
[05:27] <stellar-slack> I was hoping for some kind of peer to peer exchange of the tx and envelope data in some way without the need for them to be sent to some central server database
[05:28] <stellar-slack> but that might be asking for too much
[06:03] <stellar-slack> how do I check the weights on a multisig account without having to bloody run my own stellar-core instance?
[06:04] <stellar-slack> I'm not sure, I don't think it's yet present in horizon, ya we should add them
[06:05] <stellar-slack> Oh, I hate how bloody opaque everything in stellar-core is compared to stellard
[06:05] <stellar-slack> at least I can run stellar-core, I failed in my attempts to run stellard that took all my mem
[06:06] <stellar-slack> Multisig worked perfectly a couple of months ago
[06:06] <stellar-slack> stellar-core takes almost nothing at this point
[06:06] <stellar-slack> it is working my multisig is now fully functional
[06:06] <stellar-slack> I try it out today, create an account, it says “A-OK”, then continue to pay out anyway with only one signature
[06:07] <stellar-slack> is this on stellar-core or stellard?
[06:07] <stellar-slack> core
[06:07] <stellar-slack> oh then maybe the js-libs are mest up but the core is working with ruby
[06:08] <stellar-slack> you have an account you want me to check to see what it has in the core db?
[06:09] <stellar-slack> Oh, that would be nice.. let me check
[06:09] <stellar-slack> GC4NMBNICOOCIYM3FXZYPYYF3AYV6IRT54YEYQTB5S5U7FV5WIJQWVX2
[06:09] <stellar-slack> let take a peak
[06:10] <stellar-slack> ya it's present last on the list with public key GAFWKOCQ56W75OVLUJGDBIJFLGIX3FS63HLN7XO45LTYGTLVVWGDHE2N wait of 1
[06:11] <stellar-slack> it’s the correct public key at least
[06:12] <stellar-slack> both keys should have a weight of 1. then low:1, medium:2, high:2
[06:12] <stellar-slack> and medium is payment, no?
[06:13] <stellar-slack> I'm not sure I assume payment at high
[06:13] <stellar-slack> not sure what low and med are for
[06:14] <stellar-slack> yeah, either way, payment shouldn’t work with only one sig, and it did :S
[06:15] <stellar-slack> oh I had the oposite problem I locked my account as I created med 2 high 2 but only had one sig so never could access anything ever as far as I know
[06:15] <stellar-slack> I had to trash the account and start a new set
[06:16] <stellar-slack> oh my low is 0
[06:16] <stellar-slack> so try that
[06:17] <stellar-slack> I think low at one means anyone of the accounts can sign it
[06:18] <stellar-slack> but I'm still a bit confused until I start to play with it to verify
[06:18] <stellar-slack> low: allow trust, high: anything related to changing signers, and weights, medium: everything else
[06:20] <stellar-slack> well what you might have found in writing may not be the case but that's good to know to see if it is true
[06:20] <stellar-slack> @dzham: "I’ll add signer and threshold information to go-horizon today, so that the `/accounts/:id` endpoint returns that info" -- @scott
[06:20] <stellar-slack> does that help? ^^
[06:20] <stellar-slack> ya he did mention that yestarday
[06:20] <stellar-slack> yeah baby!
[06:21] <stellar-slack> that would be exactly what I need
[06:27] <stellar-slack> Ah! Got it! The names of the threshold variables has changed!!1!1
[06:28] <stellar-slack> I think with that info I should write another function called envelope_authorized?(env) that will look at what keys are present in the env and see what present total the weights of the sigs are to decide if it's ready for submit
[06:29] <stellar-slack> is the horizon importer able to read the dumped history files?
[06:29] <stellar-slack> from amazon
[06:29] <stellar-slack> @sacarlson: that’s not such a bad idea!
[06:30] <stellar-slack> again it probly exists but I have no clue
[06:30] <stellar-slack> you sometimes get a better understanding when you write it yourself anyway
[06:31] <stellar-slack> @sacarlson: if you want to know if your tx is good enough to submit, you can just submit it to stellar core and check the response -.0
[06:33] <stellar-slack> true maybe even easier oh but mine has all the info local not that it make any diff
[06:33] <stellar-slack> ah right, unless you do it for understanding reasons... or something
[06:34] <stellar-slack> but with mine I guess I could isolate what sig is missing to see if I can fetch it
[06:35] <stellar-slack> oh and merge envelopse can we do that?
[06:36] <stellar-slack> newenv = env_merge(tx,env1, env2)
[06:37] <stellar-slack> if that works maybe that's the way, you send out the tx to all the partys, they all send back there sighned envelope to some center of the group. he mergers all of them until it good to submit
[06:38] <stellar-slack> I’m not sure how big the envelopes would be, but all you need to send back are the signatures themselves
[06:39] <stellar-slack> ya I think you right
[06:39] <stellar-slack> so merge sigs
[06:40] <stellar-slack> you posted the struct before, env = tx + array of sigs
[06:40] <stellar-slack> envelope = sig_merge(tx,sig1,sig2..)
