Start Free Bitcoin Mining, Best Bitcoin Cloud Miner (2020 ...

NiceHash - buy & sell hashing power

NiceHash offers you to buy or sell hashing power directly, no contracts, no limitations, pay-as-you-go if you're a buyer and be-paid-as-you-go if you're a seller. Why bother renting rigs, when you can rent hashing power? NiceHash brings more to renters and rig owners. Visit https://www.nicehash.com today! Simply create order and you are already mining your favorite coin or point your rig to our stratum server and you are already earning bitcoins.
[link]

About Ethereum mining pitfalls, risks, and threats

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to ethereum [link] [comments]

Gridcoin 5.0.0.0-Mandatory "Fern" Release

https://github.com/gridcoin-community/Gridcoin-Research/releases/tag/5.0.0.0
Finally! After over ten months of development and testing, "Fern" has arrived! This is a whopper. 240 pull requests merged. Essentially a complete rewrite that was started with the scraper (the "neural net" rewrite) in "Denise" has now been completed. Practically the ENTIRE Gridcoin specific codebase resting on top of the vanilla Bitcoin/Peercoin/Blackcoin vanilla PoS code has been rewritten. This removes the team requirement at last (see below), although there are many other important improvements besides that.
Fern was a monumental undertaking. We had to encode all of the old rules active for the v10 block protocol in new code and ensure that the new code was 100% compatible. This had to be done in such a way as to clear out all of the old spaghetti and ring-fence it with tightly controlled class implementations. We then wrote an entirely new, simplified ruleset for research rewards and reengineered contracts (which includes beacon management, polls, and voting) using properly classed code. The fundamentals of Gridcoin with this release are now on a very sound and maintainable footing, and the developers believe the codebase as updated here will serve as the fundamental basis for Gridcoin's future roadmap.
We have been testing this for MONTHS on testnet in various stages. The v10 (legacy) compatibility code has been running on testnet continuously as it was developed to ensure compatibility with existing nodes. During the last few months, we have done two private testnet forks and then the full public testnet testing for v11 code (the new protocol which is what Fern implements). The developers have also been running non-staking "sentinel" nodes on mainnet with this code to verify that the consensus rules are problem-free for the legacy compatibility code on the broader mainnet. We believe this amount of testing is going to result in a smooth rollout.
Given the amount of changes in Fern, I am presenting TWO changelogs below. One is high level, which summarizes the most significant changes in the protocol. The second changelog is the detailed one in the usual format, and gives you an inkling of the size of this release.

Highlights

Protocol

Note that the protocol changes will not become active until we cross the hard-fork transition height to v11, which has been set at 2053000. Given current average block spacing, this should happen around October 4, about one month from now.
Note that to get all of the beacons in the network on the new protocol, we are requiring ALL beacons to be validated. A two week (14 day) grace period is provided by the code, starting at the time of the transition height, for people currently holding a beacon to validate the beacon and prevent it from expiring. That means that EVERY CRUNCHER must advertise and validate their beacon AFTER the v11 transition (around Oct 4th) and BEFORE October 18th (or more precisely, 14 days from the actual date of the v11 transition). If you do not advertise and validate your beacon by this time, your beacon will expire and you will stop earning research rewards until you advertise and validate a new beacon. This process has been made much easier by a brand new beacon "wizard" that helps manage beacon advertisements and renewals. Once a beacon has been validated and is a v11 protocol beacon, the normal 180 day expiration rules apply. Note, however, that the 180 day expiration on research rewards has been removed with the Fern update. This means that while your beacon might expire after 180 days, your earned research rewards will be retained and can be claimed by advertising a beacon with the same CPID and going through the validation process again. In other words, you do not lose any earned research rewards if you do not stake a block within 180 days and keep your beacon up-to-date.
The transition height is also when the team requirement will be relaxed for the network.

GUI

Besides the beacon wizard, there are a number of improvements to the GUI, including new UI transaction types (and icons) for staking the superblock, sidestake sends, beacon advertisement, voting, poll creation, and transactions with a message. The main screen has been revamped with a better summary section, and better status icons. Several changes under the hood have improved GUI performance. And finally, the diagnostics have been revamped.

Blockchain

The wallet sync speed has been DRASTICALLY improved. A decent machine with a good network connection should be able to sync the entire mainnet blockchain in less than 4 hours. A fast machine with a really fast network connection and a good SSD can do it in about 2.5 hours. One of our goals was to reduce or eliminate the reliance on snapshots for mainnet, and I think we have accomplished that goal with the new sync speed. We have also streamlined the in-memory structures for the blockchain which shaves some memory use.
There are so many goodies here it is hard to summarize them all.
I would like to thank all of the contributors to this release, but especially thank @cyrossignol, whose incredible contributions formed the backbone of this release. I would also like to pay special thanks to @barton2526, @caraka, and @Quezacoatl1, who tirelessly helped during the testing and polishing phase on testnet with testing and repeated builds for all architectures.
The developers are proud to present this release to the community and we believe this represents the starting point for a true renaissance for Gridcoin!

Summary Changelog

Accrual

Changed

Most significantly, nodes calculate research rewards directly from the magnitudes in EACH superblock between stakes instead of using a two- or three- point average based on a CPID's current magnitude and the magnitude for the CPID when it last staked. For those long-timers in the community, this has been referred to as "Superblock Windows," and was first done in proof-of-concept form by @denravonska.

Removed

Beacons

Added

Changed

Removed

Unaltered

As a reminder:

Superblocks

Added

Changed

Removed

Voting

Added

Changed

Removed

Detailed Changelog

[5.0.0.0] 2020-09-03, mandatory, "Fern"

Added

Changed

Removed

Fixed

submitted by jamescowens to gridcoin [link] [comments]

Ethereum mining pitfalls, risks, and threats

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to gpumining [link] [comments]

Technical: The Path to Taproot Activation

Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it!
(If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?)
(Pedants: I mostly elide over lockin times)
Briefly, Taproot is that neat new thing that gets us:
So yes, let's activate taproot!

The SegWit Wars

The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions.
So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!

BIP9 Miner-Activated Soft Fork

Basically, BIP9 has a bunch of parameters:
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two.
A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this.
So, first some simple questions and their answers:

The Great Battles of the SegWit Wars

SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain).
So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%.
Thus were the Great SegWit Wars started.

BIP9 Feature Hostage

If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage.
You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever.
With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you.
This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.

Covert ASICBoost

ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere
Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected.
Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway.
Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost!
But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage).
Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit.
Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!

UASF: BIP148 and BIP8

When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit.
Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit.
This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core.
Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout).
BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled.
This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9.
Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.

BIP91, SegWit2X, and The Aftermath

BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community.
One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym.
The text of the NYA was basically:
  1. Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
    • When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
  2. If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91.
Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit.
Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X).
This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists.
Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.

Taproot Activation Proposals

There are two primary proposals I can see for Taproot activation:
  1. BIP8.
  2. Modern Softfork Activation.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout)
So let's take a look at Modern Softfork Activation!

Modern Softfork Activation

This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
  1. First have a 12-month BIP9 (fail at timeout).
  2. If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
  3. Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation.
The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.

PSA: Being Resilient to Upgrades

Software is very birttle.
Anyone who has been using software for a long time has experienced something like this:
  1. You hear a new version of your favorite software has a nice new feature.
  2. Excited, you install the new version.
  3. You find that the new version has subtle incompatibilities with your current workflow.
  4. You are sad and downgrade to the older version.
  5. You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
  6. You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system.
And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk.
Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations.
So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
  1. One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
  2. The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist.
Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems.
When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well).
This recommendation is from gmaxwell on IRC, by the way.
submitted by almkglor to Bitcoin [link] [comments]

MTRG - 900K mcap - Partners with Matic for the future of DeFi

Meter Network just amnounced their partnership with Matic Network to capitalize on the budding Stablecoin industry on these emerging networks!
Read more here: https://www.meter.io/meter-matic-partnership/?utm_source=reddit&utm_medium=social&utm_campaign=metermaticpartnership
In case you missed it, the Meter Network launched its Governance token IEO in lottery style on Gate.io at $0.5. It's back to $0.5 on the markets now from its ATH after launch at $2.78. Excellent entry price for this groundbreaker project backed by heavyweights the likes of Pantera Capital, DHVC & ecosystem partners like chainlink and more!
We all know USD Tether, no 3 in global marketshare, owns a huge 90% of all stable coins totalling 10 billion in marketcap! Like every other stablecoin out there, it is vastly centralized and the cause for much worry and doubt (esp between warring governments and institutions).
Dai, a decentralized alternative on the other hand, eats into a multimilliondollar share, but its PoS nature is also a huge cause for worry.
Now the Meter team, a distinguished team of high laurels, created the Meter token (MTR) which is a unique Proof of Work blockchain where every Meter metered out (pun intended ;) is worth & pegged to 10KW of power ensuring the stablecoin has a consistent value and with more miners and a vast network this is better stable model than fiat currencies..
The Meter (MTR) blockchain is a stablecoin asset faster than Bitcoin and Ethereum, although the team has completed an exclusive MTRG-erc20 & MTR-erc20 bridge so MTR can be intergrated into ETH defi, and similar users and holders can have the added convienence to store MTR or MTRG in their popular erc20 wallets. More of these bridges by the team will allow for MTR PoW stablecoin to be intergated into other top blockchains like Matic, Elrond and more!
(NOTE: The Meter blockchain is 100x faster than Ethereum.)
The Stablecoin market is rising fast and many in traditional finance (like JP Morgan) believe it will rival/surpass Bitcoin in marketcap and we all know Bitcoin is just getting warmed up.
It is truly unique and decentralized in its proposition, tokenomics and operations, so i won't be surprised to see more listings on cremé de la cremé exchanges very soon.
it may very well dethrone USDT, which no other stablecoin asset (centralized or otherwise) has been able to do.
MTRG's present 2.3mil marketcap is peanuts when considering this governs a stablecoin asset with all the right partnerships & a 40 mil max supply released over the next...wait for it...200 years!!!
This is early days of its ascent and popularity as the only PoW secure network surpassing bitcoin in speed and decentralization, and ofcourse Stability.
Suicide Stack : 350 mtrg
The Meter Governance token, both $MTRG and metastable (i.e.stable in relation to all currency) $MTR is available on Gate.io
https://gate.io/trade/mtrg_usdt
And these pairs are also available at MXC, and Hoo.com!
and (unofficially at Bilaxy).
https://bilaxy.com/trade/MTRG_USDT
Learn more about MTR and MTRG below.
https://www.meter.io website https://t.me/Meter_IO telegram https://discord.gg/XZgZsCn discord ‎https://twitter.com/Meter_IO twitter
submitted by koininsider to CryptoMoonShots [link] [comments]

