design – Use the replacement key or the accountno field as the primary key

I am developing a simple portfolio management system for financial advisors. The central table here is a & # 39; tb_account & # 39; table containing the various accounts managed by a consultant. I create a random unique account number and save it in the field & # 39; accountno & # 39; in the tb_account table. The field is also the primary key for the table. Now there are other tables in which further information about the account (a.k.a. Portfolio) is stored. All these tables are stored by & # 39; accountno & # 39; controlled.

The question I have is whether to store "accountno" only in the tb_account table and create a unique index for it and use the replacement primary key from the table, an "id", in all other tables.

I have pictures of both designs here. Please let me know which way I can go. The pros and cons of both will also help. I tend to the latter because I use the field & # 39; accountno & # 39; completely hide tb_account for all tables except the main table. But such a design will be an obstacle if I opt for the "micro-services" route, where table-joining relationships are not or even impossible.

The two designs, figurative.

Blockchain – Bitcoin I was asked to send money for a private key

Hello, I was asked to send money for funds that are not expendable to get a private key to unlock. He comes from Bitcoin investments. How sure is that because I'm worried I will not get the payment. It's currently in my blockchain wallet account, displaying the credit as ineligible until unlocked with a private key

Does the Google managed SSL certificate use the same key pair during the renewal process?

In the Google Kubernetes Engine, it is possible to set up a "Google-managed SSL certificate". Of course, before a certificate expires, Google must receive a new one. In that case, does Google use the same keypair or generate a new keypair?

The reason for this question is that I may need to allow "certificate pinning" for an SSL certificate. This does not work if the key pair changes each time it is updated.

To optimize the number (*) by using only the foreign key index in PostgreSQL

I have a web app that uses a large number of data tables to connect to the database to retrieve data.
The problem is, however, that always first the total results have to be counted before the data can be paginated limit and offset

Are there any kind of special indexes or configurations that always force the calculation of the count to index only, without relying on the end table? because now it seems that it ignores the index when it asks for the count.

What does a private Bitcoin flash key look like?

Elliptic Curve Private Keys are only scalar integer values ​​between 1 and n (The Order from G). These can be encoded in any way, but are usually represented only as 256-bit integers, regardless of which endian the platform uses. When interpreted as an array of bytes, it's simply a 32-byte sequence.

Bitcoin's WIF (Wallet Import Format) uses the 32-byte sequence, prepends a version byte, and then generates a checksum with the Double-SHA256. The first 4 bytes of the checksum are appended to the bytes of the version and the private key to form a sequence of 37 bytes in total. This is then Base58Check-encoded to produce the textual representation of the private keys you trust. The reason they all start with 5 is the version byte.

In the Lightning specifications, there is no specification for the storage or import / export format of private keys, and it is up to the implementers to decide how they should be stored or how they should be exported, if at all. If you prefer, you can use the same WIF format because Lightning uses the same curve as Bitcoin for signing and key exchange.

Private keys are used in Lightning for two different purposes. The Lightning node itself has a single fixed private key that is used both to identify the node (based on its public key) and to sign messages that actually prove to be from that node. It is also used to perform an authenticated key exchange when connecting to peers to prevent MitM attacks.

The other private keys used in Lightning are entries of a Bitcoin wallet that is used to sign transactions related to the channel states, which are standard Bitcoin transaction outputs.

However, it is not enough to know the private key for a particular channel to output for that channel, since it is 2 out of 2 multisig issues and both parties must sign off the transaction to output it. You must therefore be aware of a purchase transaction and a signature of the counterparty for this transaction additionally on your own private key for the channel.

Obviously, it's not very useful to export these private keys alone – you need a more detailed format that includes all the parts needed to keep the current state of the channel to a minimum. In practice, you should also record all previous channel conditions so that you can create a Justice transaction if the other party is trying to propagate an expired channel state, unless you have delegated that role to a Watchtower, who should have a file.

Key Management – Is there a key exchange protocol that requires only one message?

For forward secrets without synchronous handshake, you want something like the "ratcheting" protocol that uses signal. It really is a pretty clever system:

  1. Each party generates an asymmetric key pair and forwards the public key to anyone who so wishes.
  2. Each party generates and stores a set of (EC) DH parameters – one sentence for anyone you need to chat with – then signs the public part of the parameters with the private key and makes the signed part publicly available.

In Signals case, the keys and signed public parameters are sent to the central server. Suppose you want to start secure communication and either trust the server, check the public key in some way, or do not care about authentication, you can do the following:

  1. Download the recipient's key and its next unused public key exchange parameters (the server and the recipient both log which parameters were used).
  2. Optionally, you can authenticate the key and verify the signature of the parameters.
  3. Generate your own short-lived set of key exchange parameters and sign the public part with your private key.
  4. Use the private part of your parameters and the public part of the recipient's parameters to derive a symmetric key.
  5. Optionally, you can encrypt a message with this key.
  6. Send your public key, the signed public key parameters of both pages, and the message to the recipient.
  7. Delete the short-lived key parameters.

The recipient:

  1. Checks the pre-signed key exchange parameters and ensures that the parameter just received has never been used.
  2. Optionally validates the sender's public key and the signature on the public key exchange parameter.
  3. Gets the corresponding private part of the key exchange parameters and uses it along with the public part of the sender to redetect the symmetric key.
  4. Deletes the now used private part of the key exchange parameters to ensure the secrecy of the forwarding.
  5. Decrypts the message and / or encrypts a message to be sent using the exchanged key.

If you do not have the central server in your scenario, you need to pre-fetch the public key exchange parameter (and optionally the public key, to check it). However, you can then complete the key exchange and initiate secure communication asynchronously with a message. (Once the recipient receives the message and completes the key exchange, it is secretly forward.).

Search all features for a private Bitcoin Lightning key using mobile devices, desktops, or cli wallets?

Bitcoin wallets have the "swipe everything" function to transfer all coins from one private key to another. Is there such a feature in a Bitcoin Lightning wallet that you can sweep all the coins from a private Lightning key to another Lightning address?

Encryption – Can private key information be displayed when signing an email?

Therefore, I know that PGP-encrypted emails from a familiar, consistent email footer or greeting ("hello," "sincerely, xxx," etc.) may be vulnerable to a known plaintext attack. However, this also applies to PGP signatures on an e-mail?

If I always sign my emails from PGP and all my emails end with "From, (name)", can one of my secret PGP information be displayed?

Data Structures – Perfect Hash Function: How to deal with searches outside the key set?

Thank you for sending a reply to Computer Science Stack Exchange!

  • Please be sure too answer the question, Provide details and share your research!

But avoid

  • Ask for help, clarify or respond to other answers.
  • Make statements based on opinions; Cover them with references or personal experience.

Use MathJax to format equations. Mathjax reference.

For more information, see our tips for writing great answers.