Wednesday, April 7, 2021

High-level Overview of Lisk Interoperabilit

 



We already revealed that the Lisk interoperability solution aims to enable general cross-chain messages. In this blog post, we now explain how this is achieved by providing a high-level overview of the Lisk interoperability solution similar to the online presentation given in the "First Glimpse at Lisk Interoperability" at the Lisk Updates from the Lisk Center, Berlin event from November 2020. Moreover, we can now unveil our updated roadmap that contains all the objectives of the blockchain interoperability phase.

Technical Solution
Our interoperability solution is based on the paradigm of cross-chain certification introduced in detail in the previous research blog post "Introduction to Blockchain Interoperability". Basically, cross-chain certification means that information from one chain is submitted to another chain utilizing a signed object called a certificate. Let us see more specifically how this will work in the Lisk ecosystem.

Cross-Chain Update Transactions
We will now consider the simplified case of two interoperable chains, where one is the sending chain and the other one the receiving chain. To send information from the sending chain to the receiving chain, the first step is to include a transaction on the sending chain. This transaction then emits one or more cross-chain messages which carry the relevant information that is supposed to be sent to the receiving chain. The cross-chain messages are then transferred to the receiving chain. However, we do not send a cross-chain message to the receiving chain right after the corresponding transaction was included. Instead, several cross-chain messages, possibly from multiple blocks or even rounds, are collected together and are put into a cross-chain update transaction, which is then posted on the receiving chain. This concept is also illustrated below in Figure 1. Cross-chain update transactions are in fact the main transactions facilitating interoperability in the Lisk ecosystem and our realization of cross-chain certification. Therefore, we also called the general technique "cross-chain update" instead of "cross-chain certification" for simplicity in the online presentation given in the "First Glimpse at Lisk Interoperability".

Cross-chain update transactions
Figure 1: The transactions t1 to t3 are included in the sending chain over the course of some blocks, where each one emits one cross-chain message, denoted by m1, m2, and m3. The cross-chain messages are put into one cross-chain update transaction, denoted by CCU, that is posted and included in the receiving chain.


The Lisk ecosystem will, of course, consist of more than just two chains. Therefore, the solution is also slightly more sophisticated than previously explained. That means, for example, that a cross-chain update transaction may contain several cross-chain messages that target different chains. This will be further explained in the sections below.

Note that there is no rule on how many messages must be collected before a cross-chain update transaction is created or for how many blocks one must collect messages before creating one. There is full flexibility, and any user could create a cross-chain update transaction whenever they want by taking all cross-chain messages that were not put into a cross-chain update transaction before.


Content of Cross-Chain Update Transaction
Cross-chain update transactions consist of the following three major parts:

The cross-chain messages.
A certificate.
Information about the current validator set of the sending chain.
We already described the first part, the cross-chain messages, above.

A certificate is an object containing information from a finalized block header that is signed by a large portion of validators from the sending chain and thus authenticates a finalized state of that chain. An authenticated finalized state is a requirement for accepting cross-chain messages on the receiving chain. That means a cross-chain message is applied on the receiving chain only if it was attested that the corresponding transaction on the sending chain belongs to a finalized state.

With the information about the current validator set of the sending chain, the receiving chain knows which validator set is eligible to sign the next certificate.

Neo N3 Official TestNet Launch

 




After 5 Preview versions, the first release version of Neo N3 (Neo N3 RC1) has been released on 16th March 2021. The most significant upgrade in this version is the integration of NeoFS system into the Oracle module. Numerous improvements and fixes have also been applied in this version for State Root service, Policy native contract, opcodes and etc.

NGD will perform the Neo N3 RC1 TestNet upgrade from UTC 6:00AM to 9:00AM, 25th March 2021. The TestNet might be temporarily unstable during this period. We are sorry for any inconvenience caused.

