GRAFT Wallets are Safe and NOT Affected by Double Counting Bug

As you probably know, most exchanges recently took offline all CryptoNote wallets (including Monero) due to Double Counting Bug. We tried to reproduce an exploit of the double counting bug with GRAFT master (current GRAFT version) to prove that GRAFT is not affected. In order to do that, we have prepared a special testing branch with the exploit: https://github.com/graft-project/GraftNetwork/tree/double-accounting-exploit, where we duplicated the “add_tx_pub_key_to_extra” call inside “construct_tx_and_get_tx_key(…)” method in cryptonote_core/cryptonote_tx_utils.cpp. The destination wallet with the bug was supposed to show the wrong (doubled) balance after the transfer from the exploited source wallet.

The destination wallet (GRAFT master, private testnet) before the test transfer shows 20 GRFT balance:

Now, we are transferring 10 GRFT from the exploited source wallet (private testnet), trying to “trick” the destination wallet:

The destination wallet after the transfer shows the correct amount (30 GRFT):

Here is the destination wallet log:

So this case is already handled in current Graft version (1.2.1), which is based on Monero v11, and the bug seems to be introduced in Monero v12, where subaddress functionality was implemented.

Therefore, current GRAFT wallets are safe for all users including exchanges.

GRAFT Development Status Update June 2018

Supernodes and Real Time Authorizations

Let’s start from implementation of full supernode, which is essentially an implementation of real-time authorizations (RTA). Although we are close to the finish line, we do not release it yet to public alpha. We need more time for optimization, fine-tuning, and QA testing. One of the main reasons for the delay is an issue with communication. Unlike other two-layer cryptocurrency networks which use a separate mechanism for communication between their second-layer nodes, we reuse the existing peer-to-peer network as a basic transport. Our original algorithm finds the shortest and fastest routes between the supernonodes by maintaining a set of P2P tunnels through the network of cryptonodes. The main difference and greatest benefit of using the same communication base for two layers (both cryptonode and supernode networks) is not exposing the authorization sample’s supernodes – because in our design they are not required to have a public IP. Such design is the major difference and significant improvement comparing to other layer two implementations such as Dash masternodes.

Remember that one of GRAFT’s key differentiators and goals is absolute privacy initially provided by underlying CryptoNote blockchain protocol, which is the first layer of GRAFT platform. The fact that the auth sample supernode does not require a public IP attached to it makes GRAFT even more private and decentralized, because the supernodes are less dependant on regulated hosting providers. Without public IP the supernodes are “hidden” behind the large, distributed, and complex P2P network, which makes them less vulnerable to DDOS attacks. At the same time, the hosting and maintenance are less complicated and less expensive for supernode owners. (Note that wallet/POS proxy supernodes, which typically belong to service providers and large merchants, still require public IP address in order to be able to serve wallets and POS/payment apps).

However, such great benefits do not come for free. Along the way we found several issues in existing CryptoNote/Monero P2P communication implementation, which we are fixing in order to make it more efficient, stable, and suitable transport for our purposes. With that said, we anticipate the public alpha of supernode with RTA to be released by the end of July. Meanwhile, we will start a private alpha release for testing in a coupe of weeks, so if you are interested in helping us with preliminary testing please contact us at [email protected]

While working hard on RTA implementation and getting ready to its production launch, we realized that hosting a supernode, either full (authorization) or proxy/gateway, requires a special DevOps skill set, so we are working through making arrangements and building relationships to provide turnkey solutions to supernode owners and merchant service providers.

Payment Apps

We are continuously working on improving the Verifone terminal app so it will be fully polished for production by the time RTA is released. As Verifone have written on their merchant marketplace website, where GRAFT app is listed as the Featured Apps Partner, “Our app partners are working around the clock to help empower our merchants with applications that enrich the customer experience and provide business productivity.” This is absolutely true statement, there is not much to add. Since the Verifone certification was achieved last month, we have done several improvements such as UI redesign (in both terminal app and our wallet), enhanced configuration utility for merchants, integration with CoinMarketCap for real-time exchange rates, and some bug fixes. Also, we are working on Ingenico terminal app integration into their marketplace.

