A thread on r/ethereum has lead me to once again realize the disconnect between my perception of the Ethereum community and its reality. The first time this happened for me was in the wake of the “The DAO” debacle. I was unperturbed by the hack, having expected exactly that sort of thing to happen with regularity, and yet others seemed surprised and distressed. This was not a inevitability they were prepared for, it seemed.
This is a repost of an answer I gave on the Ethereum StackExchange. It describes a simple micropayment channel implementation I’ve had bumping around in my head for the past week or so. I spent enough time writing it that I figured I’d share it here as well.
Q: What are payment channels? Can they be implemented on Ethereum?
Absolutely. In fact, there’s a project currently underway to implement an Ethereum Lightning Network, which uses micropayment transaction channels, called Raiden.
For those who aren’t already familiar with microtransaction channels, here’s a primer. Feel free to skip the next two paragraphs if you’re already familiar with the mechanism:
Last night I was thinking about how to do random number generation in Ethereum. It’s a difficult problem, given the fact that the blockchain is, and must be, public and deterministic. Using a future block hash can work in certain applications if the properties required of the selected block are kept secret until several blocks after the block has been mined. Even in this scenario, though, it’d be possible for a powerful malicious miner or consortium of miners to just consistently skew the distribution of random values and affect the overall outcome of an RNG-dependent dapp over the long haul. This especially becomes a problem under proof-of-stake, as computing capacity that might have otherwise had to go toward mining is freed up for block hash mutation. Sophisticated users may notice the skew in such a scenario, but I expect most would not. Such a tactic might go unnoticed for a long time.
I work as a developer for Nexus. One of the things I’ve done to make it easier for new developers to come on board and start contributing code was to create a Docker image that contains a pre-built development environment containing everything a new developer might need. It also helps with being able to reproduce each other’s bugs, as our environments are all very similar. I’ve been using it myself every day now for about a month, so I figured it’s time I write a post introducing it.
I’ve been working with Nexus, an Ethereum-centric blockchain development shop, on a decentralized cryptocurrency leveraging and stablecoin platform called Maker. There’s a whitepaper available for it, but some of the concepts can be tricky, so I’m writing this explanation to provide another resource for anyone trying to figure it out.
To start with a summary: Maker is a stablecoin and decentralized cryptocurrency leveraging platform built on the Ethereum blockchain. It is composed of three primary pieces.
A lot of the technology that empowers people does so while simultaneously creating a large power disparity between the user of the technology and the provider of the technology. In aggregate, this can result in an unhealthy power dynamic between the technology provider and society as a whole. SovereignCyb.org is a news feed focusing on technology that empowers people while minimizing those sorts of power disparities.
Every post on this blog can now be torrented, thanks to the “BitTorrent My Blog” WordPress plugin by Maymay. (Maymay is perhaps better known for writing the Predator Alert Tool family of apps and plugins for use with social networks like Facebook and OkCupid.) If you’re using the Maelstrom browser, you will be torrenting and seeding this blog by default.
If you want to torrent any post on my blog, just add “/webseed” to the URL. For example, this post’s torrent can be found at
(Some of this may also apply to OS X, since it’s Unix-like.)
I was digging around in my home directory today and came across a script I’d written last May during one of Github’s outages to alert me when it came back up. Yesterday I turned out a one-liner to watch a website and alert me when it changed, so I was struck by how my problem-solving approach had changed in the intervening months as I continued to learn more about the utilities available on the Unix command line.
This is a copy of a handout I wrote for a talk on PGP to a group of activists at a dinner on January 29th, 2015. The intent was to provide a supplement to the practical, but narrow, walkthrough I’d given for those who wanted to dig deeper into data security in general.
Basic Security Principles
- Your security chain is only as strong as its weakest link. Make sure you understand the strengths and weaknesses of each link in your security chain. Take care to maintain the integrity of every link in your security chain. Using encryption will not help you if you composed your message on a compromised machine.
Edit: This technique does not appear to work in Odoo/OpenERP 8
Being able to show a user a message is a pretty basic, important piece of functionality. It took me a while to figure out how to trigger a user-visible message from the server in OpenERP, but I eventually managed it. Given the answers on Stack Overflow, I figured I should share this valuable finding with the rest of the world.