The comprehensive list of improvements and optimizations in this version:

NeoFS API Completion & Integration into Oracle
neofs-api-csharp is now completed and has been integrated into the Oracle plugin in this version. The NeoFS master nodes in this TestNet are now Neo-go nodes by NeoSPCC and will operate as a side chain. Neo nodes will interact with them through the NeoFS API. These Go nodes will be fully migrated to corresponding Neo master nodes in a later stage.

State Root Improvements
Since the last release, a number of new features and fixes have been added to the State Root service. A new P2P functionality has been added to include the ExtensiblePayload to send signatures. Many bugs are also fixed, such as fixing a faulty logic where the state root witness could be null, checking the magic before enabling state root console commands, and fixing hash calculation logic and etc.

New Opcodes
Two new opcodes POW and SQRT are added into the Neo contract system, which can be used to calculate the power and square root of a value, respectively. This addition will simplify the smart contracts development experience on Neo. Corresponding logic changes across the neo-core, NeoVM, and .NET devpack were also completed.

Other improvements and optimizations
Introduced the concept of side-chains to allow plugins to load with multiple NeoSystems
Added new interfaces on native contracts to record update history
Adjusted some system call fees to match resource requirement calculations
Separated CpuFee and StorageFee for clearer and more rational fee calculations


GET Protocol — The ticket NFT production line

 

getNFTs are rolling off the production belt!
After a full year of focusing on testing locally the first getNFT mints have finally hit the public ledger over the last weeks. Over the last 72 hours more than 35 000+ getNFTs have been minted by GETs 'playground' runner.
This runner is only the mocking the back-filling of 120 000 backlogged tickets in our system. The actual back-filling of the tickets will be done if the mocked back-filling is completed.
Isn't minting easy?
It is. However it isn't the mint that we are testing here. The process of minting and back-filling involves far more complex actions as only the minting transaction. Before a mint transaction is sent to the getNFT contract on-chain a lot has happend in the backend of both the ticketeer as well in GETs servers running the getEngine and getCustody. It is these processes that require attention and monitoring. The diagram below gives a rough overview of what is going on behind the scenes.

Diagram showing all the processes that occur for a blockchain transaction to occur. Every new ticket owner is assigned a fresh wallet address on the fly, this address will be the owner of the NFT. After a successful mint the ticketeers backend is provided the location of the NFT. This will allow ticket holders to view their smart ticket 'on chain' in the near future!

Better safe than sorry
The minting process requires several database writes and callbacks to databases of our ticketeer integrators. As the production databases serve thousands of people on a daily basis we need to be certain flusher doesn't disturb stability of these systems. Due to this we need to be very certain that our back-log mints and data-writes do not slow down or cause unexpected errors. So for no issues have been observed — steady as she goes!

Next week we'll start the back-filling the backlogged tickets using the live systems. This will cause the registration of more than 120 000 tickets and 200+ events!

getNFT blockchain privacy
When observing the getNFT ownership one might notice that each wallet at most owns 1 getNFT. This isn't because all the ticket holders don't have any friends or because they are overly compliant to covid laws. In the getNFT system each ticket lives on its own fresh wallet.

1 wallet, 1 NFT — it is only fair.
To ensure privacy getNFT does not recycle wallet addresses — ever. Meaning: 1 ticket — 1 owner — 1 wallet. Always.
If a user buys 5 tickets, these will be registered to 5 wallet addresses with 1 getNFTs each . Even though these wallets 'belong to each other' as they are seeded from a HD wallet — for an outsider observing the blockchain this connection can't be made (mathematically impossible to do so).
This means that for an outsider it is impossible to identify a user based on the amount of tickets owned — as this can be an identifying factor (one of many). No data is leaked — at all, at any times. There is no way a person can be DOXed — even if external data is included (like Facebook attendance data).

Privacy first
Privacy is a serious matter. The fact that with a blockchain all records are public domain and cannot be deleted on request makes it even more persistent. For example we would be technically unable to comply with a GDPR right to be forgotten request without lobbying for an Ethereum hardfork.