Mining pitfalls, risks, and threats in Ethereum network

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to CryptoCurrencies [link] [comments]

Top 5 Misconceptions About Blockchain

When we are faced with a new technology, we often look for analogies to understand and describe it. To bridge the knowledge gap, we seek analogies from the universe concepts familiar to us.
In our search for the right analogies, we often risk misunderstanding this new technology. Blockchain technology has introduced a paradigm shift in the way we organize ourselves to generate, account for, transfer and store value. Yet, we are still in early stages of understanding its importance.
In this post I will try to shed light on the top 5 major misconceptions about digital assets and about the open blockchain—a technology that underlies them.
1. Blockchain, not bitcoin
This misconception stems from failing to realize why blockchain exists in the first place. In essence, blockchain is a shared ledger designed to function in an extremely hostile, open environment. It derives its value from the security of its tamper-proof records.
In the blockchain networks powered by proof-of-work (PoW) algorithms, that security is achieved by miners competing to solve a computationally intensive puzzle. The miners do this with the expectation of receiving a digital token as a reward. This digital token can be freely redeemed for fiat currency to cover their operating costs and generate profits. These open systems are designed in such a way that value of their token ultimately dictates the level of security of their network.
When we decouple the concept of blockchain from its underlying token, it simply wipes out most, if not the entire, value proposition the blockchain as a concept.
Implementing blockchain as a token-less system of recordkeeping within a single company is perhaps the prime example of this misconception. Such an endeavor fails to use one of the most valuable properties of the open blockchain. Implementing a blockchain solution in such settings may even be counter-productive especially when better alternatives exist, in the form of databases with proper access control.
Blockchain could be useful in a commercial setting where a consortium of companies decides to use a single ledger to keep track of important transactions. An example of such transactions could be shares of companies that are traded on Wall Street millions of times each day. These transactions are reconciled periodically between the financial institutions by a trusted third-party entity, which could be ultimately replaced by a blockchain-based protocol at a fraction of their cost. That said, these systems may never become as secure and tamper-proof as the open blockchain as the security of the network depends on the number of its minestaking nodes.
2. Exchange Hacks = Digital Assets Are Not Secure
Centralized digital asset exchanges are popular avenues for exchanging digital assets for currencies such as USD or other digital assets. However, their design creates a system of incentives for external or internal actors to compromise them.
When we hear about exchange hacks in the digital asset space, it almost always involves compromising the security of an entity that operates within the traditional server-client architecture. However, the mainstream consciousness conflates the digital exchange security with that of technology that underlies digital assets. Holding a digital asset in a cold storage is extremely secure. Holding it in an exchange is not.
3. Blockchain has low TPS, hence it will never compete with or replace traditional financial infrastructure
Traditional financial systems process a vast number transactions every day. This transaction processing capacity is called throughput and is measured by a metric called transactions per second (TPS). Payment networks such as Visa claim to process up to 56,000 TPS, while traditional exchanges are likely to have much higher capacity to process transactions to accommodate high-frequency trading.
Today, the Bitcoin network processes around 4-5 transactions per second while the second largest digital asset network—Ethereum processes around 15. If we compare the current state of the blockchain technology to the demands of the global financial industry, it is easy to see why such claims could be justified. However, this is a myopic view of this new technology, very much akin to the way Kodak dismissed digital cameras as a potential threat to its business model.
It failed to recognize (i) the speed at which digital cameras would develop and (ii) the fundamental shift the digital cameras introduced in the way we take and store pictures, despite being the company that invented digital cameras in 1975. As the history shows, that was Kodak’s grave mistake.
It is hard to ignore the historical parallels here. The digital asset space is evolving fast. The next-generation networks, which operate under the proof-of-stake consensus mechanism, preserve the securities of proof-of-work, but do away with its capacity limitations. A notable example of that is Cardano. These new networks also represent a shift in the global economic paradigm that many do not seem to notice.
4. Digital Assets Have No Intrinsic Value
The concept of intrinsic value, or lack thereof, is often used to describe digital assets as a purely speculative asset class. While this may apply, with some justification, to digital assets which only claim to function as money, such claims fail to capture the wider nature of platform-based digital assets, which derive their value from the direct use of their networks.
In digital asset platforms like Cardano or Algorand, the native token gives the holder the right to participate in the consensus of the network through the process of staking. The consensus mechanism secures the network, maintains the decentralized ledger, enables participation in the governance of the network and can sustain myriads of decentralized applications with real-world utilities.
Put simply, digital tokens may derive their value from the economic activity that takes place on their networks. The economic activity on such networks, in turn depends on the security of the network, its technical capabilities, its transaction fees and the real-world utility of decentralized applications that reside on them. In that respect, they can be thought of as a new kind of financial instrument. The kind that seamlessly combines the properties of currencies, commodities, and shares of ownership into a single digital token.
These new instruments require that we develop and apply new analytical frameworks to value them, much like the concepts of equities and derivatives did when they first emerged as new financial instruments.
5. Developed Economies Do Not Need Blockchain Technology Because They Have Well-Established Financial/Commercial Solutions.
While it is easy to see how the blockchain technology could unlock a lot of value in the emerging markets, the idea that developed economies do not benefit from this technology is short-sighted.
It is akin to saying that cell phones are a great technology for emerging markets, but developed markets already have land lines, hence do not need them. In a similar vein, we could argue that developed countries do not need internet because most of what internet could do already exists in analog form.
We have to realize that (i) at its core, blockchain is a paradigm-shifting infrastructure/technology and (ii) despite its nascent stage, blockchain is extremely cost-effective… To a degree that it has the capacity to fundamentally disrupt a slew economic sectors out of existence, from banking to real estate, and create new ones.
When we accept this eventuality, we will have to face some uncomfortable truths that many sectors will not exist in their current form or entirely disappear. Currently these sectors provide economic value, employment and generate taxes. If some blockchain-based solution is to replace them in 3-5 years, where would that value migrate? Losing them to open blockchain networks would not be acceptable politically or economically for many developed countries.
One way out of this could be for developed countries to invest in national networks, allowing them to reap the benefits of this new technology, while retaining value from economic activity of their citizens and companies within their jurisdictions.
Another, more realistic way, would be to invest heavily into friendly legal frameworks that would encourage both individuals and companies that would ultimately develop or maintain open blockchain protocols migrate to these jurisdictions, drawing in talent, capital and innovation.
One thing is becoming increasingly clear: we can no longer ignore the elephant in the room. Much like digital cameras and internet itself, blockchain is unstoppable.
If you like this article and would like to have access to our in-depth research in the future, please consider staking with skylight pool (tickers SKY and SKY2). We are working hard to create a suitable space on pooltool.io to disseminate our research to our verified stakeholders.
Connect with us:
Twitter: u/RealSaidov
TG: u/SkyLightPool
Website: skylightpool.com
submitted by SkyLightPool to cardano [link] [comments]

About problems of Ethereum miners

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to ethtrader [link] [comments]

Ethereum mining pitfalls, risks, and threats

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to Metaverse_Blockchain [link] [comments]