One of important and promising features we are planning to develop is using NFC (Near Field Communication) for initial engagement between the mobile wallet and terminal app, so instead of scanning QR code displayed on payment terminal the buyer will just wave the phone (the same technology is used by contactless payment cards and Apple Pay). Implementation of such a feature will help improve both buyer and merchant user experiences and reduce the overall transaction time. We will keep you posted about our progress in this area.

We just finished design and now are ready to start implementation of the payment gateway which will facilitate GRAFT payments on online shopping platforms. Once implemented, integration with GRAFT payment gateway, among other features, will bring to online merchants and buyers a unique combination of absolute privacy and instant transaction confirmations (using RTA) – something they have never seen before. Plus, after we finish RTA and move to accept broker implementation, they will be able to accept various cryptocurrencies, while keeping the same benefits of privacy and transaction speed.

Wallet Apps

We finally redesigned the app downloads page on our website, so now it’s easier to find all our apps, including wallets, and their releases for various mobile and desktop operating systems: iOS, Android, Windows, Mac OS X, and Linux. In recent wallet releases, we fixed some bugs and added new configuration options. The upcoming wallet release will support purchases with real time authorizations using full supernodes (currently it supports a limited version of RTA on testnet only).

CryptoFind App

As our app for discovering and listing crypto-friendly merchants is gaining more popularity among crypto enthusiasts, we periodically release new features and bug fixes. In recent CryptoFind version, in addition to bug fixes, we added a possibility to take a picture of the GRAFT sticker on the merchant’s window so the users can earn better bonuses.

Happy Grafting!

New Element of GRAFT Ecosystem – Payout Token

Designing Payout Tokens and Real Time Decentralized Exchange

As we’re working on the design and development of the features defined in the original GRAFT white paper, we are monitoring industry trends, listening to the community, and constantly looking for new ways to enhance and extend functionality of GRAFT network and its applications. Currently, we are in a process of refining several sections of the white paper, adding new features that will help GRAFT become an even more comfortable place for both merchants and buyers. In order to do that, we are designing two very important ingredients: a payout tokens and a real-time decentralized exchange. These two new features will enable optimal flow of funds, either crypto or fiat between GRAFT users on both sides of retail payment transaction. We will publish information about those new elements of GRAFT ecosystem in this blog, in two different posts, before it goes to the next version of the white paper. The first article below describes payout tokens, and the second one, which will be published soon, will describe real-time DEX using atomic swaps on network of GRAFT supernodes. The product roadmap will be also updated along with the publication of the updated white paper.

GRAFT Merchant Token Platform:

Introducing Payout Token

Although recent version of the GRAFT white paper provides pretty detailed definition of merchant token concept, it does not contain (yet) some important details which are described in this article. In addition, we introduce a concept of payout token – a special type of a merchant token that will be used to facilitate merchant payouts in local fiat currency. Before we move to payout token definition, let’s refresh our memories to recollect the concept of a GRAFT merchant token, which is a foundation of GRAFT payout token. Here is the definition from the GRAFT white paper:
In addition to fast and inexpensive transactions, merchants place high value on customer loyalty and branding. This functionality will be enabled by the token layer of the GRAFT currency. The token represents domain (merchant) specific GRAFT use, and offers smart contract-backed functionality like loyalty point accumulation and use, reward points, sale discounts, spending discounts, competitor discounts, coupons and store credit. Merchant token is a predefined smart contract that allows creating a private token that belongs to its owner. Unlike some other smart contracts and token platforms, creation of GRAFT merchant token does not require any programming and can be done by anyone.
Note that merchant tokens are not equivalent to “open” smart contracts: we do not try to build another Ethereum platform. Unlike Ethereum-like smart contracts that can be unpredictably customized through programming, flexibility of merchant tokens is limited to their necessary features, which makes them simple and inexpensive but powerful tool accessible to a merchant of any size – from individuals and small businesses to large retail chains. In addition, the main features of each particular merchant token type will be supported by supernode DAPI and GRAFT wallet and point of sale apps. Thus, those features are going to be available for merchants and buyers “out of the box”.