Transparency as a service — getScanner API
In the previous blog I shared some details on how anybody (with knowledge of blockchain explorers) is able to query the getNFT smart contract to get to know more about a certain event or particular tickets. Surely copying hashes in a clunky smart contract interfaces isn't how we envision the future of ticketing to be experienced.
Our growing blockchain team is working on a kick-ass ticket explorer. However, we do not want us to be the only ones serving up the blockchain data. One of the reasons the blockchain space is so vibrant and innovation is so fast paces — is due to the fact that all data and tools are accessible for anyone, anywhere without consent. Allowing anybody to build on the GET Protocol is one of our key objectives. Open sourcing the code base is only part of the solution. Ensuring that the ticket/NFT data is easily queried is maybe even more pressing.

Those wanting to use our getNFT assets or registered event data in their own app or site should not have to study the Solidity ABIs. Requesting data about a ticket should be as easy as doing an API call. This is why we are offering an (open sourced) node repo called getScan. The diagram shows the pivotal role these nodes will play in tying everything together.
Some example queries:
Fetching event data
Fetching ticket owner data.
Fetching ticketeer data.

We expect to publish the full documentation for using the getScan API next week!

V4 of getNFT contracts
A key point of using a blockchain as data-storage mechanism is that the data is immutably registered. No do-overs, no edits, no censorship. This 'blockchain feat' is pivotal in solving the inefficiencies in the ticketing sector — as these are caused fundamentally by distrust. This immutability does pose challenges from the continues development side of things.

Upgrading the immutable
With blockchain data written is immutably stored. Data can technically be deleted, but it will remain possible to lookup what its previous state was. The code writing the data is also persistent(by default). As GET is constantly improving and adding new features this immutability poses a challenge if one wants to incrementally improvement and add features.
When using the default smart contract deployment process, every change to smart contract code would result in a completely new smart contract address for getNFTs. Causing a wild growth in getNFT contracts. Surely this isn't viable — luckily there are several Solidity design patterns that allow developers to upgrade contracts while keeping persistent storage.
After a long period of research and testing we completed a up-gradable version of our getNFT Factory contract as well as the event metadata contracts. A diagram showing the architecture of our approach is shown below.

Financial Guru Dave Ramsey Advises What to Do With Bitcoin Investments

 



Personal finance expert Dave Ramsey has given some advice on what to do with bitcoin investments. While acknowledging that the cryptocurrency has had a "fabulous" run, Ramsey still prefers putting his money in more "proven" investments.

Dave Ramsey Still Not a Fan of Bitcoin
Famous radio show host and best-selling author Dave Ramsey gave some advice about bitcoin on The Dave Ramsey Show last week.

The self-proclaimed personal money management expert, Ramsey calls himself "America's trusted voice on money." He is the author of seven best-selling books: Financial Peace, More Than Enough, The Total Money Makeover, EntreLeadership, Dave Ramsey's Complete Guide to Money, The Legacy Journey, and Smart Money Smart Kids. Altogether, they have sold more than 11 million copies.

Ray from Louisville, Kentucky, called into The Dave Ramsey Show to ask for advice about his bitcoin investment. "In late 2019, my income roughly tripled," he began telling his story. "And in 2020, I got real aggressive with paying off debt and I was able to clear off a motorcycle debt, all credit cards, and the last two items are now a house and a car." He also bought BTC last year. "I bought bitcoin, and it's ballooned into this huge account now, worth roughly a hundred thousand dollars."

He added: "One of the things I want to do with it is obviously pay off the car but it's not quite enough to pay off the house, so I guess my question is do I wait with this volatile asset or do I sell it and move into something more traditional?" While noting that over the course of 2020, his BTC investment rose 649% and "the expectations are that it could go even higher," he said bitcoin "is a volatile asset" that "swings now every day." He admitted: "I'm just nervous about keeping this large amount of cash in this volatile asset but still having to worry about a house that I'd like to pay off in the meantime."

Ramsey commented: "You've got Vegas problems, man. I mean you walked up to the slot machine, put a quarter in and it dumped a bunch of quarters out and now you have this temptation to think that's a plan." The financial guru added that this is "the problem with anything that is extremely volatile," emphasizing that the investment is "unpredictable."