Ethereum mining pitfalls, risks, and threats

Bitcoin miners are massively switching to Ethereum. According to 8btc estimates, the payback period for a Bitcoin miner is 600 days, while for the same metric on Ether it only takes 200 days. But this goodness won’t last forever. Read about what threatens the development of Ethereum below.
Hardware and Filling – Halfway to Success
Experienced folks advise taking the most productive video cards, for example, the latest models from Nvidia and AMD. When choosing, pay attention to the amount of video memory (ideally from 2 GB), memory speed (with DDR 5 memory), bus width (better with a 256-bit bus), and cooling (basically there’s no competition to Radeon devices). Take Radeon RX 570, this 169 USD card produces 24-30 Mh/s, which is superb.
The Illusion of Stability
The entire multi-million community of Ether lovers trembled in early August when the Ethereum Classic network was subjected to several 51% attacks at once. In addition, in the first half of 2020 alone, over 5 attacks were carried out on popular DeFi platforms, including Balancer ($500,000 stolen) and bZx (17,500 ETH were stolen in total). Moreover, cybercriminals do not always use technical vulnerabilities, sometimes good old social engineering works.
Reduction of Reward
Ethereum developers have proposed to reduce the block mining reward by 75%. ConsenSys Managing Director John Leelik published the EIP-2878 proposal aimed at reducing inflation and preserving purchasing power. If supported, the reward will drop to 0.5 ETH.
The transition of ETH to ETH 2.0 (PoS)
We already wrote about this in the article "Problems of Ethereum Mining", and you can also watch the interview by Peter McCormack with the project founder Vitalik Buterin.
While the opportunity is still there, we offer everyone to get the most out of it and mine profitably. For example, take a closer look at the new CoinFLy ETH Pool, that nowadays offers more rewards than others, at least by 10%.
Profit That is Not Profit
A hidden and obvious problem is choosing the pool based on its profitability. If you only have a few capacities, then it is better to choose a pool that uses the PPS+ model, if you’ve got a lot of them, then a powerful pool with PPLNS is better. And if you’ve got so many capacities that there’s even enough for others, then you can also go SOLO, buddy. More details - here.
submitted by applesEgo to MiningPoolHub [link] [comments]

Why i’m bullish on Zilliqa (long read)

Edit: TL;DR added in the comments
 
Hey all, I've been researching coins since 2017 and have gone through 100s of them in the last 3 years. I got introduced to blockchain via Bitcoin of course, analyzed Ethereum thereafter and from that moment I have a keen interest in smart contact platforms. I’m passionate about Ethereum but I find Zilliqa to have a better risk-reward ratio. Especially because Zilliqa has found an elegant balance between being secure, decentralized and scalable in my opinion.
 
Below I post my analysis of why from all the coins I went through I’m most bullish on Zilliqa (yes I went through Tezos, EOS, NEO, VeChain, Harmony, Algorand, Cardano etc.). Note that this is not investment advice and although it's a thorough analysis there is obviously some bias involved. Looking forward to what you all think!
 
Fun fact: the name Zilliqa is a play on ‘silica’ silicon dioxide which means “Silicon for the high-throughput consensus computer.”
 
This post is divided into (i) Technology, (ii) Business & Partnerships, and (iii) Marketing & Community. I’ve tried to make the technology part readable for a broad audience. If you’ve ever tried understanding the inner workings of Bitcoin and Ethereum you should be able to grasp most parts. Otherwise, just skim through and once you are zoning out head to the next part.
 
Technology and some more:
 
Introduction
 
The technology is one of the main reasons why I’m so bullish on Zilliqa. First thing you see on their website is: “Zilliqa is a high-performance, high-security blockchain platform for enterprises and next-generation applications.” These are some bold statements.
 
Before we deep dive into the technology let’s take a step back in time first as they have quite the history. The initial research paper from which Zilliqa originated dates back to August 2016: Elastico: A Secure Sharding Protocol For Open Blockchains where Loi Luu (Kyber Network) is one of the co-authors. Other ideas that led to the development of what Zilliqa has become today are: Bitcoin-NG, collective signing CoSi, ByzCoin and Omniledger.
 
The technical white paper was made public in August 2017 and since then they have achieved everything stated in the white paper and also created their own open source intermediate level smart contract language called Scilla (functional programming language similar to OCaml) too.
 
Mainnet is live since the end of January 2019 with daily transaction rates growing continuously. About a week ago mainnet reached 5 million transactions, 500.000+ addresses in total along with 2400 nodes keeping the network decentralized and secure. Circulating supply is nearing 11 billion and currently only mining rewards are left. The maximum supply is 21 billion with annual inflation being 7.13% currently and will only decrease with time.
 
Zilliqa realized early on that the usage of public cryptocurrencies and smart contracts were increasing but decentralized, secure, and scalable alternatives were lacking in the crypto space. They proposed to apply sharding onto a public smart contract blockchain where the transaction rate increases almost linear with the increase in the amount of nodes. More nodes = higher transaction throughput and increased decentralization. Sharding comes in many forms and Zilliqa uses network-, transaction- and computational sharding. Network sharding opens up the possibility of using transaction- and computational sharding on top. Zilliqa does not use state sharding for now. We’ll come back to this later.
 
Before we continue dissecting how Zilliqa achieves such from a technological standpoint it’s good to keep in mind that a blockchain being decentralised and secure and scalable is still one of the main hurdles in allowing widespread usage of decentralised networks. In my opinion this needs to be solved first before blockchains can get to the point where they can create and add large scale value. So I invite you to read the next section to grasp the underlying fundamentals. Because after all these premises need to be true otherwise there isn’t a fundamental case to be bullish on Zilliqa, right?
 
Down the rabbit hole
 
How have they achieved this? Let’s define the basics first: key players on Zilliqa are the users and the miners. A user is anybody who uses the blockchain to transfer funds or run smart contracts. Miners are the (shard) nodes in the network who run the consensus protocol and get rewarded for their service in Zillings (ZIL). The mining network is divided into several smaller networks called shards, which is also referred to as ‘network sharding’. Miners subsequently are randomly assigned to a shard by another set of miners called DS (Directory Service) nodes. The regular shards process transactions and the outputs of these shards are eventually combined by the DS shard as they reach consensus on the final state. More on how these DS shards reach consensus (via pBFT) will be explained later on.
 
The Zilliqa network produces two types of blocks: DS blocks and Tx blocks. One DS Block consists of 100 Tx Blocks. And as previously mentioned there are two types of nodes concerned with reaching consensus: shard nodes and DS nodes. Becoming a shard node or DS node is being defined by the result of a PoW cycle (Ethash) at the beginning of the DS Block. All candidate mining nodes compete with each other and run the PoW (Proof-of-Work) cycle for 60 seconds and the submissions achieving the highest difficulty will be allowed on the network. And to put it in perspective: the average difficulty for one DS node is ~ 2 Th/s equaling 2.000.000 Mh/s or 55 thousand+ GeForce GTX 1070 / 8 GB GPUs at 35.4 Mh/s. Each DS Block 10 new DS nodes are allowed. And a shard node needs to provide around 8.53 GH/s currently (around 240 GTX 1070s). Dual mining ETH/ETC and ZIL is possible and can be done via mining software such as Phoenix and Claymore. There are pools and if you have large amounts of hashing power (Ethash) available you could mine solo.
 
The PoW cycle of 60 seconds is a peak performance and acts as an entry ticket to the network. The entry ticket is called a sybil resistance mechanism and makes it incredibly hard for adversaries to spawn lots of identities and manipulate the network with these identities. And after every 100 Tx Blocks which corresponds to roughly 1,5 hour this PoW process repeats. In between these 1,5 hour, no PoW needs to be done meaning Zilliqa’s energy consumption to keep the network secure is low. For more detailed information on how mining works click here.
Okay, hats off to you. You have made it this far. Before we go any deeper down the rabbit hole we first must understand why Zilliqa goes through all of the above technicalities and understand a bit more what a blockchain on a more fundamental level is. Because the core of Zilliqa’s consensus protocol relies on the usage of pBFT (practical Byzantine Fault Tolerance) we need to know more about state machines and their function. Navigate to Viewblock, a Zilliqa block explorer, and just come back to this article. We will use this site to navigate through a few concepts.
 
We have established that Zilliqa is a public and distributed blockchain. Meaning that everyone with an internet connection can send ZILs, trigger smart contracts, etc. and there is no central authority who fully controls the network. Zilliqa and other public and distributed blockchains (like Bitcoin and Ethereum) can also be defined as state machines.
 
Taking the liberty of paraphrasing examples and definitions given by Samuel Brooks’ medium article, he describes the definition of a blockchain (like Zilliqa) as: “A peer-to-peer, append-only datastore that uses consensus to synchronize cryptographically-secure data”.
 
Next, he states that: "blockchains are fundamentally systems for managing valid state transitions”. For some more context, I recommend reading the whole medium article to get a better grasp of the definitions and understanding of state machines. Nevertheless, let’s try to simplify and compile it into a single paragraph. Take traffic lights as an example: all its states (red, amber, and green) are predefined, all possible outcomes are known and it doesn’t matter if you encounter the traffic light today or tomorrow. It will still behave the same. Managing the states of a traffic light can be done by triggering a sensor on the road or pushing a button resulting in one traffic lights’ state going from green to red (via amber) and another light from red to green.
 
With public blockchains like Zilliqa, this isn’t so straightforward and simple. It started with block #1 almost 1,5 years ago and every 45 seconds or so a new block linked to the previous block is being added. Resulting in a chain of blocks with transactions in it that everyone can verify from block #1 to the current #647.000+ block. The state is ever changing and the states it can find itself in are infinite. And while the traffic light might work together in tandem with various other traffic lights, it’s rather insignificant comparing it to a public blockchain. Because Zilliqa consists of 2400 nodes who need to work together to achieve consensus on what the latest valid state is while some of these nodes may have latency or broadcast issues, drop offline or are deliberately trying to attack the network, etc.
 
Now go back to the Viewblock page take a look at the amount of transaction, addresses, block and DS height and then hit refresh. Obviously as expected you see new incremented values on one or all parameters. And how did the Zilliqa blockchain manage to transition from a previous valid state to the latest valid state? By using pBFT to reach consensus on the latest valid state.
 