Stable Value

Since Graft tokens (GRFT) are tradable, when they are used for merchant payouts directly, volatility may become a problem. We cannot ignore the fact that many merchants would like to be able to accept cryptocurrencies but prefer to get paid in their local fiat currency. This is their reality: merchants still need to pay for restocking, utility bills, and employee salaries in fiat. At the same time, they don’t want to be involved in cryptocurrency exchange business, and they need to be isolated from the financial details of the crypto business. In order to finally fill the gap and connect the two worlds – cryptocurrency transactions and fiat currency merchant operations – we have created a concept of a payout token, which represents a local currency and can be transacted on GRAFT blockchain in real time using the supernode tier of the blockchain. Payout token is based on GRAFT merchant token technology, similar to gift, rewards, and other merchant token types.

Underwriting

The main goal for creating payout token is providing an easy and reliable way for merchants to get paid in stable local fiat currencies while avoiding usage of centralized payment processors. Payout tokens are issued and maintained by responsible token underwriters (such as banks). When someone (payout broker, for example) is buying payout tokens from the token underwriter, the company generates a necessary amount of tokens and transfers them to the buyer in exchange to an equivalent amount of fiat currency. When someone (merchant or payout broker on behalf of merchant) is selling payout tokens back to the token underwriter, the company destroys the tokens and pays an equivalent amount of local fiat currency to the seller. Thus, payout token is always backed by sufficient amount of fiat currency, and its price always remains the same and equals to the corresponding fiat currency float. For example, 100 USDG can be always bought or sold for US$100. Payout tokens will be issued by licensed token underwriters only in exchange to equal amounts of fiat currency. Furthermore, the rights to handle particular payout tokens can be delegated (licensed) to local commercial banks or even national governments. At this point, we’re open to partnership inquiries from financial institutions interested in underwriting payout tokens tied to the local currency. Please email info @ graft.network or contact us through other means if you represent an organization that wants to get involved.

Details

VChain name for all payout tokens is always “GRAFT”. Each payout token subtype matches a particular local fiat currency. For example, GRAFT.USDG token (ticker: USDG) matches US dollar. Payout Token Naming Format GRAFT.[Currency Ticker]G Examples:
GRAFT.USDG GRAFT.EURG
 

Vlog Version

Special shout-out to Jose D for making this wonderful video version of this important blog post, making our ramblings little easier to digest. Thanks Jose!!!

GRAFT Development Status Update May 2018

It’s time for another status update! Y’all are busy people, so let’s not waste any time and get right to the point.

Payment Apps

Let’s start from really good news – our Merchant Marketplace app just received certification from Verifone – big step towards GRAFT acceptance by brick-and-mortar merchants and a product of 6 months long development cycle in close communication with Verifone. We are working on improving this application as well as building apps for other major players in the area of hardware payment terminals such as Ingenico.

Also, we just started designing the online shopping cart integrations – the first implementation is going to be an integration with Shopify, one of the most popular online store platforms. While it’s not within GRAFT’s charter to produce all the integrations, we take it upon ourselves to provide reference integrations with few leading platforms, paving the way for the independent software developers to take GRAFT to all other platforms.

Blockchain

It’s not a big secret that GRAFT has been forked from Monero – in order to be able to reuse the best (as of today) implementation of Cryptonote protocol, which is the most secure blockchain protocol so far, at least for people who care about their privacy. The idea was (and still is!) to take the open source Cryptonote technology and use it as a tier-1 foundation of the future 2-tier application platform, when the 2nd tier consists of the network of full supernodes (please read the white paper for more details). So the GRAFT dev team was supposed to be mostly focused on design and implementation of the tier 2 from the beginning. Unfortunately, sometimes our plans diverge reality in unpredictable ways, and we admit that it was naive assumption. Instead of working on core development tasks, significant part of the team had to address several problems caused by network difficulty and timestamp manipulation attacks. As a result, we switched to more efficient difficulty adjustment algorithm, which is already used by a few other blockchains, and even managed to improve it. We also followed the majority of Cryptonote community and implemented ASIC-resistant code.

