Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    @ooluwati, each user will generate certificate storing private key on its device and sending public part to the blokchain. Binance or any other company that uses Remme should have such service implemented in the log in form. It may be not obligatory, but alternative way to authenticate to the serivce and upgrade security of its account.
    ooluwati
    @ooluwati
    @Andrii_Fedotov_twitter Excuse me if my questions are confusing. Let's just use your example. In a user sign up form, I enter my public key or certificate. Binance has to then store that public key/cert correct?
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    No, it will use REMChain as a storage to check it during user authentication.
    Geordie-R
    @Geordie-R
    Andrii have you got an infographic explaining the communication passing process? As from your answer above, Binance would have to know the public key to then go check it onchain right to see if it has been revoked or still valid?
    ooluwati
    @ooluwati
    @Geordie-R Thank you... that's exactly what i'm trying to figure out.
    It seems we need to wait for the team to write blog posts of customer journey, use case, and technical examples that I requested.
    Geordie-R
    @Geordie-R
    I'd love a deep dive to know how the code on the exchange knows who i am already so then i can just do the 2 click login. Im guessing It must involve the exchange website on my browser, decrypting the encrypted webpage which maybe was encrpyted with my public key and my browser decrypts it using my certificate private key. That way, it could only be me logging in as im the only one that could decrypt it? Then clicking login will create the session login as usual. I wondered if this is just standard tech or something that remme produced? If i fully understood everything remme, i could provide more of a help to the community to understand the tech. I know how extremely busy you all must be but there is not anything useful explaining the communication in detail that i've come across. When we ask this information in AMAS the community prefer we ask it in here haha!
    Andriy Fedotov
    @Andrii_Fedotov_twitter

    @Geordie-R, yes, Binance will bind a certificate with your account.

    Concerning the process of authentication, it isn't a quite exact path. You can open a website without a certificate. In that case Remme will look like "Log in with Facebook". HTTPS use of Remme is another Remme protocol possible use case and there are still a lot of questions to answer.

    Geordie-R
    @Geordie-R
    So we would need different infographics for the different examples thats all
    ooluwati
    @ooluwati
    @Geordie-R I agree. For a particular use case, Andiry and I must have a different definition of "bind". I'd assume in order to bind a certificate to an account, Binance must store a copy of the certificate or public key in a Binance database. If that is the case, then an attacker could potentially hack Binance's database and replace a benign cert with a malicious cert.
    Geordie-R
    @Geordie-R
    So many POTENTIAL security issues exist if someone else stores your Certificate/Private Key. Exchanges that currently hold your crypto as you well know, hold your private key, and thats why your funds can be stolen if the private keys get in to the wrong hands. Sure, if the exchange wanted to store a certificate/private key thats up to their implementation though. Poor implementation should be advised and avoided. The only fairly secure way is if binance stored your public key and only after you sent them that from your device which produced the certificate/private key. Binance could check onchain with a command like: var publicKeyCheckResult = await client.PublicKeyStorage.Check(CERTIFICATE_PUBLIC_KEY_HERE); Then publicKeyCheckResult contains all you need to know about the current status of the certificate, if its valid, when it runs out but obviously no identifable info as technically all that is stored on chain if i remember rightly is dates of expiry and a public key pretty much
    Geordie-R
    @Geordie-R
    When @Andrii_Fedotov_twitter said bind i think he means assign the public key of the certificate to a users table for example in the exchanges authentication database. i.e. user: billy bob, public key: -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/8y3uYCQxSXZ58OYceG
    A4uPdGHZXDYOQR11xcHTrH13jJEzdkYZG8irtyG+m3Jb6f9F8WkmTZxl+4YtkJdN
    9WyrKhxq4Vbt42BthadX3Ty/pKkJ81Qn8KjxWoL+SMaCGFzRlfWsFju9Q5C7+aTj
    eEKyFujH5bUTGX87nULRfg67tmtxBlT8WWWtFe2O/wedBTGGQxXMpwh4ObjLl3Qh
    bfwxlBbh2N4471TyrErv04lbNecGaQqYxGrY8Ot3l2V2fXCzghAQg26Hc4dR2wyA
    PPgWq78db+gU3QsePeo2Ki5sonkcyQQQlCkL35Asbv8khvk90gist4kijPnVBCuv
    cwIDAQAB
    -----END PUBLIC KEY-----, they may store when it ends if they so wish but they will always do a certificate check using api anyway id guess
    Please correct me if i get any of this wrong remme.
    Geordie-R
    @Geordie-R
    @Andrii_Fedotov_twitter ive submitted an issue on github with the .net libraries could you let the guys know to have a look for me. I need this working for testnet ;)
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    Ok, thank you, @Geordie-R. At the moment their working schedule is a little bit tight because of tasks related to testnet launch, but I'll let them know about your issue.
    Geordie-R
    @Geordie-R
    @Andrii_Fedotov_twitter i understand it must be crazy busy. As soon as its fixed i can continue testing
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    7b1q6ecngki21.png
    Cyberpunk in Warsaw: artificial sun installed on one of the skyscrapers
    Looks like Blade runner in the real life
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    We are glad to present you our new page that presents KeyHub features. If you work with certs, you can also apply on beta invite only test program https://remme.io/keyhub
    hjsrolde
    @hjsrolde
    Hi guys, good to be here!
    I am new to Gitter, is it normal that the app crashes?
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    Hi, @hjsrolde! Welcome to the Remme tech community!
    Andriy Fedotov
    @Andrii_Fedotov_twitter