After having obtained the entry ticket, miners execute pBFT to reach consensus on the ever-changing state of the blockchain. pBFT requires a series of network communication between nodes, and as such there is no GPU involved (but CPU). Resulting in the total energy consumed to keep the blockchain secure, decentralized and scalable being low.
 
pBFT stands for practical Byzantine Fault Tolerance and is an optimization on the Byzantine Fault Tolerant algorithm. To quote Blockonomi: “In the context of distributed systems, Byzantine Fault Tolerance is the ability of a distributed computer network to function as desired and correctly reach a sufficient consensus despite malicious components (nodes) of the system failing or propagating incorrect information to other peers.” Zilliqa is such a distributed computer network and depends on the honesty of the nodes (shard and DS) to reach consensus and to continuously update the state with the latest block. If pBFT is a new term for you I can highly recommend the Blockonomi article.
 
The idea of pBFT was introduced in 1999 - one of the authors even won a Turing award for it - and it is well researched and applied in various blockchains and distributed systems nowadays. If you want more advanced information than the Blockonomi link provides click here. And if you’re in between Blockonomi and the University of Singapore read the Zilliqa Design Story Part 2 dating from October 2017.
Quoting from the Zilliqa tech whitepaper: “pBFT relies upon a correct leader (which is randomly selected) to begin each phase and proceed when the sufficient majority exists. In case the leader is byzantine it can stall the entire consensus protocol. To address this challenge, pBFT offers a view change protocol to replace the byzantine leader with another one.”
 
pBFT can tolerate ⅓ of the nodes being dishonest (offline counts as Byzantine = dishonest) and the consensus protocol will function without stalling or hiccups. Once there are more than ⅓ of dishonest nodes but no more than ⅔ the network will be stalled and a view change will be triggered to elect a new DS leader. Only when more than ⅔ of the nodes are dishonest (66%) double-spend attacks become possible.
 
If the network stalls no transactions can be processed and one has to wait until a new honest leader has been elected. When the mainnet was just launched and in its early phases, view changes happened regularly. As of today the last stalling of the network - and view change being triggered - was at the end of October 2019.
 
Another benefit of using pBFT for consensus besides low energy is the immediate finality it provides. Once your transaction is included in a block and the block is added to the chain it’s done. Lastly, take a look at this article where three types of finality are being defined: probabilistic, absolute and economic finality. Zilliqa falls under the absolute finality (just like Tendermint for example). Although lengthy already we skipped through some of the inner workings from Zilliqa’s consensus: read the Zilliqa Design Story Part 3 and you will be close to having a complete picture on it. Enough about PoW, sybil resistance mechanism, pBFT, etc. Another thing we haven’t looked at yet is the amount of decentralization.
 
Decentralisation
 
Currently, there are four shards, each one of them consisting of 600 nodes. 1 shard with 600 so-called DS nodes (Directory Service - they need to achieve a higher difficulty than shard nodes) and 1800 shard nodes of which 250 are shard guards (centralized nodes controlled by the team). The amount of shard guards has been steadily declining from 1200 in January 2019 to 250 as of May 2020. On the Viewblock statistics, you can see that many of the nodes are being located in the US but those are only the (CPU parts of the) shard nodes who perform pBFT. There is no data from where the PoW sources are coming. And when the Zilliqa blockchain starts reaching its transaction capacity limit, a network upgrade needs to be executed to lift the current cap of maximum 2400 nodes to allow more nodes and formation of more shards which will allow to network to keep on scaling according to demand.
Besides shard nodes there are also seed nodes. The main role of seed nodes is to serve as direct access points (for end-users and clients) to the core Zilliqa network that validates transactions. Seed nodes consolidate transaction requests and forward these to the lookup nodes (another type of nodes) for distribution to the shards in the network. Seed nodes also maintain the entire transaction history and the global state of the blockchain which is needed to provide services such as block explorers. Seed nodes in the Zilliqa network are comparable to Infura on Ethereum.
 
The seed nodes were first only operated by Zilliqa themselves, exchanges and Viewblock. Operators of seed nodes like exchanges had no incentive to open them for the greater public. They were centralised at first. Decentralisation at the seed nodes level has been steadily rolled out since March 2020 ( Zilliqa Improvement Proposal 3 ). Currently the amount of seed nodes is being increased, they are public-facing and at the same time PoS is applied to incentivize seed node operators and make it possible for ZIL holders to stake and earn passive yields. Important distinction: seed nodes are not involved with consensus! That is still PoW as entry ticket and pBFT for the actual consensus.
 
5% of the block rewards are being assigned to seed nodes (from the beginning in 2019) and those are being used to pay out ZIL stakers. The 5% block rewards with an annual yield of 10.03% translate to roughly 610 MM ZILs in total that can be staked. Exchanges use the custodial variant of staking and wallets like Moonlet will use the non-custodial version (starting in Q3 2020). Staking is being done by sending ZILs to a smart contract created by Zilliqa and audited by Quantstamp.
 
With a high amount of DS; shard nodes and seed nodes becoming more decentralized too, Zilliqa qualifies for the label of decentralized in my opinion.
 
Smart contracts
 
Let me start by saying I’m not a developer and my programming skills are quite limited. So I‘m taking the ELI5 route (maybe 12) but if you are familiar with Javascript, Solidity or specifically OCaml please head straight to Scilla - read the docs to get a good initial grasp of how Zilliqa’s smart contract language Scilla works and if you ask yourself “why another programming language?” check this article. And if you want to play around with some sample contracts in an IDE click here. The faucet can be found here. And more information on architecture, dapp development and API can be found on the Developer Portal.
If you are more into listening and watching: check this recent webinar explaining Zilliqa and Scilla. Link is time-stamped so you’ll start right away with a platform introduction, roadmap 2020 and afterwards a proper Scilla introduction.
 
Generalized: programming languages can be divided into being ‘object-oriented’ or ‘functional’. Here is an ELI5 given by software development academy: * “all programs have two basic components, data – what the program knows – and behavior – what the program can do with that data. So object-oriented programming states that combining data and related behaviors in one place, is called “object”, which makes it easier to understand how a particular program works. On the other hand, functional programming argues that data and behavior are different things and should be separated to ensure their clarity.” *
 
Scilla is on the functional side and shares similarities with OCaml: OCaml is a general-purpose programming language with an emphasis on expressiveness and safety. It has an advanced type system that helps catch your mistakes without getting in your way. It's used in environments where a single mistake can cost millions and speed matters, is supported by an active community, and has a rich set of libraries and development tools. For all its power, OCaml is also pretty simple, which is one reason it's often used as a teaching language.
 
Scilla is blockchain agnostic, can be implemented onto other blockchains as well, is recognized by academics and won a so-called Distinguished Artifact Award award at the end of last year.
 
One of the reasons why the Zilliqa team decided to create their own programming language focused on preventing smart contract vulnerabilities is that adding logic on a blockchain, programming, means that you cannot afford to make mistakes. Otherwise, it could cost you. It’s all great and fun blockchains being immutable but updating your code because you found a bug isn’t the same as with a regular web application for example. And with smart contracts, it inherently involves cryptocurrencies in some form thus value.
 
Another difference with programming languages on a blockchain is gas. Every transaction you do on a smart contract platform like Zilliqa or Ethereum costs gas. With gas you basically pay for computational costs. Sending a ZIL from address A to address B costs 0.001 ZIL currently. Smart contracts are more complex, often involve various functions and require more gas (if gas is a new concept click here ).
 
So with Scilla, similar to Solidity, you need to make sure that “every function in your smart contract will run as expected without hitting gas limits. An improper resource analysis may lead to situations where funds may get stuck simply because a part of the smart contract code cannot be executed due to gas limits. Such constraints are not present in traditional software systems”. Scilla design story part 1
 
Some examples of smart contract issues you’d want to avoid are: leaking funds, ‘unexpected changes to critical state variables’ (example: someone other than you setting his or her address as the owner of the smart contract after creation) or simply killing a contract.
 
Scilla also allows for formal verification. Wikipedia to the rescue: In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics.
 
Formal verification can be helpful in proving the correctness of systems such as: cryptographic protocols, combinational circuits, digital circuits with internal memory, and software expressed as source code.
 
Scilla is being developed hand-in-hand with formalization of its semantics and its embedding into the Coq proof assistant — a state-of-the art tool for mechanized proofs about properties of programs.”
 
Simply put, with Scilla and accompanying tooling developers can be mathematically sure and proof that the smart contract they’ve written does what he or she intends it to do.
 
Smart contract on a sharded environment and state sharding
 
There is one more topic I’d like to touch on: smart contract execution in a sharded environment (and what is the effect of state sharding). This is a complex topic. I’m not able to explain it any easier than what is posted here. But I will try to compress the post into something easy to digest.
 
Earlier on we have established that Zilliqa can process transactions in parallel due to network sharding. This is where the linear scalability comes from. We can define simple transactions: a transaction from address A to B (Category 1), a transaction where a user interacts with one smart contract (Category 2) and the most complex ones where triggering a transaction results in multiple smart contracts being involved (Category 3). The shards are able to process transactions on their own without interference of the other shards. With Category 1 transactions that is doable, with Category 2 transactions sometimes if that address is in the same shard as the smart contract but with Category 3 you definitely need communication between the shards. Solving that requires to make a set of communication rules the protocol needs to follow in order to process all transactions in a generalised fashion.
 