We appreciate a concrete help we receive from the community, including individual contributors zawy12 and jagerman – thank you guys! It’s also worth mentioning that our full time core dev team has been growing as well – we have added two senior core developers and project/product manager.

We are working on another potential modification – Cryptonote Heavy hash algorithm. Although the code change is ready, we are still testing, and haven’t made a final decision when (if at all) to switch to Heavy. We continue monitoring the situation in order to find the best time for changes that require major network update.

Real Time Authorizations (RTA)

Our top-most development priority right now is RTA and we’ve been hard at work doing the R&D and laying the foundation to meet our delivery timeframes. For those of you who are interested in details, here is the “10,000 foot view” of RTA – simplistic, optimistic sequence diagram of the RTA flow: Note that every line of text in this diagram correspondents to hundreds or even thousands of lines of the source code, so this diagram just demonstrates interactions between the main players, without going deeply into the details such as auth sample selection, fee distribution, message broadcasting, etc. We are working on various modules of the RTA so we could compile the full picture: supernode-ng server framework, porting DAPI/business logic into a new framework, and authorization sample communication, which includes both super-fast UDP-based direct communication protocol (for “urgent” messages) and “unhurried” protocol (for regular message transmissions) based on existing P2P implementation.

CryptoFind

Although CryptoFind was not designed to be the core product, its popularity recently skyrocketed, and so now we cannot imagine GRAFT without CryptoFind, which becomes the most comprehensive worldwide database of businesses that accept crypto. We have implemented some new features and improvements in CryptoFind since the last update: added a text search function, which allows you to find nearby points by name or type (cafe, store, refueling, etc.), enhanced the user interface, and created statistics page.

Network Monitoring

Also we are internally monitoring multiple parameters of GRAFT servers using special tools such as CloudWatch and Nagios, we thought that the community should be able to know about the basic status (“up/down”) in real time as well, without the need to ask and repeat the same questions on forums. So we have created a simple public network status monitoring page – don’t forget to check it out!

Happy Grafting!

Consolidating “US” and “EU” GRAFT Mining Pools Into a Single Community Pool

GRAFT team is going to consolidate the “US” and “EU” mining pools into a single community pool, which is supposed to increase the efficiency and reduce the costs of maintenance and support. Initially, at the moment of GRAFT blockchain launch on January 16th, 2018, two pools were supposed to ensure better decentralization and stability of the new blockchain; however, rapid growth of GRAFT popularity and mining community made this issue irrelevant shortly after the launch. Now Graft team is seeking a better distribution of the hashrate load, and as the network grows bigger, we are decommissioning one pool to allow operators of independant pools to gain a bigger market share.

The URL of the consolidated pool is going to be grftpool.com. Users of both current pools will be automatically redirected from the old urls. Miners connected to the “EU pool” will not be affected. Miners connected to the “US pool”, which is going to be shut down, will be receiving their payouts in full after the mining on the US pool is turned off. The switch will take place on April 1st. We recommend all miners currently connected to us.pool.graft.network to switch to eu.pool.graft.network as soon as possible in order to avoid any unexpected issues. Happy mining!

MVP Development Status Update

We would like to update the community on the status of Graft blockchain development. We have made a lot of plans and promises, and now it’s time for our dreams to start coming true. In order to achieve our ambitious goals, we have put together an efficient team of very talented and experienced developers. Two of them came from Monero project, which is very important for us as we forked the blockchain from Monero, and there will be many blockchain protocol changes.

Network Node, Testnet, and Blockchain Explorer

As an important milestone, we have finished some initial blockchain code modifications which allowed us to set up a public testnet with the first Graft block explorer.