The personal finance expert proceeded to tell Ray what he would do if he were in the same situation with a bitcoin account that had appreciated to $100K:

I would cash it all out tomorrow. I wouldn't have been in it in the first place though.

Ray tried to justify his bitcoin investment decision. "I'm single. I felt I could afford to take the risk. I had a snowball plan for all the other items," he said.

Ramsey responded: "You can do whatever you want to do. But, you're asking me what I would do. I wouldn't have been in it the first place and I wouldn't stay in it. I would cash it out tomorrow, and I would put the money in some commonsense things."

He also pointed out: "You're sitting here explaining to me all the problems with the investment. You already know what you need to do. You just want somebody else to say it out loud." The finance guru concluded:

Take your fabulous income and use that to build wealth with. That is a much more proven strategy to build wealth than playing volatile assets.

"Buying gold, or buying commodities, or buying bitcoin, or buying currencies, I mean, there're a lot of volatile [assets]. You can do options. You can be selling short on the market. You can be day trading. There're all kinds of things you can do and occasionally make money at it, and most of the time end up losing it … bitcoin is in that category. It's a high-risk play," Ramsey described.

He further explained, "Bitcoin's had a fabulous run in the last year but that doesn't mean it's an investment you need to do." Similarly, "Gold had a fabulous run for a while there but that doesn't mean it's an investment you need to do. These commodity plays and currency plays are just dangerous," he opined.

In conclusion, while emphasizing to Ray, "You do what you want to do," Ramsey noted:

I have zero money invested in that type of thing. I worked too hard for it and I really don't have any desire to lose it. The government takes enough of it without me losing it.

Ramsey has long been a bitcoin skeptic. In December last year, he gave similar advice to another BTC investor who turned his $1,500 bitcoin investment into $120K. At the time, Ramsey doubted that the bitcoins could be cashed out, calling the cryptocurrency "funny money."

Friday, February 26, 2021

Cryptocurrency Adoption Passes Another Milestone Surpassing 100 Million Users

 


According to a new study conducted by Crypto.com, the total number of global cryptocurrency users has surpassed 100 million for the first time ever. The study, which measured the cryptocurrency marketplace's size using onchain metrics, survey analysis, and internal data, recorded 106 million cryptocurrency users in January 2021.

Compared to December 2020, the 106 million users represent a 15.7% increase in just one month. What's fueling the growth of the crypto market? According to Crypto.com's research, it comes down to bitcoin adoption momentum.

Eric Anziani, Crypto.com COO had this to say to Bitcoin.com regarding the research's findings:

Our study improves upon previously used methods to find a clear trend of growing cryptocurrency ownership. As more companies and merchants adopt cryptocurrencies as a treasury asset and means of payment, we expect 2021 to be a banner year for crypto mass adoption, bringing us ever closer to our vision of 'Cryptocurrency in Every Wallet'.

Bitcoin smashed through its previous all-time high, pushing its market capitalization past $1 trillion. The growth shows no apparent signs of slowing down either as sentiment around cryptocurrency increases, especially as JP Morgan and BNY Mellon will start offering digital payment methods. Not even two full months into the year yet, investors are piling 10-digit figures into bitcoin. Tesla bought $1.5 billion of bitcoin at the beginning of February, and investment website Motley Fool announced a $5 million investment just a week later.

Bitcoin isn't the only thing that's fueling the demand for cryptocurrency. Several other factors are at play too. Crypto.com's research attributes this rapid ascent to the growth of the decentralized finance (defi) market, the ability to buy, sell, and hold cryptocurrency through Paypal, and the institutional adoption of cryptocurrency are attracting new crypto users every day.

Defi Momentum is Growing
The defi market's momentum is significant given the increased demand for ethereum and other altcoins like Binance's BNB. The total market capitalization of coins locked in defi has grown from $690 million to over $11.7 billion, a significant number that's encouraging new investors to enter the market.