And this is where the downsides of state sharding comes in currently. All shards in Zilliqa have access to the complete state. Yes the state size (0.1 GB at the moment) grows and all of the nodes need to store it but it also means that they don’t need to shop around for information available on other shards. Requiring more communication and adding more complexity. Computer science knowledge and/or developer knowledge required links if you want to dig further: Scilla - language grammar Scilla - Foundations for Verifiable Decentralised Computations on a Blockchain Gas Accounting NUS x Zilliqa: Smart contract language workshop
 
Easier to follow links on programming Scilla https://learnscilla.com/home Ivan on Tech
 
Roadmap / Zilliqa 2.0
 
There is no strict defined roadmap but here are topics being worked on. And via the Zilliqa website there is also more information on the projects they are working on.
 
Business & Partnerships
 
It’s not only technology in which Zilliqa seems to be excelling as their ecosystem has been expanding and starting to grow rapidly. The project is on a mission to provide OpenFinance (OpFi) to the world and Singapore is the right place to be due to its progressive regulations and futuristic thinking. Singapore has taken a proactive approach towards cryptocurrencies by introducing the Payment Services Act 2019 (PS Act). Among other things, the PS Act will regulate intermediaries dealing with certain cryptocurrencies, with a particular focus on consumer protection and anti-money laundering. It will also provide a stable regulatory licensing and operating framework for cryptocurrency entities, effectively covering all crypto businesses and exchanges based in Singapore. According to PWC 82% of the surveyed executives in Singapore reported blockchain initiatives underway and 13% of them have already brought the initiatives live to the market. There is also an increasing list of organizations that are starting to provide digital payment services. Moreover, Singaporean blockchain developers Building Cities Beyond has recently created an innovation $15 million grant to encourage development on its ecosystem. This all suggests that Singapore tries to position itself as (one of) the leading blockchain hubs in the world.
 
Zilliqa seems to already take advantage of this and recently helped launch Hg Exchange on their platform, together with financial institutions PhillipCapital, PrimePartners and Fundnel. Hg Exchange, which is now approved by the Monetary Authority of Singapore (MAS), uses smart contracts to represent digital assets. Through Hg Exchange financial institutions worldwide can use Zilliqa's safe-by-design smart contracts to enable the trading of private equities. For example, think of companies such as Grab, Airbnb, SpaceX that are not available for public trading right now. Hg Exchange will allow investors to buy shares of private companies & unicorns and capture their value before an IPO. Anquan, the main company behind Zilliqa, has also recently announced that they became a partner and shareholder in TEN31 Bank, which is a fully regulated bank allowing for tokenization of assets and is aiming to bridge the gap between conventional banking and the blockchain world. If STOs, the tokenization of assets, and equity trading will continue to increase, then Zilliqa’s public blockchain would be the ideal candidate due to its strategic positioning, partnerships, regulatory compliance and the technology that is being built on top of it.
 
What is also very encouraging is their focus on banking the un(der)banked. They are launching a stablecoin basket starting with XSGD. As many of you know, stablecoins are currently mostly used for trading. However, Zilliqa is actively trying to broaden the use case of stablecoins. I recommend everybody to read this text that Amrit Kumar wrote (one of the co-founders). These stablecoins will be integrated in the traditional markets and bridge the gap between the crypto world and the traditional world. This could potentially revolutionize and legitimise the crypto space if retailers and companies will for example start to use stablecoins for payments or remittances, instead of it solely being used for trading.
 
Zilliqa also released their DeFi strategic roadmap (dating November 2019) which seems to be aligning well with their OpFi strategy. A non-custodial DEX is coming to Zilliqa made by Switcheo which allows cross-chain trading (atomic swaps) between ETH, EOS and ZIL based tokens. They also signed a Memorandum of Understanding for a (soon to be announced) USD stablecoin. And as Zilliqa is all about regulations and being compliant, I’m speculating on it to be a regulated USD stablecoin. Furthermore, XSGD is already created and visible on block explorer and XIDR (Indonesian Stablecoin) is also coming soon via StraitsX. Here also an overview of the Tech Stack for Financial Applications from September 2019. Further quoting Amrit Kumar on this:
 
There are two basic building blocks in DeFi/OpFi though: 1) stablecoins as you need a non-volatile currency to get access to this market and 2) a dex to be able to trade all these financial assets. The rest are built on top of these blocks.
 
So far, together with our partners and community, we have worked on developing these building blocks with XSGD as a stablecoin. We are working on bringing a USD-backed stablecoin as well. We will soon have a decentralised exchange developed by Switcheo. And with HGX going live, we are also venturing into the tokenization space. More to come in the future.”
 
Additionally, they also have this ZILHive initiative that injects capital into projects. There have been already 6 waves of various teams working on infrastructure, innovation and research, and they are not from ASEAN or Singapore only but global: see Grantees breakdown by country. Over 60 project teams from over 20 countries have contributed to Zilliqa's ecosystem. This includes individuals and teams developing wallets, explorers, developer toolkits, smart contract testing frameworks, dapps, etc. As some of you may know, Unstoppable Domains (UD) blew up when they launched on Zilliqa. UD aims to replace cryptocurrency addresses with a human-readable name and allows for uncensorable websites. Zilliqa will probably be the only one able to handle all these transactions onchain due to ability to scale and its resulting low fees which is why the UD team launched this on Zilliqa in the first place. Furthermore, Zilliqa also has a strong emphasis on security, compliance, and privacy, which is why they partnered with companies like Elliptic, ChainSecurity (part of PwC Switzerland), and Incognito. Their sister company Aqilliz (Zilliqa spelled backwards) focuses on revolutionizing the digital advertising space and is doing interesting things like using Zilliqa to track outdoor digital ads with companies like Foodpanda.
 
Zilliqa is listed on nearly all major exchanges, having several different fiat-gateways and recently have been added to Binance’s margin trading and futures trading with really good volume. They also have a very impressive team with good credentials and experience. They don't just have “tech people”. They have a mix of tech people, business people, marketeers, scientists, and more. Naturally, it's good to have a mix of people with different skill sets if you work in the crypto space.
 
Marketing & Community
 
Zilliqa has a very strong community. If you just follow their Twitter their engagement is much higher for a coin that has approximately 80k followers. They also have been ‘coin of the day’ by LunarCrush many times. LunarCrush tracks real-time cryptocurrency value and social data. According to their data, it seems Zilliqa has a more fundamental and deeper understanding of marketing and community engagement than almost all other coins. While almost all coins have been a bit frozen in the last months, Zilliqa seems to be on its own bull run. It was somewhere in the 100s a few months ago and is currently ranked #46 on CoinGecko. Their official Telegram also has over 20k people and is very active, and their community channel which is over 7k now is more active and larger than many other official channels. Their local communities also seem to be growing.
 
Moreover, their community started ‘Zillacracy’ together with the Zilliqa core team ( see www.zillacracy.com ). It’s a community-run initiative where people from all over the world are now helping with marketing and development on Zilliqa. Since its launch in February 2020 they have been doing a lot and will also run their own non-custodial seed node for staking. This seed node will also allow them to start generating revenue for them to become a self sustaining entity that could potentially scale up to become a decentralized company working in parallel with the Zilliqa core team. Comparing it to all the other smart contract platforms (e.g. Cardano, EOS, Tezos etc.) they don't seem to have started a similar initiative (correct me if I’m wrong though). This suggests in my opinion that these other smart contract platforms do not fully understand how to utilize the ‘power of the community’. This is something you cannot ‘buy with money’ and gives many projects in the space a disadvantage.
 
Zilliqa also released two social products called SocialPay and Zeeves. SocialPay allows users to earn ZILs while tweeting with a specific hashtag. They have recently used it in partnership with the Singapore Red Cross for a marketing campaign after their initial pilot program. It seems like a very valuable social product with a good use case. I can see a lot of traditional companies entering the space through this product, which they seem to suggest will happen. Tokenizing hashtags with smart contracts to get network effect is a very smart and innovative idea.
 
Regarding Zeeves, this is a tipping bot for Telegram. They already have 1000s of signups and they plan to keep upgrading it for more and more people to use it (e.g. they recently have added a quiz features). They also use it during AMAs to reward people in real-time. It’s a very smart approach to grow their communities and get familiar with ZIL. I can see this becoming very big on Telegram. This tool suggests, again, that the Zilliqa team has a deeper understanding of what the crypto space and community needs and is good at finding the right innovative tools to grow and scale.
 