While the testnet is open for access from the Internet, we have not published yet any information on node/supernode setup, configuration, and connectivity since we are still frequently updating it, and we would like to make sure it is stable enough to be open for public view and alpha testing. We will notify everyone once we publish the instructions so anyone will be able to connect and test the basic network.

Supernode

The majority of the work, however, currently is concentrated in supernode code which is — unlike network node forked from Monero — being designed from scratch. The proof of concept supernode was written in Python for the sake of rapid prototype development. After thorough review, the team decided to refactor the supernode code in C++ in order to keep a single technology stack and optimize the development process and network performance. Although the supernode and network node are based on the same technology stack now, the supernode is still deployed as a separate process (daemon), and we intend to keep it this way, at least for the near future.

Mining

Also, we are working on instructions for miners, including GPU and mining pools. Initially, it will be possible to mine on CPU, so the entire full supernode can be hosted on single machine. That’s how the typical testnet supernode is configured. On the mainnet, however, the network hashrate will grow fast, which will require GPU, then multiple GPU, and eventually mining pools to be set up in order to efficiently mine and maintain the full supernode. We are working on providing instructions for GPU miners as well as creating a first mining pool. The GPU mining machine can be detached from the supernode, which enables a hybrid “on premise/cloud” configuration, where, for example, the GPU mining rig is located at home while the supernode is hosted in AWS.

Mobile Wallet, Point of Sale, and Payment Terminal Apps

Finally, we are working on development of client applications, which include wallet and point of sale mobile apps that should look familiar from the PoC phase, as well as new apps running on payment terminals such as Verifone, Ingenico, Equinox, and AnywhereCommerce. Those new apps are going to be different from our existing mobile apps as they are going to be tailored to particular terminal hardware/OS/API/SDK and mostly integrated with third party point of sale software. The terminal apps are very important as they will open the door to the mainstream merchants including top tier retailers. Here is how the typical terminal app will interact with Graft blockchain:

We are still on initial design phase with those apps, but we believe we will be able to demonstrate the working prototypes before the ICO. Stay tuned!

Summary Comparison of GRAFT Blockchain to Other Payment Solutions

GRAFT VS RIPPLE AND OTHERS: FOCUS ON BUYERS, MERCHANTS, AND THEIR PRIVACY

SINCE GRAFT USES CRYPTONOTE PROTOCOL, HAS THE MONERO COMMUNITY INDICATED SUPPORT FOR GRAFT?

ARE TENX AND OTHERS CRYPTO CARDS COMPETITORS?

HOW GRAFT IS DIFFERENT FROM OTHER CRYPTOCURRENCIES AND WHY IS IT BETTER FOR PAYMENT PROCESSING APPLICATIONS

HOW IS GRAFT DIFFERENT FROM DASH?

CASH, DEBIT, CREDIT, MOBILE, BITCOIN, OR GRAFT?