According to Crypto.com's research, ETH's growth rate was higher than BTC in November and December 2020; BTC's unique users grew by 1.5% in November compared to ETH's 2.8% growth. In December, ETH's change was nearly double that of BTC's: 2.8% compared to 1.2%.

How accurate are all of these numbers? A total number of 24 exchanges were included in the research, and while Crypto.com has updated and improved its methodology since its last report, it does admit these figures may be subject to some small caveats.

South Korea back on track to roll out 20% digital currency tax by 2022

 

South Korea is reportedly bringing forward—yet again—plans for a tax on digital currency profits, which will see gains liable to a 20% tax, according to local media.

Reporting on an announcement from the Ministry of Economy and Finance, the Korean Herald said profits from trading and holding digital currencies in Korea would be subject to the new tax from as early as January 1, 2022, as part of the country's commitment to establish a more robust legal framework for digital currency dealings.

The tax is liable on gains of over KRW2.5 million, roughly equivalent to about $2,300. Any gains up to that level will not be liable for taxation, but must still be reported to the tax authorities at year end, as with other forms of income.

The country had previously sought to introduce the tax in 2020, but encountered significant pushback from the digital currency community. Several delays in policy followed, including pushing a previous 2022 deadline back to 2023, until the latest announcement.

With the latest update, it looks as though the tax authorities are set to impose the levy from the start of 2022, in line with the reclassification of digital currencies as financial assets.

Digital currency inherited and gifted will also be subject to the tax, according to the reports, which the Herald says will be calculated using weighted average values for digital currency over a period of time.

"In such cases, the price of the asset will be calculated on the basis of the daily average price for one month before and one month after the date of the inheritance or gift."

The tax has again met with local opposition, with some 38,000 citizens having signed a petition against the plans to introduce the tax.

Nevertheless, the authorities are intent on pressing forward with the new levy, as part of its ongoing process of overhauling securities laws.

Saturday, January 30, 2021

Blockchain and Smart Contract Developer Waves Confirms Odyssey Hackathon was Held Online this Year, Shares Other End of Year Updates

 


Vladimir Zhuravlev, a Gravity Tech and Waves Association developer, notes that for several years, the Odyssey hackathon (held in the Netherlands) had offered opportunities for software engineers to collaborate on various projects.

Zhuravlev revealed that this year, Odyssey was hosted online for the very time (due to COVID). The event's team tried to ensure that the hackathon would be a unique experience for all participants. They introduced a 3D online arena that connected all 105 teams, jedis and challenge hosts in one virtual space, Zhuravlev noted.

He added:
"The Waves Association was honored to participate in the event in several aspects. First, the Waves protocol was suggested as a building block with support from Waves Jedis: Rob van de Camp and Inal Kardanov. Second, the Waves platform was used for issuing awards to winning teams. Non-fungible tokens (NFTs) for digital art were created on Waves and sent to participants as a special prize."

The Waves team took part in the hackathon as one of the 105 competing squads, Zhuravlev  confirmed. He also mentioned that the challenge that the team attempted to solve was provided by the Dutch police: Inclusive Safety Communities that "coordinate citizens in emergency situations." (Note: for more details on this update, check here.)

Waves has also teamed up with UNION for asset protection.

UNION will be providing its collateral protection product to various lending protocols that use Waves' Neutrino USD (USDN) and smart contract protection to the inter-chain communication protocol Gravity.

John Liu, CPO of UNION, stated:
"Waves' complete decentralized finance (DeFi) solution with a broad market reach is the perfect platform for building UNION's complete DeFi protection. We look forward to advancing the industry together in 2021 with an inclusive, safe, and accessible portal."

Sten Laureyssens, Strategic Advisor for the Waves Association, remarked:

"The [steady] growth of USDN allowed us to identify demand for advanced risk management and asset protection products. UNION's mission to offer full-stack DeFi protection that decreases the barrier to entry for retail, while advanced enough for institutional investors, is accurately aligned with our approach. As we step into 2021, our integration through Gravity will be a vital-for-growth milestone to reduce multi-layered risks in our ecosystem."

