Jump to content

BellaCoin

DEVELOPER
  • Content count

    189
  • Joined

  • Last visited

About BellaCoin

  • Rank
    BellaCoin / NEOS Developer

Personal Information

  • Gender
    Male
  • Location
    New Jersey

Contact Methods

  • Website
    http://www.bellacoin.com
  1. When Neos was first created, I had a vision for what I wanted it to be. It's been nearly 7 months since an idea born of passion came to fruition and not a day has gone by that development hasn't been active. Each day working with the community and being involved in the crypto space has given invaluable insight as to what people wanted and needed. The community has been an incredible source of not only motivation but support as well. Along the journey through the various stages of development, the requests that have been made have mostly made it to development and production. There are a few outstanding ones that have been pending for quite some time now. The reason for that was simply Neos just wasn't ready for it. One missing key component was security. Today however, that is not the case. Today I am pleased to announce the new Neos platform, code named Kratos. Kratos in Greek mythology symbolizes power and strength. That is exactly what Neos represents. A powerful system with a strong development team behind it and an even stronger community presence. Please watch the screencast before installing Neos 2.1 as it contains important information regarding the upgrade process to prevent any chance of wallet loss or corruption. ( ) Some technical and network details: Algorithm: SHA-256 Total money supply: 21 million Block reward: 50 Neos Block maturity: 120 confirmations Transaction confirmations: 6 Halving occurs every 210,000 blocks Transaction fee: 0.00000001 Neos Difficulty adjustment: every block using Dark Gravity Wave Some of the standard Neos features include: In-wallet trading (one-click withdrawal, mass order cancellation, one-click deposit, order executions, candlesticks) An in-wallet block explorer Encrypted messaging Live statistics and market data In-wallet personalized mining worker stats and multipool stats In-wallet mining calculator Dashboard news as polled from our Twitter account Multi-currency conversion data (BTC and 21 different currencies supported) The ability to export your transactions to 3 different formats (Excel, CSV, and JSON) Personal aliases for receiving both Neos and messages One-click wallet updates with automatic notification of new updates Automatic 24-hour backups of your wallet Market data and statistics (Neos in circulation, market cap, averaged value, averaged global trade volume) Now onto what has been the primary focus in Neos 2.1: The authentication system and our unique theft recovery system Firstly I'll explain a few key points to our approach in effort to secure your Neos platform: Each installation is unique to itself. Your wallet files aren't transferrable to another Neos install. This prevents someone for example from replacing your files with modified wallet files to gain access or corrupt it. Your Neos configuration is no longer plaintext. In earlier releases of Neos, conf.php was plaintext and that just isn't acceptable to me. Tamper-evident: if someone tries to circumvent the system by various methods, the wallet will cease to work until support is contacted. There is never a legitimate reason to remove Neos wallet files, and the only time this would occur is if someone intentionally has done so. Authentication is handled by a custom system I've written that doesn't utilize cookies or sessions. Your auto-logout time can be adjusted in your Neos settings. Passwords are encrypted using blowfish, salted, and with 15 rounds of hashing. Authentication isn't instant, and that's by design. Decoy system: upon entering the system with a bad password, it won't seem any different from a valid login. In fact, it will allow the attacker to proceed with nearly every function that they would be able to had they logged in with a valid password. From sending Neos, to withdrawing it from exchanges - it's all fabricated and very convincing and while they think they're in the process of robbing you blind, they're actually just being kept busy while you're notified of it. Notification system: upon bad login, if you've registered an email address with our security system, you'll be notified with details when someone attempts to break into your wallet. Two-factor authentication: in your Neos settings, you have the option to configure your Google Authenticator for Neos. Simply scan the QR code, verify the code from your phone and save your settings and you're now protected with two-factor auth the next time you attempt to log in. Upon logging into the system even with a bad password, but a proper two-factor code - you will enter the decoy system. Upon startup if either Neos or PHP are modified, you will be notified and given the option to download the proper (clean) files before Neos even starts, preventing risk of accidentally running a wallet stealer or virus someone has placed on your system. Something new introduced I've always stated Neos was a creation out of passion for crypto and what it represents: freedom. I've also expressed my distain for those wishing only to flourish by means of theft. Every time I hear of either a scandalous exchange closing down due to apparent theft, or people having their coin stolen via wallet stealers or computers stolen I cringe just as crypto does as it's being punched in the proverbial stomach. I'm not here just for Neos, I'm here for crypto and the community in general is something I value. With that being said, I wanted to code something that would serve not only the Neos community but potentially the entire community. With that being said I present to you with Neos Kratos - our thief locator and fund recovery system. I'll outline the possible scenarios in which this system is useful and what it's capable of and then take a less technical approach in my explanation. 1. Someone sends out a wallet stealer disguised as another coin, you run it - your funds are gone but the thief has your wallet now even if it's encrypted. 2. Someone breaches an exchange and steals the wallet files from it 3. Someone steals your laptop with your wallets on it Here's what's going to happen as a result in each one of those situations: 1. You're going to be notified via e-mail as to the location of the thief as precisely as possible using geo-location methods. The data provided can then be used in locating the offender. 