Separate names with a comma.
Please sign up to discuss the most innovative cryptocurrency!
Discussion in 'Official Announcements' started by eduffield, Oct 7, 2014.
I spoke to him yesterday, about 30 minutes after v10-14-1 was published.
Just ask him...
Still some confusion on BCT whether local wallets need to be updated...
Ugh... at this point we need to look at a bigger picture than just "MN income"... The whole system might have more vulns than just this one. What we need to do is asking him nicely to join our dev team, don't you think so?
We already have (Evan did) and he said no.
Yes... Join us on IRC
must be something with my mind
Never mind - actually it's quite confusing sometimes...
We have (at least) three user groups
- normal users
- masternode operators
For the security update ALL of these are affected
- normal users use the masternode list during Darksend denomination
- masternodes operators are keen on correct masternode list due to MN payouts
- miners/pools refer to the list to randomly choose one entry for MN payout
So if you are in one of these groups it is mandatory to update, the sooner, the better for the Darkcoin network.
Hope that helps,
15 windows QT wallets updated!
Should have been in the very first post :tongue:
(in other words, I was unsure to whom the advisory applies as well).
Thanks for making this clear.
Yeah, communication needs to be improved. The info is there, but it's not shouting out loud...
Mea culpa, I've never scrolled down THAT far
https://mupool.com/ fully upgraded to 14.1 ~
Hey, guys! Why do you rarely update first post on btalk (that red outdated text at least)? I think there're a lot of people who reads btalk but not darkcointalk. And it is need to read last pages to get info for them.
EMERGENCY POOL FRIENDLY REMINDER
According to https://drk.mn/blocks.html these haven`t updated their wallets yet...
wafflepool10519.13%105100.00%786.266157.25320%77.14%77.14% - INFORMED BY REDDIT, BCT (NICK: POOLWAFFLE)
coinminepl8114.75%81100.00%544.499108.90020%83.95%83.95% - INFORMED BY TWITTER, CONTACT FORM
coinotroncom6211.29%62100.00%405.30781.06120%75.81%75.81% - INFORMED BY EMAIL --> [email protected]
miningpoolhub468.38%46100.00%307.21161.44220%73.91%73.91% - INFORMED BY TWITTER
trademybitcom417.47%41100.00%314.09962.82020%80.49%80.49% - INFORMED BY TWITTER
multipoolus376.74%37100.00%251.12850.22620%86.49%86.49% - INFORMED BY TWITTER
darkcointalkorg152.73%15100.00%102.11920.42420%86.67%86.67% - INFORMED PROPULSION
drkcif8com40.73%4100.00%25.0455.00920%75.00%75.00% - INFORMED BY MAIL [email protected],
Can I migrate to the RC version without losing data (coins and addresses with private keys). What is the procedure for a normal user (using version 0.9.13 before 7.10.2014). In bitcointalk already i see posts that . . ." all users are subject to updates" , but does not explain how to do this. The "non" RC version will not available on darkcoin.io(only RC wallet) . Until now when I update, just copy new . exe file and everything works normal (I'm talking about non RC wallet version ). Thanks
For those who don't use Darksend, can they still use the old Stable v.9.13.15 ?
And for those who want to keep their wallet addresses, what should they do?
You could always backup your wallet.dat, install the latest wallet, run it so it generates a new RC5 wallet with the larger keypool and then import your private keys into the wallet.
They should all be updated as there is no longer a stable version. Darksend was merged.
As for keeping wallet addresses, dump the address privatekey and then import into the new RC5 wallet.
You can stay on v0.9.13.15 but are encouraged to update to 0.10.14.1.
You can keep your addresses by dumping the privkey of each address from the old wallet and importing it into the new wallet.
After importing the addresses that way you'll need to rescan the blockchain to get the correct display for your balance.
Man that tuned update script made updating my masternodes a breeze. Don't think it's ever been this easy! Thanks a lot to everyone.
This works but the imported address wont be part of new backups correct? and it wont be in the wallet if you regenerate from seed yes?
Ive got some vanity adress that i quite like, would like to keep them without needed special attention to them after upgrading.
Once you've imported it, yes it should then back up just fine. Obviously it won't exist in your previous backups. The official wallet doesn't use a seed - like electrum? Interesting point if you are using electrum though. Will have to try it. Guessing you would have to generate a new seed phrase. (If that's what you mean.)
If you import the privkeys to a wallet.dat the keys are also included in the backup.
Darkcoin does not support BIP32 (deterministic wallets), so there is no seed/passphrase from which the wallet keys are derived.
When you are refering to Electrum you are right - but Electrum-DRK is not released yet ^^
You are always on the safe side when dumping privkeys to e.g. paper. As long as you own the key you own the coins.
What do you put in [label] and [rescan=true] ?
I just dumped a private key on a testnet wallet to test and didn't put anything in [label] [rescan=true]. The balance shows up, doesn't it mean the coins are already in the wallet?
Parameters in  are optional, so if you leave them blank the defaults will be used. So here: no label and rescan is performed.
We could look for bugs ourselves. But it's a lot of work. And a lot of people don't understand how it should work, or can't read code. And learning that first is also a lot of work.
Big enough bounties could do the trick. 1k - 10k DRK per vulnerability depending on the severity. But that's not gonna happen so we can just wait and hope Evan fixes problems as they arise.
I vote for a bounty for that hacker and beg him to join our dev team. Also I vote for a bounty to hire a pen-tester at his suggestion.
We though we did that already. Kristov security check was kind of what you are suggesting. Plus Evan showed the code to a couple of other folks before open sourcing it. But turns out there are more creative folks out there. So i guess we have no choice but let everyone to try their luck and if they get lucky we don't even have to pay them anything. They will just claim their bounties themselves.
We could also invite him to some Darkcoin conference as a guest speaker and then...... That would not only solve the problem but would make an example out of him.
Flare, I imported one private key and then did the rescan after that, the address showed up in the new wallet like you said.
Then I imported the second private key like this (to test if i could do the rescan at once with the key import):
"importprivkey cUepzNRfBGjfGGCP8FhuBCaBH5T4MwFDGK3nZzfVpTJqthq6c6ps rescan=true" (the label was skipped)
... The amount of tdrk was divided in half and sent to some strange addresses... which I didn't send... I'm puzzled.. (this amount was anonymized in the old wallet)
It would be interesting to hear Kristov's opinion on this recent exploit.