UNION and Waves will work on liquidity provision programs such as the UNN/USDN liquidity pool on Uniswap, a UNN/USDN pair on Waves.Exchange, along with support for the UNN/USDN pair on UNION's Geyser liquidity pool.

Additionally, UNION will be used in Waves' products based on the lending model. For example, users of these products will be asked to choose over-collateralization protection (OC) for "a premium." As noted in the announcement, "in the case of a liquidation trigger, should the OC ratio fall below a specific threshold, the UNN protection product will be called to fill the portion of the OC protected while the borrower pays the remaining difference."

UNION will also be working closely with Waves on issuing a smart contract protection instrument for Gravity early next year. The product will aim to offer additional security to the technology, "ruling out human factors, such as node collusion." Gravity currently utilizes "mathematically proven multi-party computation (MPC) security for its assets held in decentralized custody." UNION will offer "an additional protection layer for users of Gravity's cross-chain system," the announcement confirmed.

Deposits via Gravity, USDN-related (decentralized applications) dApps or future Waves lending protocols will "initiate a prompt to add a specific protection product for a premium or forgo the protection before finalizing the deposit." UNION will "render an intuitive integration and UI for the product, simplifying the asset protection process for Waves users," the announcement noted.

UNION is a full-stack protection platform that aims to lower costs and risks in DeFi by offering a modular infrastructure for the development of advanced coverage products and risk management tools.

As noted in a blog post by Waves Protocol:
"UNION's platform enables the creation of asset protection products based on organic market demand, ranging from discretionary smart contract coverage to complex derivatives on credit default risks and coverage for impermanent loss of liquidity providers. UNION's platform is composable and decentralized, offering secondary markets for protection and an inclusive no-KYC ecosystem."

India’s central bank exploring the need for digital currency

 


The Reserve Bank of India is exploring the need for a digital version of its fiat currency. In a recent outlook on payments in the digital era, the bank justified its earlier apprehension, but revealed that it's now open to the possibility of a digital rupee.

The RBI has come to be seen as one of the greatest impediments to digital currency adoption in India. It has previously banned commercial banks from processing digital currency-related payments. This decision was overturned in March 2020 by the Supreme Court, however.

In a new report, the regulator has now revealed it's warming up to the possibility of a central bank digital currency. The report stated that digital currencies have gained great popularity in India. Regulators in India have taken a keen interest, while at the same time being skeptical about the associated risks. It added:

"Nevertheless, RBI is exploring the possibility as to whether there is a need for a digital version of fiat currency and in case there is, then how to operationalise it."

The report is just the latest suggestion that the bank has left the door open when it comes to a CBDC. A year ago, the country's National Institute for Smart Government (NISG) published a draft National Strategy on Blockchain advocating for a digital rupee. It recommended a permissioned blockchain rollout for the CBDC.

The Institute, which consults for state and the national governments, believes that a digital rupee would allow Indians to monetize their data.

"Unlocking the value of the data in the hands of citizens in a secure manner could give a big boost to citizens' disposable incomes," the Institute stated.

Two years ago, the RBI created an inter-departmental group to explore the feasibility of a CBDC. It cited the emergence of private digital tokens and the rising cost of minting fiat currency as key reasons for the CBDC. The RBI never made the findings of the group public. It, however, shelved its digital rupee plans in 2019.

"The government doesn't want the digital currency any more. It thinks it is too early to even think about a digital currency," a source told a local outlet.

Thursday, December 24, 2020

XRP Token Plunges Nearly 40% Following the Announcement of SEC Charges Against Ripple

 


Ripple's XRP has lost almost 40% of its value after the token price dropped from $0.51 on December 21 to $0.31 at the time of writing. The token's plunge appears to be the result of legal proceedings initiated against Ripple by the US Securities and Exchange Commission (SEC). At the time of writing, the fourth-ranked crypto token had seen traded volumes of $4.85 billion recorded in 24 hours.