FEATURE COMPARISON – GRAFT VS. OTHER CRYPTO-CURRENCIES FOR PAYMENT PROCESSING APPLICATIONS

Graft vs Ripple and Others: Focus on Buyers, Merchants, and Their Privacy

Focus on Buyer and Merchant NeedsRipple’s is mostly focused on bank settlements, while Graft provide solutions to buyers and merchants. Buyers can pay anywhere with cryptocurrencies or plastic card using Graft wallet app. Merchants can receive payment from anyone using point of sale accepting both cryptocurrencies and plastic cards. Faster payment confirmations are provided by Graft supernode authorization sample, a process that is more similar to Dash masternode scheme. Unlike Dash masternode, however, Graft supernode is not a “wrapper” or a second tier as it is designed to be a monolithic code base that implements both real time authorization and blockchain settlement (mining) features. Such an architecture improves security of the real time authorization process, as payments cannot be settled “off supernode chain” by the “lower” level blockchain network nodes, without supernodes knowing about their existence. Thus, all Graft transactions are authorized instantly without requiring additional fee, by supernodes that are automatically selected by the network using combined proof of work and proof of stake algorithm. Focus on Absolute Privacy Ripple consensus protocol is different, and its main problem is that it does not provide privacy features: untraceability and unlinkability of payment transactions. Unlike Graft blockchain, all transaction information on the Ripple ledger is public. Ripple does not provide the privacy and untraceability that are demanded today by potential Graft users – both buyers and merchants. When we pay with credit card, we share our secret payment information (like credit card number) with some entities – the merchant, the issuing bank, the payment processor, the payment acquiring bank – but those entities are relatively trustable so they try not to share our secrets with the entire world, and no one else can see our transaction history without our or their permission. Oftentimes, however, they fail to keep our secrets (think Target and many other retail mega breaches). With Ripple or Bitcoin or most other cryptocurrencies that are not based on CryptoNote protocol, the story is exactly opposite: there is no central authority that “knows” our secret “card number” (private key), but at the same time anyone in the world can trace our payments on the blockchain and link them to our identities with minimum efforts. By Implementing CryptoNote and other features, Graft brings the level of untraceability of payment history similar to traditional credit and debit card system, while adding decentralization, privacy, and security, which are the features of any cryptocurrency that are absolutely impossible to achieve using traditional credit card payment technology.

Since Graft uses CryptoNote protocol, has the Monero community indicated support for Graft?

While Graft supernode code is being written from scratch, the blockchain CryptoNote implementation codebase is forked from Monero. We do not anticipate a direct and immediate Monero community support. However, we believe that our project attracts people from CryptoNote communities as it adds a lot of features that are not available in existing CryptoNote implementations. One example of such a feature is real-time authorization (instant confirmation). Another example is hidden transaction fee amount, which is exposed to public view in all existing blockchains. This table compares Graft with Monero, Bitcoin, Dash, and other cryptocurrencies. However, there are even more important features that are not simply enhancements of the CryptoNote protocol. No one needs just another blockchain, even if it provides better privacy. But Graft is much more than just “another blockchain”. Graft is innovative payment application platform which supports various payment and payout methods, either traditional or innovative. While providing “reference”, default implementations of applications and services, Graft ecosystem is open for any software vendors and service providers. We believe in diversity of payment methods and cryptocurrencies.

Graft mobile wallet and point of sale apps do not maintain a full copy of the blockchain for obvious reasons. Does it mean the wallet content is stored on supernodes which may compromise its security and privacy?

There are multiple elements of the Graft user wallet:
  • Private spend key – secret – required to spend money; stored in the wallet app
  • Private view key – “semi-secret” – required to see the balance and previous transactions
  • Payment address – public – required to receive money
In Graft, the Private spend key is always stored at the client (wallet) and never shared with the supernodes. Therefore, it is not the same as credit card when you share you card account number with the merchant, payment processor, and the bank every time you make a payment. If one of them is breached, your credit card can be stolen and used to make fraudulent payments. If any or even all supernodes are “breached”, they don’t have your private spend key so no one will be able to “use” your Graft account.
The Graft wallet balance is a “hidden” set of previous transactions. It is calculated by scanning all the previous transactions which are stored on the public blockchain but invisible without view key. Since mobile wallet app does not have direct access to the blockchain, the private view key is temporary shared with a single “proxy” (relay) supernode in order to retrieve the wallet balance; the supernode will not store this view key in any database so even if it’s “breached” the view key will not be disclosed in most cases. However, even if the view key is disclosed, it only allows to see transactions, not to spend any money.
Users (either buyers or merchants) with higher requirements for privacy can host their own private “proxy” supernode with full copy of blockchain. This way they will never share their view keys with the random “foreign” supernodes. Most probably, due to limited processing power and other resource limitations, such a private proxy supernode will not be able to participate in transaction processing and earn any block rewards or transaction fees, but it will still be able to validate transactions and view balances privately by scanning the local copy of the blockchain. For users who cannot or don’t want to host their own supernode but still don’t trust the entire network, Graft creates a special (free) cloud service with trusted proxy supernodes that are protected by multiple levels of security.