e.g. blockchain head does not update when receiving a new block that is already in the database.

• Related issues: #23

Setup central management, monitoring

Needs to consider the corner case that consensus might never be established if connection to the network fails.

_verifyTransaction and _verifyTransactionBalance in Mempool.js doen't check if value+fee of the transaction === 0

• Related issues: #29

• Hoster: GitHub Pages
• Cloudflare: Currently free plan
• SSL: Currently shared cloudflare certificate
• Email

• Reject invalid IPs
• Reject invalid hostnames in WS addresses (e.g. wss://localhost, wss://127.0.0.1, wss://192.168.x.x, etc.)

In contrast to the PublicKey class that is well-used across the core, the PrivateKey implementation seems to be a copy-pasted version (actually in line 12 there is PublicKey instead of PrivateKey) that is never really used.

The problem is that, again in contrast to pub keys, private keys cannot be exported in 'raw' format in the subtle crypto lib we are using. Hence, while the 65 byte size of pub keys makes sense, the private key can only be represented as, e.g., 'pkcs8', which requires different handling.

Issue #2 also indicates that the private key topic is still somewhat open.

I think the current implementation is more like a stub. Depending on what we need the class for in the long run (serializing it for wallet portability maybe?), the implementation should reflect the way it is exported from the crypto lib.

TL;DR: I don't see how to use the PrivateKey class as-is (or where it is used), so either it needs additional explanation or another implementation.

I added new tests specifying the functionality of the new BlockUtils class.
Build #18 is now failing, because converting a difficulty to compact and back does not return the same difficulty.

This is easy to verify for several difficulties (e.g., 250) and the following code:
difficulty == BlockUtils.compactToDifficulty(BlockUtils.difficultyToCompact(difficulty))

Moreover, I have a question regarding valid values for difficulty:
What values are allowed for a difficulty? 0 does not seem to be valid, since BlockUtils divides by the difficulty. Is Policy.BLOCK_TARGET_MAX the maximal value?

• Verify bug
• Fix bug
• Answer question regarding valid range of difficulties

We might need to split large P2P messages (e.g. blocks) into several WS/RTC messages.

http://viblast.com/blog/2015/2/5/webrtc-data-channel-message-size/

The method _verifyTransactionBalance in Mempool.js does not mind the transaction fees.

e.g. Safari

Maximise reward per byte.

In order to keep balance proofs small, we should reduce the maximum number of children per node from 256 to 16.

The property for a sender public key in a transaction is senderPubKey, but Mempool.pushTransaction() is using transaction.publicKey instead, which means every transaction (after the first one) gets rejected because the code thinks they all have the same sender public key (i.e. undefined).

There are already a couple of Accounts/AccountsTree tests to start with:
https://github.com/nimiq-network/core/tree/master/src/test/specs/generic/consensus/accounts

Accounts: e.g.

• complex blocks
• invalid blocks

AccountsTree: e.g.

• deep trees
• large trees
• persistent storage (?)

The importPrivate in Crypto.js throws the following Exception:
Failed to execute 'importKey' on 'SubtleCrypto': 5 arguments required, but only 2 present.

If you want, I can add a test to the crypto.spec.js

Needs to consider the case that the peer is on a long fork.

Currently a call to getBalance(address) in Accounts.js gives false for an unknown address. Probably getting 0 or a Balance instance with value 0 would be desirable.

The following might be a small vulnerability:
Blocks with an arbitrary timestamp seem to get accepted as long as they are at a later date then the current head. If a malicious miner then commits a valid block with the last possible timestamp and this block becomes the new head, any block mined on top of that with a honest valid timestamp will be rejected because it is not later then the head.

Update: The malicious miner could use this issue for example by submitting valid blocks with timestamps that increment by a rather big amount, e.g. one week. Thereby, the difficulty will decrease and it will be easy for the malicious miner to mine a lot of blocks. Of course the total work doesn't imcrement that much by doing so, so another branch can outperform that malicious blockchain. However, the code must not get stuck on that malicious blockchain. A possible solution might be to not accept heads that have a timestamp much later then the current time in _isValidExtension in Blockchain.js.

• Look for memory leaks
• Check hashrate degradation (NodeJS)

• Related issues: #23

Use cloud service(s) to setup a large number of nodes (1k-100k), both backbone and browser.

In order to verify balance proofs efficiently, accountsHash in BlockHeader should correspond to the AccountsTree hash after the block is applied, instead of before.

Importing a private key to the Wallet does not seem to be fully implemented yet.
I guess after creating a CryptoKey from an ArrayBuffer using importPrivate(privateKey) it should be stored in _keys and if the wallet is persistent also in the WalletStore ?

Update: Or probably it would be better to actually remove that import method and then do importing by creating a new Wallet instance with the keys to import and then maybe have a setPersistent Method in the wallet that can save the keys to the WalletStore?

Also add logic to deal with reject messages and/or apis to expose them.

Primarily models persisted in the blockchain:

• blocks
• transactions
• ...

Might also be relevant for models exchanged via network.

Needs to consider pre-allocated coins in genesis block / founders rewards.

e.g. peers that keep sending junk data