Anyone can issue - don't seem to work

+4 votes

Hi,

I created a new multichain blockchain, edited the params.dat file so that all the global permissions are true. Then i started the blockchain and connected three other nodes. However, when i use listpermissions issue command on node1 (or node2), the json only contained node1 (my starting nodes) address. 

I also got the "No unspent output with issue permission" when i went ahead to try issuing a new asset to node2 address. Using getblockchainparams still clearly shows "anyone-can-issue" : true.

Any idea what i am missing?

Thanks.

R.

asked Jan 11, 2017 by Rosevelt

1 Answer

+2 votes

The error message is slightly misleading. If you were issuing the asset from node 2, the problem is probably that you have no unspent outputs at any address belonging to node 2. The MultiChain transaction model (taken from bitcoin's) requires every transaction to spend at least one output from a previous transaction. (Once an address has one output, it will keep having at least one, because every transaction sent through MultiChain's regular APIs sends back a 'change' output to that address.)

This can be a problem in the type of very open network you are using, when nothing at all is sent to an address before it wants to start transacting. The workaround is to send something (well actually, nothing) to an address before it starts transacting, something like: send [address] 0

If this is not a viable solution in your case, I'm afraid we don't have another good workaround right now. However one thing I would add is that a completely open blockchain like this, with no transaction fees, and no permission required to connect or send transactions, is liable to suffer from a deluge of spam very quickly.

answered Jan 12, 2017 by MultiChain
I was able to get around this by issuing the asset from the first node. It is interesting because since anyone-can-issue is set to true, I assumed the other nodes will be able to send an "issue" transaction at the start. Or am I still missing something?
I understand the dangers of the open system. Setting all permissions to true is just to make the setup a bit faster for my experiments at the moment.
OK, understood. The issue was that if no transaction (even a permissions change, or moving zero assets) has ever been sent to an address belonging to the second node, then it won't have an unspent transaction output that it can use to sign a new transaction it creates.
The workaround is

go to node 1 and grant permission for connect,issue etc to address of node2
multichain-cli chain1 grant address_node2 connect,issue,send,mine

This worked for me....
Also have a problem here.
Because of privacy issues, I want to be able to create an address that don't have any connection to a former address.

But this does not seem to be possible? So every address needs to be "activated" in terms of some transactions is send to it?
And so the address is not really anonymous because you directly get a connection to another address?

That would be really bad for the usecase I am working on right now. :-(
@Alexoid are you creating a network to which anyone can connect, and which has no native currency? The issue here is that it can be easily spammed by anyone on the Internet.
No it is a private/consortium network.
So I assume you are restricting access by IP address, or with a VPN. Because if you were using MultiChain connect permissions to restrict access, then each new address would automatically have a UTXO to spend, from the transaction that gives it connect permissions.

In this case, your simplest workaround would be to have some blockchain address whose private key is visible to everyone on the chain, say via an item in the root stream. Administrators ensure that this address has plenty of spare UTXOs (using raw transactions, many UTXOs can be created in a single transaction). Every node imports the private key for this address, meaning it can spend the UTXOs belonging to that address. Now everyone is effectively able to onboard themselves using these publicly accessible UTXOs, as the first input for the first transaction they send.

Does that work for you?
Hi. Sounds like a good solution for this problem!
Thank you I will give it a try.

PS: I did not know that a new address generated by an already connected node needs also a connect permissions (since the node is connected anyway...)
A new address generated by a connected node doesn't need its own connect permissions, but it does need send permissions unless anyone-can-send=true.
Ah ok, so that was the idea.
anyone can connect = false -> so the network is private
anyone can send = true -> so there is no need to grant any permissions on a new address
And if I understand correctly, you don't want a node to create that first UTXO for its new addresses (by sending from its address with connect permissions), because that would allow others to associate the new address with the node that is using it. In that case you'll indeed need the kind of workaround I suggested.
...