$1.3 Billion Lawsuit
As data on markets.Bitcoin.com suggests, the sell-off of the XRP token appears to have been sparked by Ripple CEO Brad Garlinghouse's warning that the SEC was about to launch legal proceedings against the company. A day later, the SEC announced the $1.3 billion legal action against Ripple and two of its executives for allegedly conducting an unregistered security offering.

Meanwhile, as the XRP token continues to plummet, an angry Garlinghouse has accused the US regulator of being biased against Ripple while appearing to give a free pass to BTC and ETH. In its determination, the SEC says the XRP is a security and therefore is subject to the dictates of the US Securities Act. Garlinghouse, who has previously threatened to exit the United States due to its regulatory approach, rejects the characterization of XRP as a security.

In his many very public attempts to push back against the SEC, Garlinghouse says the XRP token is a fully functional currency that offers a better alternative. He adds that alongside bitcoin and ether, "the two Chinese controlled virtual currencies" according to the company, XRP ranks as one of the most capitalized cryptos.

Crypto Community Reacts
However, the latter comment appears to have prompted a swift response by some bitcoiners and the ETH creator Vitalik Buterin. In his tweet, Buterin accuses Garlinghouse and his team of "sinking to new levels of strangeness." The ETH creator adds:
They're claiming that their shitcoin should not be called a security for *public policy reasons*, namely because Bitcoin and Ethereum are 'Chinese-controlled.'

Also weighing in on the controversy is Mike Novogratz, the CEO of Galaxy who says he "finds it strange that Clayton waited years to do this."

On the other hand, Ryan Selkis thinks the SEC is going to lose this case because it is "outclassed on legal." He adds that the classification of XRP as a security "further hurts the U.S. businesses while global companies will continue to make these markets."

Meanwhile, at the time of writing reports emerged that the Hong Kong trading platform OSL had suspended XRP services as a result of the SEC lawsuit.

Trezor warns of phishing attack targeting users

 


Trezor has warned users of its hardware wallet about a phishing scam it said was related to an earlier hack on one of its competitors. The company said the attackers claim a user's wallet has been disabled, before redirecting to a clone site to steal their credentials.

In a blog post, Trezor revealed that the attackers have been sending its users emails claiming they need to pass verification due to new KYC regulations. It then provided a website that's a replica of wallet.trezor.io on which the users can supposedly verify their identity. This site requests the users to key in their recovery seed, giving the attackers full control of the wallet.

Trezor reminded its users that they "will not be asked to enter their seed anywhere other than on their Trezor device." It also assured its users that all their funds are safe and that no Trezor customer data has been leaked.

"We continue to operate under a policy where we anonymize all customer data from e-commerce within 90 days, once it is no longer needed to complete the order, and will even remove customer data manually if requested before that," the firm stated.

Trezor believes that the recent wave of phishing attacks was a result of a hack on its hardware wallet competitor Ledger. The French company was hacked in late June, with the attackers accessing one million emails. They also accessed additional details such as postal addresses, first and last names and phone numbers for close 9,500 of the users.

Trezor believes that this is the data the attackers in the latest phishing attack are relying on.

"The timing and scope of this phishing scheme suggests it is a second wave of attacks resulting from a breach of our competitor's e-commerce database. Malicious actors who acquired the data from that attack are blindly targeting Ledger customers whom they presume may also own a Trezor wallet."

Trezor advised its users against ever digitizing their recovery seed or sharing them. They should also ensure they perform every important action using their hardware wallets.

This is not the first phishing campaign that has relied on data from the July Ledger hack. In October, thousands of Ledger users were targeted by a phishing attack that many described as "really legit-looking." The attackers told the targets that Ledger had found several of its servers to be infected with malware.

One user described the attack on Reddit, "Wow this looked really legit, so much so I used Contact Us form to ask Ledger if it was real. I am normally pretty good at sniffing things like this out – this was by far the most convincing attempt I have ever seen."