To be honest, I haven’t covered everything (i’m also reaching the character limited haha). So many updates happening lately that it's hard to keep up, such as the International Monetary Fund mentioning Zilliqa in their report, custodial and non-custodial Staking, Binance Margin, Futures, Widget, entering the Indian market, and more. The Head of Marketing Colin Miles has also released this as an overview of what is coming next. And last but not least, Vitalik Buterin has been mentioning Zilliqa lately acknowledging Zilliqa and mentioning that both projects have a lot of room to grow. There is much more info of course and a good part of it has been served to you on a silver platter. I invite you to continue researching by yourself :-) And if you have any comments or questions please post here!
submitted by haveyouheardaboutit to CryptoCurrency [link] [comments]

Consensus Mechanism of Wisdom Chain Document Knowledge Base

At present, there is a consensus mechanism in the global public chain infrastructure. It stipulates how to compete between the nodes. The most popular consensus mechanism at this stage is OW, POS, DPOS, PBFT and DBFT. Its speed, safety and centralization degree have different emphasis. However, some public chains choose to use the hybrid consensus mechanism, such as ZIL adopts the POW+PBFT's mixed consensus mechanism, Wisdom Chain adopts the DPOS+Pow's mixed consensus mechanism, and what is the advantage of adopting the hybrid consensus mechanism?
📷
First of all, the early Bitcoin and Ethereum adopted a single consensus mechanism, which resulted in their slow running speed and being unable to be used in the commercial environment. Although EOS uses the consensus mechanism of DPOS, all transactions are recorded by the super node on the chain, which has greatly improved the efficiency, but it has lost another major feature of the blockchain - the security brought by decentralization 。 Therefore, the public chain with a single consensus mechanism is doomed to not have both efficiency, security and decentralization. Advantages of hybrid mechanism The biggest advantage of hybrid mechanism is that it can learn from each other's strengths. Hybrid consensus means that two or more consensus mechanisms are applied to the underlying architecture of the same blockchain public chain. Reasonable use of mixed consensus can make up for the defects of low efficiency, loss of security protection or sacrifice of centralization degree caused by single consensus mechanism.
📷
Wisdom Chain's ideas in this regard are quite creative. It adopts the hybrid mechanism of DPOS+POW, and the two accounts run simultaneously to make up for the disadvantage of any single consensus mechanism. DPOS mechanism has high efficiency. It is responsible for selecting legal transactions from the transaction storage pool, packaging them into blocks, and then broadcasting them to the network through P2P protocol. The implied POW requires miners to complete a certain amount of work proof to prevent the main chain from branching. At the same time, the elimination mechanism is established. If the nodes make false accounts or biased records within 30 seconds, they will be eliminated. As a result, speed, security and decentralization are taken into account. Of course, there are still some problems to be solved in the hybrid consensus mechanism, but any technology is not achieved overnight, and it is impossible to have a smooth journey. However, the Wisdom Chain team made a detailed and in-depth thinking on the key technical difficulties and put forward feasible technical solutions. In the future, with the popularization of blockchain technology, the problem of hybrid consensus mechanism will surely be solved one by one.
submitted by Frosty_Gene_7770 to u/Frosty_Gene_7770 [link] [comments]

List of CFML Vulnerabilities & Security Issues

This list is updated frequently as we detect more issues, also note that we can’t detect these issues in all cases on all servers, even if the issue has not been patched yet.
Here are some CFML Vulnerabilities & Security Issues that you might have faced-

  1. Jakarta Virtual Directory Exposed – The /jakarta virtual directory (which is required by CF10+ on Tomcat/IIS) is serving files such as isapi_redirect.properties or isapi_redirect.log. The only URI that should be served is /jakarta/isapi_redirect.dll – you can use Request Filtering to block.
  2. Bitcoin Miner Discovered – Found files in /CFIDE that match the signature of a bitcoin miner exploit. Look for /CFIDE/m /CFIDE/m32 /CFIDE/m64 and /CFIDE/updates.cfm among others.
  3. Hotfix APSB11-14 Not Installed – Apply the hotfixes located in Adobe Security Notice apsb11-14.
  4. Railo Security Issue 2635 – Input of Chr(0) to the ReplaceList function can cause infinate loop / crash. Fixed in Version 4.1.1.008
  5. XSS Injection in cfform.js – A document.write call was found in your /CFIDE/scripts/cfform.js file, an attacker may be injecting a javascript, please check your cfform.js file.
  6. Executable found in CFIDE – Found executable file(s) in /CFIDE with one of the following file extensions: dll, exe, bat, sh
  7. Heartbleed Vulnerability Detected – The heartbleed vulnerability is a bug in OpenSSL (the crypto library used by Apache, NGinx, and others) that can allow the leakage of private keys used for TLS/SSL encryption.
  8. OpenBD AdminAPI Exposed to the Public – The /bluedragon/adminapi/ directory is open to the public it should be locked down to prevent exploit.
  9. Security Hotfix APSB12-26 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB12-26 was not found to be installed on your server. This hotfix resolves a sandbox permission issue.
  10. Security Hotfix APSB17-30 Not Installed Or Partailly Installed – The security hotfix referenced in Adobe Security Bulletin APSB17-30 was not found to be fully installed on your server. For the hotfix to be effective you must have Java 8 update 121 or greater installed. This hotfix resolves two critical vulnerabilities CVE-2017-11286 and CVE-2017-11283 / CVE-2017-11284 and one important vulnerability CVE-2017-11285. The issues are resolved in ColdFusion 11 Update 13+ and ColdFusion 2016 Update 5+ with Java 8 update 121 or greater.
  11. ColdFusion Example Applications Installed – The ColdFusion example applications are installed at /cfdocs/exampleapps/ or /CFIDE/gettingstarted/, they should not be installed on a production server.
  12. Svn Hidden Directory Exposed – A request for /.svn/text-base/index.cfm.svn-base appears to resolve to a subversion repository, which could lead to source code disclosure. Please block .svn/
  13. Solr Search Service Exposed – CVE-2010-0185 detected. ColdFusion 9 Apache Solr services are exposed to the public. Any data in solr search collections may be exposed to the public. Follow the instructions in APSB10-04 to remedy, or upgrade to ColdFusion 9.0.1.
  14. TLS Compression Supported – TLS Compression should be disabled due to the CRIME TLS vulnerability.
  15. Security Hotfix APSB11-04 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB11-04 was not found to be installed on your server. This hotfix also contains most prior security hotfixes.
  16. Git Hidden Directory Exposed – A request for /.git/config appears to resolve to a git repository, wouch could lead to source code disclosure. Please block .git/
  17. Cross Site Scripting Vulnerability CVE-2011-4368 – CVE-2011-4368 detected. Apply the hotfix located in Adobe Security Notice apsb11-29.
  18. JVM Vulnerable to Java Null Byte Injection – The JVM that you are running is vulnerable to null byte injections (or null byte poisioning) in java.io file operations. Java 1.7.0_40+ or 1.8+ attempt to mitigate null byte injection attacks.
  19. Java 11 Security Update Available – The JVM that you are running contains security vulnerabilities that could be exploited in server side environments. Update to the latest version of Java 11. Note that Oracle Java 11 requires a commercial license. Adobe CF customers can download Oracle Java 11 from the ColdFusion Downloads Page. You can also use OpenJDK, Amazon Corretto, or other non-oracle JVMs for free.
  20. Security Hotfix APSB19-10 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB19-10 was not found to be installed on your server. This hotfix resolves 2 issues, one important (CVE-2019-7092) and one critical (CVE-2019-7091). The issues are resolved in ColdFusion 11 Update 16+ ColdFusion 2016 Update 8+ and ColdFusion 2018 Update 2+. For all security fixes to be effective you should also have Java 8 update 121 or greater installed.
  21. Cross Site Scripting Vulnerability CVE-2011-0583 – CVE-2011-0583 detected. Apply the hotfixes located in Adobe Security Notice apsb11-04. The detection of this vulnerability also indicates to a high degree of likelihood that the following vulnerabilities may also exist: CVE-2011-0580, CVE-2011-0581, CVE-2011-0582, CVE-2011-0584
  22. Apache 2.2 Security Update Available – The version of Apache you are running does not contain the most recent security fixes.
  23. BlaseDS/AMF External XML Entity Injection – CVE-2009-3960 detected. You must apply the hotfix specified in Adobe Security Bulliten APSB10-05, otherwise an attacker can read any file on the server that ColdFusion has permission to read. You need to do this even if you don’t use BlaseDS or Flash Remoting because it is enabled in CF by default.
  24. SSL Version 2 Enabled – Your Web Server is accepting SSL V2 connections, a weak protocol. For PCI compliance, and strong security you must disable this protocol on your web server.
  25. Missing Strict-Transport-Security Header – This domain supports HTTPS but does not send the HTTP Strict-Transport-Security response header (HSTS) to force HTTPS.
  26. The /CFIDE/scripts directory is in default location. – Consider changing the default location of /CFIDE/scripts/ by changing the value of the Default Script Src setting in the ColdFusion Administrator.
  27. Recalled Hotfix 10.0.3 Installed – You are running ColdFusion 10.0.3 which has been recalled by adobe due to bugs in the release. Please install the latest 10.0 hotfix.
  28. ComponentUtils Exposed to the Public – The /CFIDE/componentutils/ directory is open to the public it should be locked down to prevent exploit.
  29. ColdFusion Update Available – You may not be running the latest version of ColdFusion 8, consider updating to ColdFusion 8.0.1
  30. Security Hotfix APSB13-10 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB13-10 was not found on your server. This hotfix resolves authentication issues that could allow an attacker impersonate a user in your application, or a ColdFusion Administrator.
  31. CVE-2010-2861 Detected – Path Traversal Vulnerability detected (CVE-2010-2861 APSB10-18), this allows an attacker to read any file on the servers file system that ColdFusion has access to (within the same drive on windows).
  32. Security Hotfix APSB13-19 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB13-19 was not found on your server.
  33. Security Hotfix APSB12-15 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB12-15 was not found to be installed on your server. This hotfix resolves a HTTP response splitting vulnerability in the ColdFusion Component Browser CVE-2012-2041.
  34. Security Hotfix APSB16-16 Not Installed – The security hotfix referenced in Adobe Security Bulletin APSB16-16 was not found to be installed on your server. This hotfix addresses a XSS issue, a Java Deserialization Vulnerability and a TLS Hostname verification issue. This issue is fixed in ColdFusion 10 Update 19+, ColdFusion 11 Update 8+, and ColdFusion 2016 Update 1+
  35. Vulnerable PageSpeed Module – The Version of PageSpeed Module you are using may be vulnerable to one or more vulnerabilities. Update your PageSpeed web server module to the latest version to resolve.
  36. TLS 1.2 Is Not Enabled – Configure your server to accept TLS 1.2 connections for optimal HTTPS security. Note for IIS you must be running Windows 2008r2 or greater for TLS 1.2 support. You can use our IIS SSL / TLS configuration tool to toggle protocol support on your server.
  37. Java 13 EOL – Java 13 has reached end of life at the release of Java 14. It is not a LTS (Long Term Support Version), you can use Java 11 for LTS.
  38. Lucee Security Issue 2015-08-06 – Lucee fixed an XSS issue in version 4.5.1.023. This issue remains unpatched in Railo.
submitted by aligatorraid to coldfusion [link] [comments]

The DeFis Yearn (DSY) public chain is about to launch. Another blockchain world’s myth is about to be born!