[06:40] <stellar-slack> yes
[06:41] <stellar-slack> oh so with env merge you would only need newenv = env_merge(env1,env2...)
[06:42] <stellar-slack> can't hert to have both functions just in case
[06:56] <stellar-slack> when I send a bad not fully authorized transaction does that not get recorded on stellar-core?
[06:57] <stellar-slack> I think it does, if that's the case maybe others detect his attempt pull the unfinished transaction and also sign it and resubmit it until unuf sigs are present for it to be authorized
[06:59] <stellar-slack> I'm hoping this is the case, then no other centralization is needed
[07:00] <stellar-slack> but in any case I think it's above my paygrade again
[09:33] <stellar-slack> address tx history :) http://open-core.meteor.com/accounts/GDVXG2FMFFSUMMMBIUEMWPZAIU2FNCH7QNGJMWRXRD6K5FZK5KJS4DDR
[09:35] <stellar-slack> doesn't work from here
[09:37] <stellar-slack> works here
[09:37] <stellar-slack> yes now working here also, maybe internet problems on my side
[09:44] <stellar-slack> site loading is a bit slow cause of the real time connections being set up between browser -- america -- tokyo
[09:44] <stellar-slack> should move hosting to tokyo too
[09:45] <stellar-slack> if you happen to be in the thailand ... lol you go all around the world
[10:15] <stellar-slack> in the event we take the path of mergeing envelopes I created this
[10:15] <stellar-slack> maybe I should rename it to envelope_merge(*envs)
[10:16] <stellar-slack> since envelopes are what we now normally send as transactions this might be the path I end up using
[10:23] <stellar-slack> to share signed tx with possible groups of keys for multi-sign transactions
[10:33] <stellar-slack> i like sending envelopes
[10:49] <stellar-slack> I did some research on p2p broadcast but it doesn't look good from what I can see, so a temp server base for the collection of multi-sig transactions might be it. how about collect them on yours site buhrmi
[10:50] <stellar-slack> @sacarlson: did you try the rpc thing? sending the envelope to someone else, and getting it signed?
[10:51] <stellar-slack> rpc I'll have to look that up
[10:51] <stellar-slack> remind you my poker has 10 players
[10:51] <stellar-slack> rpc = remote procedure call, if my memory isn’t off
[10:52] <stellar-slack> p2p multisig
[10:52] <stellar-slack> is that a part of horizon or ??
[10:53] <stellar-slack> @sacarlson: yeah why not. what exactly do you want to collect / display?
[10:53] <stellar-slack> no… it’s what we were talking about before… sending your envelope to someone else, and have them sign their part of it
[10:56] <stellar-slack> yes I under stand that is just organizing an uncentralized group of 10 people to all exchange some small data structure with each other, each sign it and recentralize it and submit it
[10:56] <stellar-slack> rpc from what I just read " sends a request message to a known remote server"
[10:57] <stellar-slack> in this case we are all just remote nodes with changing ip address that one day want to play
[10:58] <stellar-slack> but if centralized it the solution then I just need someone to provide the stable ip that all meet and exchange
[10:59] <stellar-slack> like we did in early bitcoin we used IRC to first link up
[11:01] <stellar-slack> some standardized protocol and point of how to setup a group to setup the exchange is what I'm looking for ideas
[11:08] <stellar-slack> XMPP if people are online? 3rd party server if not?
[11:08] <stellar-slack> xmpp i'll look it up, yes they are all online
[11:09] <stellar-slack> XMPP is the IM protocol behind jabber
[11:09] <stellar-slack> that sounds promissing
[11:17] <stellar-slack> I don't see anything wrong with xmpp so far. I'll see what kind of support they have for it in ruby
[11:20] <stellar-slack> I did have another thought though as I see we do have a collection of the IP now seen in on stellar-core net. we could also use those ip with some random selected port that we standardize as used for multi-sign servers. but I'm going to take a close look at xmpp first
[11:21] <stellar-slack> I’ll probably use XMPP for my wallet
[11:21] <stellar-slack> cool
[11:22] <stellar-slack> I already see it has good ruby support libs
[11:23] <stellar-slack> oh and we have the domain in stellar-core that we can use as the address for xmpp
[11:31] <stellar-slack> i can add multi sign support on my site if you want
[11:31] <stellar-slack> how to create the base tx that needs to be signed?
[11:33] <stellar-slack> I published two examples but they are in ruby
[11:36] <stellar-slack> the base is the envelope or transaction envelope not sure what's it called
[11:36] <stellar-slack> yeah i know how to add signers to an envelope, but where does the envelope come from?