See also: CoinGeek Live presentation, Custody Changes Everything: How BSV Opens a New World for Digital Asset Custodians

Thursday, November 26, 2020

ARK Announces Partnership with Magic.Link

 



As Ark approachs the launch of MarketSquare, we want to give our community an inside look at some of the partnerships we have formed. These strategic partnerships will not only help make MarketSquare the new homepage for the decentralized web but will also create inroads between ARK and other projects looking to build and collaborate together. Today we would like to introduce you to Magic.Link!

What is Magic?
Magic is a developer SDK that can be integrated into applications to enable passwordless authentication using magic links - similar to systems used by Slack and Medium.

Once a developer integrates Magic into their application a user is able to sign up or log in by doing the following:

A user requests a magic link be sent to their email address.
The user clicks on the magic link
The user is securely logged into the application.
#Saying Goodbye to Passwords
You may have noticed that this process occurs without the need for signing in or registering with a password. The benefits of passwordless authentication in modern applications and services are becoming more apparent. Let's go over a few of them below:

Increased Security: Passwords are becoming obsolete. The resources required to manage user credentials and passwords are increasing. It is estimated that 81% of security breaches are due to poor passwords set by users. The problem is further complicated due to the fact that 59% of users reuse their passwords everywhere. By using Magic, password leaks can be prevented which reduces risk and liability for companies using passwordless authentication.

Less Overhead: Statistics show that nearly 50% of all support tickets are related to lost and forgotten passwords. The estimated cost for handling 10 support tickets a day is $128,000 annually. Magic takes a different approach. Magic leverages blockchain-based, standardized public-private key cryptography to achieve identity management. When a new user signs up for an application or service, a public-private key pair is generated for them. Private keys are used to sign cryptographic proofs of a user's identity.

Boost Conversion: By removing passwords, Magic creates a better user experience. The number of steps necessary to login and signup for a new platform or application is reduced by over 66%. This amounts to better conversion rates and happier users.

Magic & MarketSquare
One of the main goals of MarketSquare is to be an industry leader in providing educational and informative content centered around blockchain. By working closely together with Magic we have an opportunity to explore integrating their robust SDK, create content around decentralized identification management, and more.

Other areas of collaboration include:
Creating MarketSquare content centered around Magic.
Explore integrating Magic's SDK for ARK's products.
Exploring other areas where working together would make sense and be beneficial for both projects.
As we expand the number of developer tools that we are featuring on MarketSquare, we believe that Magic is a great fit and are looking forward to having them as a partner.

South Korea to delay digital currency tax law until January 2022

 


Digital currency holders in South Korea have been granted an extra three months before a new taxation rule is implemented. The rule was to be implemented in October 2021, but will now be delayed until January 2022.

South Korea finalized its digital currency tax proposal in July, with the Deputy Prime Minister Hong Nam-Ki revealing it would take effect in late 2021. The rule requires Koreans to pay a 20% on digital currency profits above KRW2.5 million ($2,259).

Soon after the government revealed the rule, several stakeholders in the digital currency industry were up in arms against it. Some felt that the industry was still too young to face such a huge tax cut. Yonsei University economist Sung Tae-yoon stated at the time:

"It is premature for the government to impose cryptocurrency taxes at a time when the market has not developed enough in a stable manner. Any rash taxation or introduction of regulations can be a stumbling block for sustainable growth of the industry."

The Korea Blockchain Association soon after called on the government to delay the implementation for two years. According to the lobbying organization, the time period given to exchanges was too short. Oh Gap-soo, the association's chairman remarked:

"It is necessary to provide a reasonable minimum period of preparation so that it can contribute to the national economy and to secure tax revenue in the long term."

South Korean lawmakers have offered this reprieve to the digital currency industry, local outlet Dong-A Ilbo reports. The outlet reports that the lawmakers concurred the timeline wasn't sufficient for the exchanges to adhere to the new rules. The tax sub-committee at the national assembly is expected to announce the specific implementation dates in the coming week.

Rep. Lee Dong-min of the ruling Democratic Party stated, "It's good to implement it [the new tax rule] quickly, but it's also critical allow the system to settle calmly while securing a considerable degree of consensus."