    Some similarities transcended cultural differences -- the retail and travel industries are seen as potentially insecure on both sides of the pond. 19% of Americans and 40% of Brits see retail as a risky business when it comes to their personal data; 16% of Americans and 35% of Brits see the travel sector as the most insecure. Generally speaking, the UK is leading a growing trend in all-around awareness and concern in the matter of data security -- a trend to which Americans are now gradually catching on, the report says.

    More stats about US and UK citizens attitudes about the data security are here https://www.securitymagazine.com/articles/89890-american-consumers-slow-to-trust-but-quicker-to-forgive-security-breaches

    hjsrolde
    @hjsrolde
    Thanks @Andrii_Fedotov_twitter
    I still really like Remme, was wondering does the SSD storage has to be internal or is external storage fine too for the masternode?
    SooSDExZ
    @SooSDExZ_twitter
    @Andrii_Fedotov_twitter
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    @hjsrolde, is the external storage is the same data center in your case? It can be both internal and external, if you mount to the server, but our configs are provided for the internal one out of the box.
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    matter
    @yilakb
    on the new build of the node everything's working fine but i was not able to connect to grafana node info is
    "jsonrpc": "2.0",
    "id": "11",
    "result": {
    "node_public_key": "03d82c093c9dd39c5aa0a1432a5543a55b4f6967a85b7176e47a 1f229e628f87c7"
    is there some thing i miss
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    @yilakb, you can write directly to our engineer Dmytro to his telegram @dmytrostriletskyi
    matter
    @yilakb
    Thanks for now i'm all set. i set up a new node from start. ready to go.
    Bilgin Ibryam
    @bibryam
    hi, can someone tell me why the explorer shows no blocks on the testnet?
    #blockchainsecurity
    @remme_adm_twitter
    @bibryam Hello. We are now fixing a bug connected with the node synchronization. This is the reason why the node is down and block explorer is empty.
    Andriy Fedotov
    @Andrii_Fedotov_twitter
    Hey @/all! I want to introduce you our new tech admin for Remme tech community! It is @remme-admin! Please ask him everything that you have related to our development process, testnet, dapps and any other tech issues.
    Remme Admin
    @remme-admin
    Hey, @/all ! I'm glad to join the community as an admin. Please, feel free to ask me all the questions you might have. Cheers!
    Ric
    @tbaincii_twitter
    Is anyone here?
    The Demo
    @TheDemoMan_gitlab

    Is REMME a scam?

    They have bought their stars... Which is a sure sign of being up to no good.

    The characteristics of "fake paid-for stars on GitHub" are:

    • A flood of 80 or so stars within a 48-hour period
    • All star-gazers are Ghost profiles, with no profile picture, little or no activity, but have been a member for a 3+ years
    • All star-gazers have also stared similarly suspicious repositories

    For example, on the remprotocol repo, there was a large number of new ghost stars on the 25th Feb, and on the 1st of March 2020, it spiked at 117 before GitHub removed a batch of fake stars.
    https://github.com/Remmeauth/remprotocol/stargazers
    There is the possibility that someone else bought the fake stars for this company, but I think that'd be unlikely. I find it hard to trust the company behind this project- but as the community, what are your thoughts?

    Remme_Roman
    @wert1234ru
    @TheDemoMan_gitlab Hello! Thank you for your observation! I can say with accuracy that Remme company has nothing to do with buying or wrapping stars on the github service. We have a great effort to make our business as clear as possible. We do not set ourselves the goal of deceiving or misleading anyone. At the moment, we are developing our core products such as REMChain and Auth. You can familiarize yourself with all the news on our blog (https://remme.io/blog) or in social networks: t.me/remme ; https://twitter.com/remme_io ; https://t.me/remme_daily
    @TheDemoMan_gitlab Please let me know if there are still any other questions about Remme related products ;)
    The Demo
    @TheDemoMan_gitlab
    Yeah, I'm gonna look into it to confirm. The stars came from a dodgy site called 'gimhub', and the purchase was associated with someone called 'Roman', which after a quick Google could be the actual CTO of REMME!! the is presuming it's the same Roman- I couldn't find their last name yet, so it could just be a considence.
    I am guessing that they are trying to improve their open source image, to help with the corporate sales side of things, ... and I'm bored of researching this now...
    Remme_Roman
    @wert1234ru
    @TheDemoMan_gitlab I'm sure that our CTO (Roman Cherednyk) has more important things to solve instead of buying stars on Github which are completely useless :) BTW you made great research!
    Coding Crab
    @self-coding-crab
    Hi Remme team
    Do you have any plan to extend the dev team?
    Remme_Roman
    @wert1234ru
    Hello @self-coding-crab ! For now, we have enough developers for our products. We will back to this question a bit later :)