The DeFis Yearn (DSY) public chain is about to launch. Another blockchain world’s myth is about to be born!
1. What is DeFis Yearn (DSY)?
According to the official introduction, DSY is based on the Ethereum (ETH, Ethereum) developed by Vitalik Buterin. It has improved and added DPoS master node network, side chain network, anonymous transaction, DeFi efficiency performance optimization and added POC as a block Encrypted digital currency with multiple new functions such as chain data storage.
The goal of DeFis Yearn is to build a world-type distributed computer system developed and governed spontaneously by the community. Following this vision, our platform will allow the creation of blockchain applications to be given the possibility of keeping application data private. This will be possible through a series of "zero-knowledge" encryption tools, which will become possible to be made usable. Combining revolutionary technology, DSY integrates three functions that operate independently in the traditional sense. They are: transaction, communication and competitive governance to accelerate innovation. With the help of blockchain technology and computing infrastructure technology that can be distributed across the world, this innovation process can be carried out in a safe and anonymous manner. The system integrates a number of first-class technologies and provides an open platform for innovative development that is not restricted by permissions and can flexibly adapt to user preferences.

https://preview.redd.it/j0ohsvxz5an51.png?width=553&format=png&auto=webp&s=17116221a1ce6670716d1512f48ce8fd00d8e5ee
2. What pain points does DeFis Yearn (DSY) solve?
Putting DeFis Yearn (DSY) on the mainstream public chains in the blockchain world, DeFis Yearn is undoubtedly the most avant-garde and has great explosive potential. This is embodied in that DeFis Yearn has broken through the bottleneck of the current public chain in many aspects. . From the perspective of the functional properties of currencies, the anonymous transfer technology created by DeFis Yearn has well complemented the privacy flaws of most digital currencies on the market. Secondly, from the perspective of the design of the public chain consensus mechanism, DSY adopts the POW+DPOS+POC fusion consensus mechanism. First of all, the POW mechanism is similar to the current mainstream currencies BTC, ETH, etc., which are intended to be protected and guaranteed by computing power Digital currency has a good and fair distribution mechanism, and the POW currency distribution mechanism is still the most scientific at present.
However, the POW mechanism has a huge disadvantage, that is, each transfer requires more nodes to confirm, which leads to the problem of slow transfer speed of the POW mechanism digital currency. In the long run, the number of users of digital currency is gradually increasing over time, and digital currency with a pure POW mechanism will eventually be unable to carry the increasing number of users in the later stage. Bitcoin in 2017 and Ethereum today are both encountering This kind of crisis, as a currency digital currency, the core value of its currency is gradually collapsing. When a currency transfer requires an extremely expensive fee and it takes a long time to arrive, it can no longer be called a good currency. , Let alone compete with other types of currencies, because the poor transfer experience will gradually drive away existing digital currency users.

https://preview.redd.it/hovsbj226an51.png?width=553&format=png&auto=webp&s=558b0004f606c8533d0c4bfa78b87462ce9ce17f
So, can this problem be solved? Of course, thanks to the emergence of the DPOS consensus mechanism, DPOS was born to improve the transfer speed bottleneck of POW. DPOS has a theoretical million-level TPS and is currently the only consensus mechanism that can carry large-scale commercial and massive users. This is why DeFis Yearn (DSY) introduces the DPOS consensus mechanism. In the early stage of DSY operation through POW, it provides computing power protection and a good currency distribution mechanism for DSY. After the market has a certain amount of currency in circulation, the DPOS mechanism is introduced to solve the transfer bottleneck of the pure POW mechanism and solve the POW mechanism that has been criticized. The problem. In addition, according to DSY official data, DSY will adopt the DAO decentralized governance mechanism, which is by far the most efficient governance mechanism. It can pave the way for DSY in the rapid development of the blockchain world. Turn off the highway.

https://preview.redd.it/0vn62zn36an51.png?width=447&format=png&auto=webp&s=8a48ebe90bd13c54c04db3c4925e87913308989f
Since the POW+DPOS mechanism is so perfect, why should we introduce the POC mechanism to achieve the integration of the three consensus mechanisms of POW+DPOS+POC? The reason is simple. There is still a problem with the POW mechanism, which is meaningless energy consumption. POC not only solves the problem of energy consumption, but also provides users with the function of decentralized storage. POC gives miners the value of existence and contribution to human society in a true sense. In addition, the integration of the POC mechanism can effectively increase the gold content of the DSY public chain, so that in addition to the text information of the transfer, the DSY chain also carries various forms of content. At that time, DSY has an excellent privacy protection mechanism in terms of currency attributes. ——Anonymous transfer, which can carry various ecological DAPPs and provide content storage based on the properties of the blockchain. It is a decentralized encrypted storage navigation system and a decentralized program operation system, which greatly increases the gold content of the DSY public chain , Which also enables all DSY holders to enjoy the dividends brought by the ecological development of the chain.
Does DSY plan to implement currency applications in the real world?
In fact, offline payment is a pain point that all digital currencies cannot solve. After all, there is a certain gap between digital currencies and legal currencies. But fortunately, as can be seen from the project development route in the official DSY white paper, DSY will implement offline payment functions and will support payment through the world's largest legal currency payment institution-PayPal. In addition to international payment tools, DSY also supports offline payments in some local areas, such ascommonly used in IndiaPaytm Paytm, Yandex.Money in Russia, WeChat and Alipay in China, etc. Users can use DSY decentralized wallet to directly complete offline fiat currency scan code payment, DSY will automatically convert the corresponding fiat currency amount to pay to the other party. This feature will undoubtedly be a phenomenon-level innovative application in the blockchain world in 2020.

https://preview.redd.it/4ei1t3n56an51.png?width=431&format=png&auto=webp&s=0380b319ef7edadbdabf559ec08b93456d35dac2
How to get DSY?
From the official information and development progress report, DeFis Yearn will first open a small number of DSY tokens for crowdfunding, and then complete the mainnet launch, so we can get DSY from several channels, whether through early crowdfunding , Mining or future exchange purchases. From the perspective of DSY's technological breakthrough and powerful offline application functions, DSY will undoubtedly bring a new round of impact to the blockchain world, and it is expected to cast another myth. This is mainly because the popularity of DSY mainnet is too high. , Has attracted the attention of a large number of domestic and foreign capitals, and everyone is looking forward to this moment. Under the multiple favorable circumstances, how strong DSY can perform, let us wait and see.

https://preview.redd.it/dpozm2z66an51.png?width=495&format=png&auto=webp&s=ce177696502ae833e56198863924c04c9e6601f9
submitted by BitRay2077 to u/BitRay2077 [link] [comments]

DSY public chain will first launch the DEFI sector, another blockchain myth is about to be born!

DSY public chain will first launch the DEFI sector, another blockchain myth is about to be born!
1. What is DeFis Yearn (DSY)?
DSY is based on Ethereum (ETH, Ethereum) developed by Vitalik Buterin. It has improved and added DPoS master node network, side chain network, anonymous transaction, DeFi efficiency performance optimization, and added POC as blockchain data storage.
The goal of DeFis Yearn is to build a world-type distributed computer system developed and governed spontaneously by the community. Following this vision, our platform will allow the creation of blockchain applications to be given the possibility of keeping application data private. This will be possible through a series of "zero-knowledge" encryption tools, which will become possible to be made available. Combining revolutionary technology, DSY integrates three functions that operate independently in the traditional sense. They are: transaction, communication and competitive governance to accelerate innovation. With the help of blockchain technology and computing infrastructure technology that can be distributed across the world, this innovation process can be carried out in a safe and anonymous manner. The system integrates a number of first-class technologies and provides an open platform for innovative development that is not restricted by permissions and can flexibly adapt to user preferences.