2. You're going to receive your wallet back via email How is this beneficial in general? Well, let's take into consideration wallets swiped from an exchange. You've now (along with many other folks) have lost your Neos, Litecoin, and Bitcoin for example. The thief loads the Litecoin wallet, sends it out if possible to dump it. He takes the same steps with the Bitcoin wallet. Next he loads the Neos wallet. The moment he does, he's not only outed himself but has also provided crucial information that helps take the guess work out of "Who stole the wallets?". This can lead to reconcilliation and assist in loss prevention. Alongside that, the exchange also receives their Neos wallet back via email. Now, in scenario #2 the same applies as the above mentioned outcome. You not only will be able to find out where your Neos wallet went and the attacker, but also recover at least your Neos wallet and hopefully in the end - your other wallets. In scenario #3, your wallet can be marked as "Physically Stolen" and once Neos is turned on, locate your laptop or device. The above system is active, and pending community feedback will become more militant and finely-tuned. There are additional preventative and recovery options I have developed but they are a bit more aggressive - however they are pending response from an attorney well-versed in crypto as well as other areas. As we fine-tune this system and get community feedback, I'm confident it's going to be an incredible asset to both Neos and crypto in general. With everything above taken into consideration I'll address a feature that everyone has been requesting for some time now and the reasons it wasn't included are straightforward: I didn't feel it was prudent to provide an in-wallet marketplace or other spendability options with a system I didn't feel was secure enough to protect the community from potential loss. A custom marketplace is already in development now utilizing our new system with an as-of-now unknown ETA. Just as we have done with Neos since the first day, we're taking the appropriate measures to do it properly. At the moment, pending funding for an already-created prototype we have a hardware wallet in development that utilizes the new Neos system and is in plain English - pretty damned cool. So where is Neos headed now? In the same direction we've been heading in for the past 7 months - forward. With the introduction of these new features and a few others in development we're sure to have our hands full over the next coming months. One thing I can happily say is that we're currently being processed by LitePaid.com and coingateway.net. As more services accept Neos as an option that have APIs, you can bet we're going to be developing for those services to the best of our ability - with a unique approach. Something else as by community request we're considering - is a hosted wallet option. As with everything we do, serious consideration and forethought is being put into this and updates will be made public as they become available. I'm also in the process of developing a "My Neos" center for the community for various purposes and utilities. You can download Neos 2.1 here: Windows: http://www.neoscoin.com/windows osX: http://www.neoscoin.com/osx Debian Linux: http://www.neoscoin.com/debian Ubuntu Linux: http://www.neoscoin.com/ubuntu Our website will be getting re-designed by yak this week to reflect the new direction we're heading in. You can buy Neos at the following exchanges: https://www.bittrex.com https://www.poloniex.com https://www.bleutrade.com https://www.utxnet.com We're also on the vote list at https://www.cryptsy.com/coinvotes We take support very seriously and provide it with no cost and no limitations. Our support options are via telephone, skype, teamviewer, IRC, and our forum (http://forum.neoscoin.com). Without our community, we wouldn't have a reason to do what we do - and we thank you for that. Other resources: Our reddit: http://www.reddit.com/r/NeosCoin Our twitter: https://twitter.com/NeosCoin Chat with us on IRC: https://kiwiirc.com/client/irc.freenode.net/#neoscoin A screencast demonstration of the abilities described here in Neos 2.1: If you need assistance in migrating your old wallet to the new Neos 2.1 system, please don't hesitate to contact me. I strongly urge everyone if they haven't been running Neos 2.0.2 (automatic backups) to make a copy of your wallet.dat somewhere safe first and THEN copying it to your new Neos installation. This will be the last time a full installation/replacement will need to occur. Everything developed over the past 7 months has lead to where Neos was intended to be. It's been a process along the way, but we're finally here and I thank you all for your support along the way and patience. Best regards, syntaks
  2. For some reason this editor keeps screwing up. Circling back after other posts made.
  3. Hey Hashlink, We do of course. We only wanted to make sure we had at least 1 initial pool per algorithm available on launch. The wallet source will be available on the date of launch, August 30, 2014. There aren't any particular requirements we're just happy to have your support. I would suggest though using pool software with an API that we could tap into for our community so your pool(s) had the same opportunity to display within the wallet as ours do. Regards, syntaks
  4. Hey FiniteRed, Thanks a lot for the compliments and I'm glad you got your stardom through the screencast also =) I'll address each question in order of appearance and hopefully it'll clear things up for you and anyone else that's curious. 1. It's 100% local, never hosted. As much as I wanted to do something different, putting people's funds at potential risk by designing a hosted wallet wasn't one of them. =) On Linux and OSX it just runs the PHP binary which has a built-in server and on Windows it runs a compiled version (standalone .exe). When you start the wallet interface, it listens on 127.0.0.1 on a non-standard port. 2. The reason we have a farm is to randomize certain functionality and data handling. Basically you would have to be able to pinpoint which server and when and then successfully exploit it. While security was a key concern and development continued with it being top priority, I'm still having a pen tester do his best to verify our configuration and approach is as secure as possible. As far as being ordered by law to show transfers, I'd have to verify that with an attorney. This as I said is all for educational purposes and is all a grey area from what I've been told by some other associates' counsel. I'd like our own to verify certain aspects of this though but I would imagine if the hosting were to be provided in a region not falling under such law, we would not be required to comply. The IPO timeline isn't just for fund gathering, it's also for tasks such as having the pen tests done and certain other details ironed out. 3. The only "centralized" element I guess you could say would be the Arbitrush servers. Other than that, none. 4. The coinbase is open-source, the wallet interface is not. For many reasons the wallet interface isn't. Some might frown on this, but it's just the interface, not the underlying coin itself and it was done with best interests in mind. You are in no way being seen as trying to pick holes. You've raised some very good questions and hopefully I was able to shed some light for you and any others wondering the same thing. Regards, syntaks
×

Important Information

By using CRYPTOCURRENCYTALK.COM, you agree to our Terms of Use.