When Neos was first created, I had a vision for what I wanted it to be. It's been nearly 7 months since an idea born of passion came to fruition and not a day has gone by that development hasn't been active. Each day working with the community and being involved in the crypto space has given invaluable insight as to what people wanted and needed. The community has been an incredible source of not only motivation but support as well.
Along the journey through the various stages of development, the requests that have been made have mostly made it to development and production. There are a few outstanding ones that have been pending for quite some time now. The reason for that was simply Neos just wasn't ready for it. One missing key component was security. Today however, that is not the case. Today I am pleased to announce the new Neos platform, code named Kratos. Kratos in Greek mythology symbolizes power and strength. That is exactly what Neos represents. A powerful system with a strong development team behind it and an even stronger community presence.
Please watch the screencast before installing Neos 2.1 as it contains important information regarding the upgrade process to prevent any chance of wallet loss or corruption. (http://youtu.be/s_Lvg_VcmKY)
Some technical and network details:
Total money supply: 21 million
Block reward: 50 Neos
Block maturity: 120 confirmations
Transaction confirmations: 6
Halving occurs every 210,000 blocks
Transaction fee: 0.00000001 Neos
Difficulty adjustment: every block using Dark Gravity Wave
Some of the standard Neos features include:
In-wallet trading (one-click withdrawal, mass order cancellation, one-click deposit, order executions, candlesticks)
An in-wallet block explorer
Live statistics and market data
In-wallet personalized mining worker stats and multipool stats
In-wallet mining calculator
Dashboard news as polled from our Twitter account
Multi-currency conversion data (BTC and 21 different currencies supported)
The ability to export your transactions to 3 different formats (Excel, CSV, and JSON)
Personal aliases for receiving both Neos and messages
One-click wallet updates with automatic notification of new updates
Automatic 24-hour backups of your wallet
Market data and statistics (Neos in circulation, market cap, averaged value, averaged global trade volume)
Now onto what has been the primary focus in Neos 2.1: The authentication system and our unique theft recovery system
Firstly I'll explain a few key points to our approach in effort to secure your Neos platform:
Each installation is unique to itself. Your wallet files aren't transferrable to another Neos install. This prevents someone for example from replacing your files with modified wallet files to gain access or corrupt it.
Your Neos configuration is no longer plaintext. In earlier releases of Neos, conf.php was plaintext and that just isn't acceptable to me.
Tamper-evident: if someone tries to circumvent the system by various methods, the wallet will cease to work until support is contacted. There is never a legitimate reason to remove Neos wallet files, and the only time this would occur is if someone intentionally has done so.
Authentication is handled by a custom system I've written that doesn't utilize cookies or sessions. Your auto-logout time can be adjusted in your Neos settings. Passwords are encrypted using blowfish, salted, and with 15 rounds of hashing. Authentication isn't instant, and that's by design.
Decoy system: upon entering the system with a bad password, it won't seem any different from a valid login. In fact, it will allow the attacker to proceed with nearly every function that they would be able to had they logged in with a valid password. From sending Neos, to withdrawing it from exchanges - it's all fabricated and very convincing and while they think they're in the process of robbing you blind, they're actually just being kept busy while you're notified of it.
Notification system: upon bad login, if you've registered an email address with our security system, you'll be notified with details when someone attempts to break into your wallet.
Two-factor authentication: in your Neos settings, you have the option to configure your Google Authenticator for Neos. Simply scan the QR code, verify the code from your phone and save your settings and you're now protected with two-factor auth the next time you attempt to log in.
Upon logging into the system even with a bad password, but a proper two-factor code - you will enter the decoy system.
Upon startup if either Neos or PHP are modified, you will be notified and given the option to download the proper (clean) files before Neos even starts, preventing risk of accidentally running a wallet stealer or virus someone has placed on your system.
Something new introduced
I've always stated Neos was a creation out of passion for crypto and what it represents: freedom. I've also expressed my distain for those wishing only to flourish by means of theft. Every time I hear of either a scandalous exchange closing down due to apparent theft, or people having their coin stolen via wallet stealers or computers stolen I cringe just as crypto does as it's being punched in the proverbial stomach. I'm not here just for Neos, I'm here for crypto and the community in general is something I value. With that being said, I wanted to code something that would serve not only the Neos community but potentially the entire community.