[11:37] <stellar-slack> in ruby I can create an empty one with env = tx.to_envelope()
[11:37] <stellar-slack> well empty of keys
[11:38] <stellar-slack> yeah but what's the contents?
[11:38] <stellar-slack> the contents is the tx transaction and an array of a group or posible group of keys
[11:38] <stellar-slack> can be one key or no keys
[11:39] <stellar-slack> okay but the "tx transaction" must come from somewhere, no?
[11:41] <stellar-slack> yes I guess it can come from anyone
[11:41] <stellar-slack> hmm
[11:42] <stellar-slack> I'm sorry I guess to start you need to create a multi-sig account
[11:42] <stellar-slack> with that you can create multi-sig transactions with signers that are in that account
[11:43] <stellar-slack> this is an example of creating an account with 3 signers https://github.com/sacarlson/stellar_utility/blob/master/create_multi-sign_account.rb
[11:46] <stellar-slack> the other half of that is an example that uses those accounts to create a simple multi-sig transaction that requires 2 of the 3 signatures to allow a transaction as seen in this example https://github.com/sacarlson/stellar_utility/blob/master/sign_multi_sign_transaction.rb
[11:46] <stellar-slack> that's the best I can explain it
[11:49] <stellar-slack> I'll later create an example more like what I plan to use that has 10 signers, after everyone signs it the master can then set the thrshold and they can then all deposit there funds safely into the pot without any of the 10 taking the funds
[11:50] <stellar-slack> untill they setup a transaction that sends the money to the winner. this tx will have to be signed by all in the game before they can submit it and the transacation is sent to the winners account
[11:53] <stellar-slack> to complicate it more as any one player drops out the group can have his key deleted from the poll account but not before they change the thrshold on the account
[11:55] <stellar-slack> sounds complicated
[11:55] <stellar-slack> hopefully it will all be transparant to the players, all done automated
[11:58] <stellar-slack> why do you need to drop keys? as long as you have a signed tx out of the pot-account it shouldn’t matter, no?
[12:01] <stellar-slack> i don't understand any of this lol
[12:02] <stellar-slack> you’ve got ten player account plus the pot
[12:02] <stellar-slack> the pot is a 10-of-10 multisig account
[12:02] <stellar-slack> the player is gone out of the game he will go see his girl friend and never sign the pot over to the winner when he wins
[12:03] <stellar-slack> yes but some players loose all there money before others so drop out of that game
[12:03] <stellar-slack> nevermind, yeah, you’d need to know the size of the pot, of course :S
[12:03] <stellar-slack> when that happens we can setup 9 of 10 or 8 of 10 to allow someone droping out and we still having control of the pot as a group
[12:04] <stellar-slack> but cant’ you just let each player that’s still in the game sign a bunch of tx’s?
[12:04] <stellar-slack> we will then delete those that are no longer in the game as they have no rights to sign it with none of there assets in it
[12:04] <stellar-slack> everytime the pot size changes, everyone just signs tx’s to all the remaining players
[12:05] <stellar-slack> i think "The pot" should just be an automated account ....
[12:05] <stellar-slack> but not multi-sign
[12:05] <stellar-slack> each player has weight of 1 if we start it with threshold of 8 to be safe at least 8 have to sign to move the money
[12:06] <stellar-slack> automated account? it will be automated, the pokerthacc will detect that the player lost and will perform the transactions transparant to the players
[12:07] <stellar-slack> how else can you protect the funds if not with multi-sign
[12:09] <stellar-slack> "everytime the pot size changes, everyone just signs tx’s to all the remaining players " ya that sounds good but it's still multi-sig
[12:10] <stellar-slack> that's basicly the way it works now with no multi-sig
[12:25] <stellar-slack> imma going back to trade beers and sausages
[12:26] <stellar-slack> good idea
[12:26] <stellar-slack> I'm going to rest my eye and watch some tv
[12:27] <stellar-slack> k... if u want u can help me betatest the UI ... wanna make it more intuitive to trade beers and sausage
[12:27] <stellar-slack> ...later
[12:27] <stellar-slack> i relieved you from the promised 3 beers by wiping the database
[12:28] <stellar-slack> lol
[17:25] <stellar-slack> RFR: https://github.com/stellar/ruby-stellar-base/pull/13
[20:57] <stellar-slack> More RFR: https://github.com/stellar/js-stellar-base/pull/36
[21:09] <stellar-slack> scott: lmk when all the fixes are in for this change and then we will update testnet
[21:10] <stellar-slack> will do. It’s going to take a bit yet (i.e. I might not get it done today). The go changes and stellar_core_commander changes are taking a bit longer than expected
[21:14] <stellar-slack> k
About StellarVerse IRC Logger
StellarValue IRC Logger
is part of