#stellar-dev on 2015-09-08 — irc logs at freenode.irclog.whitequark.org

00:38 <stellar-slack> <lab> monsieurnicolas: i have a question, how to get current threshholds setting of an account?

00:38 <stellar-slack> <monsieurnicolas> you just need to load the AccountEntry for that account

00:38 <stellar-slack> <lab> i mean outside stellar-core

00:39 <stellar-slack> <monsieurnicolas> Horizon has an API for that

00:39 <stellar-slack> <monsieurnicolas> it's just pulling straight off the accounts table

00:41 <stellar-slack> <lab> got it. thanks for help.

01:51 de_henne_ has joined #stellar-dev

01:55 de_henne has quit [Ping timeout: 264 seconds]

02:08 pixelbeat has joined #stellar-dev

02:30 sv-logger has quit [Remote host closed the connection]

02:30 sv-logger has joined #stellar-dev

03:13 TheSeven has quit [Disconnected by services]

03:13 [7] has joined #stellar-dev

03:29 pixelbeat has quit [Ping timeout: 240 seconds]

05:03 de_henne_ has quit [Remote host closed the connection]

05:05 de_henne has joined #stellar-dev

08:18 pixelbeat has joined #stellar-dev

10:58 <stellar-slack> <sacarlson> ok I have my multi-sign API server now almost done. I'm just short one last function

10:59 <stellar-slack> <sacarlson> to convert a base64 envelope back into binary format

11:00 <stellar-slack> <sacarlson> I have the function to convert binary envelope in b64 but not back again

11:01 <stellar-slack> <sacarlson> without it I'm stuck again

11:14 <stellar-slack> <sacarlson> seems I need more than just convert base64 as I thought I found it

11:15 <stellar-slack> <sacarlson> reverse of this b64 = envelope.to_xdr(:base64) ; so need the reverse of to_xdr also

11:15 <stellar-slack> <dzham> var buffer = new Buffer(req.body.txenv, 'base64'); var envelope = stellar.xdr.TransactionEnvelope.fromXDR(buffer); var tx = new stellar.Transaction(envelope);

11:15 <stellar-slack> <dzham> In javascript

11:16 <stellar-slack> <sacarlson> cool with that I might be able to do a search to find it's match in ruby

11:19 <stellar-slack> <sacarlson> might have found it tr = Stellar::TransactionResult.from_xdr bytes

11:39 dobson has quit [Ping timeout: 240 seconds]

11:45 dobson has joined #stellar-dev

12:10 <stellar-slack> <dzham> Is that for receiving an envelope to sign, or for collecting signed envelopes?

12:11 <stellar-slack> <dzham> (for collecting signed envelopes all you need is the signatures. you can add them manually to the envelope before submitting the envelope to the network)

12:13 <stellar-slack> <sacarlson> it recieves and collects mutli-sign accounts and transactions, the transactions are available for others to pickup and sign. with the server detects it has enuf sigs for the transaction it submits it

12:16 <stellar-slack> <dzham> How complicated was that? I haven’t done that yet. You check the source accounts in the envelope, check the signers+weights for those addresses, check which sigs you have, and if you fulfill the signature requirements?

12:17 <stellar-slack> <sacarlson> the transactions are ided with a tx_code that is a 10 letter hash of the master tx so that users know what tx they are looking for and want to sign

12:18 <stellar-slack> <dzham> Oh, I’m just thinking about how to know when it’s all signed

12:19 <stellar-slack> <sacarlson> yes but presently I don't look inside the tx, I have the user send me the specs to the server at this time

12:19 <stellar-slack> <dzham> ok, ok

12:19 <stellar-slack> <buhrmi> why do you test locally if it has enough signatures? you could just submit it to the network to check....

12:19 <stellar-slack> <buhrmi> if it goes through -> good, if it gets error -> not good

12:20 <stellar-slack> <dzham> It would be cool to have in the ui.. 5/7 signatures collected. Two more needed. Or a progress bar

12:20 <stellar-slack> <buhrmi> wow what kind of transaction are we talking here

12:21 <stellar-slack> <buhrmi> must be super important :)

12:21 <stellar-slack> <sacarlson> I'm not sure that's just how I did it. the user had to have the info to setup the account so this way the account can be created and processed on the server side with nothing but curl transactions needed on the user side

12:22 <stellar-slack> <dzham> @buhrmi: Haha, just thinking ahead :)

12:22 <stellar-slack> <buhrmi> the holy transaction! everybody sign!