With that being said I present to you with Neos Kratos - our thief locator and fund recovery system.
I'll outline the possible scenarios in which this system is useful and what it's capable of and then take a less technical approach in my explanation.
- Someone sends out a wallet stealer disguised as another coin, you run it - your funds are gone but the thief has your wallet now even if it's encrypted.
- Someone breaches an exchange and steals the wallet files from it
- Someone steals your laptop with your wallets on it
Here's what's going to happen as a result in each one of those situations:
- You're going to be notified via e-mail as to the location of the thief as precisely as possible using geo-location methods. The data provided can then be used in locating the offender.
- You're going to receive your wallet back via email
How is this beneficial in general? Well, let's take into consideration wallets swiped from an exchange. You've now (along with many other folks) have lost your Neos, Litecoin, and Bitcoin for example. The thief loads the Litecoin wallet, sends it out if possible to dump it. He takes the same steps with the Bitcoin wallet. Next he loads the Neos wallet. The moment he does, he's not only outed himself but has also provided crucial information that helps take the guess work out of "Who stole the wallets?". This can lead to reconcilliation and assist in loss prevention. Alongside that, the exchange also receives their Neos wallet back via email.
Now, in scenario #2 the same applies as the above mentioned outcome. You not only will be able to find out where your Neos wallet went and the attacker, but also recover at least your Neos wallet and hopefully in the end - your other wallets.
In scenario #3, your wallet can be marked as "Physically Stolen" and once Neos is turned on, locate your laptop or device.
The above system is active, and pending community feedback will become more militant and finely-tuned. There are additional preventative and recovery options I have developed but they are a bit more aggressive - however they are pending response from an attorney well-versed in crypto as well as other areas. As we fine-tune this system and get community feedback, I'm confident it's going to be an incredible asset to both Neos and crypto in general.
With everything above taken into consideration I'll address a feature that everyone has been requesting for some time now and the reasons it wasn't included are straightforward: I didn't feel it was prudent to provide an in-wallet marketplace or other spendability options with a system I didn't feel was secure enough to protect the community from potential loss.
A custom marketplace is already in development now utilizing our new system with an as-of-now unknown ETA. Just as we have done with Neos since the first day, we're taking the appropriate measures to do it properly. At the moment, pending funding for an already-created prototype we have a hardware wallet in development that utilizes the new Neos system and is in plain English - pretty damned cool.
So where is Neos headed now? In the same direction we've been heading in for the past 7 months - forward. With the introduction of these new features and a few others in development we're sure to have our hands full over the next coming months. One thing I can happily say is that we're currently being processed by LitePaid.com and coingateway.net. As more services accept Neos as an option that have APIs, you can bet we're going to be developing for those services to the best of our ability - with a unique approach.
Something else as by community request we're considering - is a hosted wallet option. As with everything we do, serious consideration and forethought is being put into this and updates will be made public as they become available.
I'm also in the process of developing a "My Neos" center for the community for various purposes and utilities.
You can download Neos 2.1here:
Debian Linux: http://www.neoscoin.com/debian
Ubuntu Linux: http://www.neoscoin.com/ubuntu
Our website will be getting re-designed by yak this week to reflect the new direction we're heading in.
You can buy Neos at the following exchanges:
We're also on the vote list at https://www.cryptsy.com/coinvotes
We take support very seriously and provide it with no cost and no limitations. Our support options are via telephone, skype, teamviewer, IRC, and our forum (http://forum.neoscoin.com). Without our community, we wouldn't have a reason to do what we do - and we thank you for that.
Our reddit: http://www.reddit.com/r/NeosCoin
Our twitter: https://twitter.com/NeosCoin
Chat with us on IRC: https://kiwiirc.com/client/irc.freenode.net/#neoscoin
A screencast demonstration of the abilities described here in Neos 2.1: http://youtu.be/s_Lvg_VcmKY
If you need assistance in migrating your old wallet to the new Neos 2.1 system, please don't hesitate to contact me. I strongly urge everyone if they haven't been running Neos 2.0.2 (automatic backups) to make a copy of your wallet.dat somewhere safe first and THEN copying it to your new Neos installation.
This will be the last time a full installation/replacement will need to occur. Everything developed over the past 7 months has lead to where Neos was intended to be. It's been a process along the way, but we're finally here and I thank you all for your support along the way and patience.