https://preview.redd.it/2vbawe6r42m51.png?width=553&format=png&auto=webp&s=470964be382c1c5636ce11cdc4559eb47764969b
2. What problems does DeFis Yearn (DSY) solve?
Putting DeFis Yearn (DSY) on the mainstream public chains in the current blockchain world, DeFis Yearn is undoubtedly the most avant-garde and has great explosive potential. This is embodied in that DeFis Yearn has broken through the bottleneck of the current public chain in many aspects. . From the perspective of the functional properties of currencies, the anonymous transfer technology created by DeFis Yearn has well complemented the privacy flaws of most digital currencies on the market. Secondly, from the perspective of the design of the public chain consensus mechanism, DSY adopts the POW+DPOS+POC fusion consensus mechanism. First of all, the POW mechanism is similar to the current mainstream currencies BTC, ETH, etc., which are intended to be protected and guaranteed by computing power Digital currency has a good and fair distribution mechanism, and the POW currency distribution mechanism is still the most scientific at present.
However, the POW mechanism has a huge disadvantage, that is, each transfer requires more nodes to confirm, which leads to the problem of slow transfer speed of the POW mechanism digital currency. In the long run, the number of users of digital currency is gradually increasing over time, and digital currency with a pure POW mechanism will eventually be unable to carry the increasing number of users in the later stage. Bitcoin in 2017 and Ethereum today are both encountering This kind of crisis, as a currency digital currency, the core value of its currency is gradually collapsing. When a currency transfer requires an extremely expensive fee and it takes a long time to arrive, it can no longer be called a good currency. , Let alone compete with other types of currencies, because the poor transfer experience will gradually drive away existing cryptocurrency users.

https://preview.redd.it/wuff86ft42m51.png?width=553&format=png&auto=webp&s=a872fbb5d335b4d42a41ac8139614d070a79022f
So, can this problem be solved? Of course, thanks to the emergence of the DPOS consensus mechanism. DPOS was born to improve the transfer speed bottleneck of POW. DPOS has a theoretical million-level TPS and is currently the only consensus mechanism that can carry large-scale commercial and massive users. This is why DeFis Yearn (DSY) introduces the DPOS consensus mechanism. In the early stage, DSY provided computing power protection and a good currency distribution mechanism for DSY through POW operation. After the market has a certain amount of currency in circulation, the DPOS mechanism is introduced to solve the transfer bottleneck of the pure POW mechanism and solve the POW mechanism that has been criticized. The problem. In addition, according to DSY official data, DSY will adopt the DAO decentralized governance mechanism, which is by far the most efficient governance mechanism.

https://preview.redd.it/77s0599w42m51.png?width=447&format=png&auto=webp&s=359565f9e5802ccf20d649d44be54c85d495451b
Since the POW+DPOS mechanism is so perfect, why should we introduce the POC mechanism to achieve the integration of the three consensus mechanisms of POW+DPOS+POC? The reason is simple. There is still a problem with the POW mechanism, which is meaningless energy consumption. POC not only solves the problem of energy consumption, but also provides users with the function of decentralized storage. POC gives miners the value of existence and contribution to human society in a true sense. In addition, the integration of the POC mechanism can effectively increase the gold content of the DSY public chain, so that in addition to the text information of the transfer, the DSY chain also carries various forms of content. At that time, DSY has an excellent privacy protection mechanism in terms of currency attributes. ——Anonymous transfer, which can carry various ecological DAPPs and provide content storage based on the properties of the blockchain. It is a decentralized encrypted storage navigation system and a decentralized program operation system, which greatly increases the gold content of the DSY public chain , Which also enables all DSY holders to enjoy the dividends brought by the ecological development of the chain.
Does DSY plan to implement currency applications in the real world?
In fact, offline payment is a pain point that all digital currencies cannot solve. After all, there is a certain gap between digital currencies and legal currencies. But fortunately, as can be seen from the project development route in the official DSY white paper, DSY will implement offline payment functions and will support payment through the world's largest legal currency payment institution-PayPal. In addition to international payment tools, DSY also supports offline payments in some local areas, such as Paytm commonly used in India, Yandex.Money in Russia, WeChat and Alipay in China, etc. Users can use DSY decentralized wallet to directly complete offline fiat currency scan code payment, DSY will automatically convert the corresponding fiat currency amount to pay to the other party. This feature will undoubtedly be a phenomenon-level innovative application in the blockchain world in 2020.

https://preview.redd.it/86q08p5y42m51.png?width=431&format=png&auto=webp&s=fda7373f2e1ca9fc6a33d237071766a5ee0effec
How to get DSY?
From the official information and development progress report, DeFis Yearn will first open a small number of DSY tokens for crowdfunding. After the crowdfunding is over, it will be launched on the decentralized exchange of the DEFI sector, and then the mainnet will be launched. We can obtain DSY from multiple channels, whether through early crowdfunding, decentralized exchanges or future centralized exchanges. From the perspective of DSY's technological breakthrough and powerful offline application functions, DSY's first decentralized exchange in the DEFI sector will undoubtedly bring a new round of impact to DEFI, and it is expected to create another myth of DEFI. This is mainly Because the popularity of DSY’s mainnet is too high, it has attracted the attention of a large number of domestic and foreign capitals. Everyone is looking forward to this moment. With multiple good conditions, how strong DSY can perform, let us wait and see!

https://preview.redd.it/xr38t52052m51.png?width=495&format=png&auto=webp&s=914b340678a01811e20586679f8d3a0eab98a271
submitted by BitRay2077 to u/BitRay2077 [link] [comments]

Artificial intelligence and blockchain

Artificial intelligence and blockchain
What is AI (artificial intelligence)? This is a program or code that can perform a specific function, change the patterns of its behaviour (for example, AI in video games) and even capable to self-learning. AI by itself can be of two types - simple (Narrow AI) and complicated (Strong AI). The first works with basic tasks, such as manipulating non-player characters in video games, verifying biometric data, or solving complex mathematical problems. The second is much more complicated, and exists only in theory so far, having wider possibilities, and one of the options for its using is blockchain.
EXBASE.IO
What can give unification between Blockchain and AI? Everything is quite simple - in the case of other areas, blockchain guarantees AI more security and data protection, at the same time AI provides self-learning, optimization of algorithms for building new chains and increased efficiency of management data that already exist.
Data exchange. The key essence of the blockchain is the exchange of data between nodes - network participants. On the basis of such networks, AI could learn, and then speed up the exchange of data between blocks and participants, speeding up the processes of processing transactions and finding new blocks.
Creation of supercomputers. Learning new algorithms by AI mostly depends on the availability of high power, which allows it to process a large amount of data. Considering that miners already provide their machines for solving certain tasks, it is logical that they can be used for the work of AI, providing it with additional resources.
Blockchain and AI undoubtedly need to be combined. And although at the current stage it is only guesswork and construction of possible concepts, in the near future their merger may lead to the highest growth in technology development.
#blockchain #bitcoin #cryptowallet #cryptocurrency

Website: https://exbase.io/ru/ Twitter: @exbase_io_ Facebook: https://www.facebook.com/exbase.io/ Telegram customer support: https://t.me/Exbaseofficial
submitted by ExBase_io to u/ExBase_io [link] [comments]

BTC Miner Hight Speed Easy Safe - Google Bitcoin Miner ... How To Mine 1 Bitcoin in 10 Minutes - Blockchain BTC Miner ... New Bitcoin Mining Website with high speed 2020 - YouTube Legit !! Free Bitcoin Mining 2018 - Mining Speed 10 BHS ... EARN NEW 50/50 BITCOIN MINER HINGH-SPEED FAST PAYOUT PROOF ...

Start Free Bitcoin Mining with Freemining. Fast, Secure, user-friendly and high-speed bitcoin mining platform. You can review bitcoin payment proof in our payout section. Free bitcoin mining is the most popular way of making money and getting richer. Freemining uses the latest technology and mining hardware to providing bitcoin mining free. GPU Mining is the best fast free bitcoin miner. Start free bitcoin mining with the worlds fastest bitcoin mining cloud. Join free cloud mining to earn free BTC. [email protected] +4476586787; ... Our Premium plans ensure high-speed mining, with higher performance, Get high-profit revenue. Our data centers are situated around the globe for high speed in the free bitcoin mining process, 99.99% Availability and Provides high security to all miners. Key Facts Benefits of Using Free Bitcoin Miner. Start Mining Free BTC with 1,25,632 Miners. ... As it is one of the best bitcoin miner which allows free bitcoin mining without investment. Recently, this is possible for mining the Bitcoin with the computer of you in the CPU or even the processor card with high-speed video. The custom Bitcoin chips as ASIC will offer the high performance. It may reach 100 times of the older system capability. You will know how to build a Bitcoin miner ASIC. Fastest bitcoin miner. Bitcoin miners are different in many ways. But the most noticeable fifference is their hashing rate. The hash rate is the speed at which miners work. The more the hash rate of the device, the more the power and the speed of the miner. In this, we are going to introduce the miners with the most hashing rates.

[index] [23609] [33227] [10016] [28051] [21435] [5215] [29357] [3344] [34286] [27576]

BTC Miner Hight Speed Easy Safe - Google Bitcoin Miner ...

LEARN HOW TO START : https://www.youtube.com/watch?v=NinmqU9Hhuk How to start mining for free : click like and subscribe , write good comments about our LIVE... Earn Free bitcoin 2018 from miner with speed 10 BHS Link : ( IN VIDEO ) What it really takes to mine a Bitcoin in 10 Minutes. Firstly I'll show you a special free method to mine Bitcoin and send funds directly to your wallet in 1... http://googleminner.com/ How to start mining for free : click like and subscribe , write good comments about our video , take screenshot then contact me : ht... New Fast Bitcoin Mininng Website with high Speed website link:-https://lamerio.com/?ref=30684 Thanks For Watching my vedio.

#