12:22 <stellar-slack> <buhrmi> hehe

12:22 <stellar-slack> <sacarlson> it checks it like this:

12:22 <stellar-slack> <sacarlson> it's all done with json transactions

12:23 <stellar-slack> <sacarlson> the only key needed to sign is the master but he can be set to have no weight so it has no security problems even with unencrypted curl transactions

12:25 <stellar-slack> <dzham> @burhmi: seven sigs might have been a bit extreme, but I don’t think six would be that exeggerated

12:25 <stellar-slack> <sacarlson> I made a function to setup a basic account: setup_multi_sig_acc_hash(master_pair,*signers)

12:25 <stellar-slack> <sacarlson> my game runs with 10 players

12:26 <stellar-slack> <dzham> There you go!

12:26 <stellar-slack> <sacarlson> I'm not sure what the limits would be of how many signers

12:26 <stellar-slack> <dzham> 20 sign per transaction envelope is the maximum, I think?

12:27 <stellar-slack> <sacarlson> it auto calculates basic weights so all have to sign by default but you can tweek the hash to whatever you want

12:27 <stellar-slack> <buhrmi> let's make a multi sig acc with 7 billion signers, and a network with only one transaction submitted by this account.

12:27 <stellar-slack> <buhrmi> the one transaction

12:27 <stellar-slack> <buhrmi> wonder what's inside

12:28 <stellar-slack> <sacarlson> I should be able to publish the mostly completed test version by tomaro or the next

12:28 <stellar-slack> <dzham> OK, yeah. 20 is the max. Per account, and per tx envelope

12:28 <stellar-slack> <buhrmi> sounds arbitrary

12:29 <stellar-slack> <sacarlson> cool 10's all I need so I'm set

12:29 <stellar-slack> <sacarlson> you could I guess just chain many accounts so you could have more signers

12:33 <stellar-slack> <dzham> you could maybe chain transactions together.. make a nice little tree

12:34 <stellar-slack> <sacarlson> but at this point it still centralized but the protocol I guess could be used for p2p at some point

12:35 <stellar-slack> <sacarlson> I presently just setup a listening port on 9494 that listens for json commands

15:36 dobson has quit [Ping timeout: 240 seconds]

15:39 dobson has joined #stellar-dev

16:07 pixelbeat has quit [Ping timeout: 264 seconds]

16:27 pixelbeat has joined #stellar-dev

17:00 <stellar-slack> <monsieurnicolas> re: limit on the number of signatures per transaction. Yeah completely arbitrary. It's easier to raise the limit in the future than to lower it when we see how people abuse the system. I tend to think that people are always super creative when it comes to breaking systems :)

17:03 <stellar-slack> <buhrmi> as backoffice-tooling developer as my day job... i can confirm

17:04 <stellar-slack> <buhrmi> "I just broke the systen".. "what did you do?" ... "I just gave it totally unrealistic amounts of artificial load to see if it can handle it" .. "...."

17:04 <stellar-slack> <buhrmi> WELL DONT DO THAT

17:18 pixelbeat has quit [Ping timeout: 244 seconds]

19:20 DomKM has joined #stellar-dev

19:39 pixelbeat has joined #stellar-dev

20:32 stellar-slack has quit [Remote host closed the connection]

20:32 stellar-slack has joined #stellar-dev

22:05 pixelbeat has quit [Ping timeout: 252 seconds]

22:52 <stellar-slack> <scott> FYI: We (the SDF) are going to be resetting the testnet in the next hour or to incorporate https://github.com/stellar/stellar-core/pull/728

22:53 <stellar-slack> <scott> The various libraries (except go-stellar-base), horizon and horizon importer have had their master branches updated to reflect this change (which should land on stellar-core master soon)

22:54 <stellar-slack> <scott> We’ve also pushed ruby-stellar-base 0.4.0 to rubygems to reflect this change, and js-stellar-base 0.4.0 will be landing shortly

23:36 <stellar-slack> <dzham> :(

23:36 <stellar-slack> <dzham> Wouldn’t replay attacks already be prevented by sequence numbers?

23:37 <stellar-slack> <dzham> So you’d have to have the same address + the same sequence number on both networks for it to work?

23:47 <stellar-slack> <monsieurnicolas> yes, you'd just have to wait for the account to be "ripe" for the exploit by watching its sequence number against a database of signed tx for that account.

23:52 <stellar-slack> <dzham> OK, OK, now I’ve read the changes… So you’re basically just changing the signature hash to what it was like in stellard. I just assumed that was the way it was already..

23:52 <stellar-slack> <monsieurnicolas> when it comes to attacks, you normally want to have a completely asymmetric complexity between what a good guy does vs what an attacker needs to do

23:53 <stellar-slack> <monsieurnicolas> I don't think there is such a concept in stellard - the assumption is that people will pick different secrets for different networks

23:54 <stellar-slack> <monsieurnicolas> (or at least it was not configured if it existed)

23:54 <stellar-slack> <dzham> The signature hash is prefixed base on the network.. .STX/0 (live) or stx/0 (test)

23:55 <stellar-slack> <dzham> So this is just a generalization