MLSNews

《未闻》区块链技术日报,聚焦业内技术更新,做您最好的眼睛。

View project on GitHub

​MLSNEWS

——————◆ 20190508 ◆——————

  • 【技术】Litecoin Core v0.17.1发布(Litecoin Core v0.17.1 Release)

    很高兴发布Litecoin Core 0.17.1。这是一个新的主要版本,包括新功能,各种错误修正和性能改进,以及更新的翻译。建议所有用户升级到此版本。

    1、创建者建议创建特定事务。他构建了一个包含某些输入和输出的PSBT,但没有额外的元数据。

    2、对于每个输入,Updater会将有关事务所花费的UTXO的信息添加到PSBT。

    3、另一个潜在的更新程序添加了有关PSBT每个输入(可能还有输出)中涉及的脚本和公钥的信息。

    4、签名者检查交易及其元数据,以决定他们是否同意交易。他们可以使用来自UTXO的金额信息来评估所涉及的价值和费用。如果他们同意,他们会为具有相关密钥的输入生成部分签名。

    5、为每个输入运行Finalizer,以将部分签名和可能的脚本信息转换为final scriptSig和/或scriptWitness。

    6、提取器从PSBT生成有效的Litecoin事务(网络格式),所有输入都已完成。

    pleased to release Litecoin Core 0.17.1. This is a new major version release, including new features, various bugfixes and performance improvements, as well as updated translations. It is recommended for all users to upgrade to this version.

    1、A Creator proposes a particular transaction to be created. He constructs a PSBT that contains certain inputs and outputs, but no additional metadata.

    2、For each input, an Updater adds information about the UTXOs being spent by the transaction to the PSBT.

    3、A potentially other Updater adds information about the scripts and public keys involved in each of the inputs (and possibly outputs) of the PSBT.

    4、Signers inspect the transaction and its metadata to decide whether they agree with the transaction. They can use amount information from the UTXOs to assess the values and fees involved. If they agree, they produce a partial signature for the inputs for which they have relevant key(s).

    5、A Finalizer is run for each input to convert the partial signatures and possibly script information into a final scriptSig and/or scriptWitness.

    6、An Extractor produces a valid Litecoin transaction (in network format) from a PSBT for which all inputs are finalized.

  • 【技术】币安被盗7000比特币,交易平台层层安防仍频频被黑,我们该怎么办?(Currency security has been stolen 7,000 bits, and the security of trading platforms is still frequently blackened. What should we do?)

    今早币安发现一起大规模系统性攻击,被盗走 7000 BTC,那些拿着年薪几百万的技术人员,为什么阻止不了黑客的攻击?如果连交易平台的技术人员都阻止不了,那我们这些没有技术背景的普通人自己保存加密资产,会不会更危险?有哪些原因会导致丢币呢?

    1、丢币可能是区块链项目本身的安全性问题

    2、丢币可能是计算机系统的安全性问题

    3、丢币可能是自己开发的软件的安全性问题

    4、丢币可能是用户错误使用导致的

    5、社会工程学攻击导致丢币

    6、交易平台为什么经常丢币?

    7、自己保存可以规避部分风险

    在加密货币的世界里,如何安全地保存自己的加密资产是每一个参与者必须要面对的问题。

    如果自己掌握了最基本的安全知识和相关的区块链知识,将 Token 存在自己掌握私钥的钱包(冷钱包和热钱包)中,无疑是最安全的;但如果经常丢三落四,或是做事比较马虎,把 Token 存在大的交易平台,或是找专业的机构进行托管,或许是更好的选择。

    This morning, Yuanyan discovered a large-scale systematic attack, which stole 7000 BTC. Why can’t those technicians with millions of salaries prevent hackers from attacking? If even the technicians of the trading platform can’t stop it, will it be more dangerous for us ordinary people without technical background to save encrypted assets by themselves? What are the reasons for losing money?

    1、Losing money may be a security issue for block chain projects themselves

    2、Losing money may be a security problem in computer systems

    3、Losing money may be a security issue for software developed by oneself.

    4、Loss of money may be caused by misuse by users.

    5、Social Engineering Attacks Lead to Loss of Money

    6、Why do trading platforms often lose money?

    7、Self-preservation can avoid some risks

    In the world of encrypted currency, how to safely preserve their encrypted assets is a problem that every participant must face.

    If you have the most basic security knowledge and related block chain knowledge, it is undoubtedly the safest way to keep Token in your wallet (cold wallet and hot wallet) which has the private key. But if you often lose things or do things carelessly, it may be a better choice to put Token in a larger trading platform or to find a professional organization for hosting.

  • 【技术】元交易状态(The State of Meta Transactions)

    有一个称为“元交易”或“费用授权”的概念,允许第三方代表用户支付交易费用;

    1、dApp希望用户只使用他们的本机令牌(例如:支付费用)

    2、dApp希望用户使用他们的本机令牌进行治理,投票等,而无需将用户绑定到底层链(这使得链迁移更容易)

    3、简化用户会计。即使是最勇敢的会计师,计算多个账户中每笔交易的资本收益也是痛苦的。

    4、简化密钥管理。有一个主钱包,包含每个设备的资金和儿童钱包

    5、鼓励特定行为。例如:鼓励用户在DEX上添加而不是消除流动性[已经有其他方式可以促进这种情况,例如交换回扣可能更有意义]

    6、如果帐户不需要为交易提供资金,则隐私可能会增加。dApp A的用户也不是dApp B的用户,因为他们通常不需要相互发送本机令牌。

    There’s a concept called “meta-transactions” or “fee delegation” that permits a third party to pay for a transaction fee on behalf of a user;

    1、dApps want users to only use their native token (ex: for paying fees)

    2、dApps want users to use their native token for governance, voting, etc, without users being tied to the underlying chain (which makes chain migration easier)

    3、Streamlining accounting for users. Calculating capital gains for every single transaction across multiple accounts is painful for even the most intrepid accountant.

    4、Streamlining key management. Have one master wallet that contains funds and child wallets for every single device

    5、Encouraging particular behaviors. Ex: encouraging the users to add rather than remove liquidity on a DEX [Granted there are other ways of facilitating this that might make more sense such as exchange rebates]

    6、Potential increases in privacy if accounts don’t need to be funded for transactions. It is not as obvious that user of dApp A is also a user of dApp B as they don’t usually need to send native tokens to each other.

    —————《未闻》(MLSNews)—————

    未来实验室新闻工作室