OpenEx: Progress Report - 95% launching this week

[r3wt]

demo:
http://dev3.openex.pw/

We will be launching later this week.

exchange is 100 percent working. tweaking some code here and there and making some final optimizations.

about all thats left to do as far as basic functionality is fix a small bug. when a user withdraws all coins, the balance record for that coin remains. when the user buys more of that currency or deposits more, a duplicate balance entry is entered, causing the account page to list the first result, which will always be the original balance which was zero upon withdrawal. a fix for this, is to delete the balance upon withdrawal if the remaining balance is zero. should be simple enough, and shouldn't take more than a day to test in different scenarios.

see you all soon. thanks for the help, support, and suggestions.

[1715316932]

1715316932

[1715316932]

1715316932

[1715316932]

1715316932

[1715316932]

1715316932

[1715316932]

1715316932

[knowitnothing]

Did you forget to include the link to the open source code, some repo, or anything at all ? Because, you know, otherwise it is not open source.

[r3wt]

Did you forget to include the link to the open source code, some repo, or anything at all ? Because, you know, otherwise it is not open source.

That's an excellent question. the code will be open source the day the exchange is launched. in its current form and incompleteness, i am not ready to opensource it yet.

Justin is currently modifying the market system of the database to add an identifier for currency pairs. then we will probably switch that to its own database for an extra security measure.

the project is currently at a conservative 60% completion-- saying that,  its fully functional except the withdrawal system, but there are many bugs to work out and adequate security measures to add, plus an api for off site trading.

personally, i am working on porting a version of goosh to the site for commandline based trading, something that should be a unix nerds wet dream.


i'll keep this updated as much as possible. going to a party tonight, check back tommorrow.

[r3wt]

i have decided i will go ahead and begin opensourcing the exchange.

in today's update, i will be adding a mobile site, and modifying the way php identifies devices to include a class for mobile devices. after that i will begin building the admin interface. when i have installed the basic admin interface, i will break with programming and install an LNMP(Linux, Nginx, MySQL, PHP)stack on my local unix system and begin using it as the test server.

this system will be the basis for future updates, and will be the testing ground for our project. updates to the openex website will no longer be processed automatically, except for a manual process of updating the files through git as opposed to straight sftp interaction from the test server to the server @ openex.

additionally if time permits i will begin work on building the user privileged actions class in php, with a separate class system for admins. instead of the normal id based class interaction, an asyncronous class will be created for each class in order to verify and regulate the class defacto class interaction system of the php/mysql platform. this is imperative as it sets a hardcoded limit on what users can accomplish with quote "privilege escalation" exploits. think of it as a security by execution of php scripts through a window that monitors and approves each interaction a a script with the php parser using:

-custom rule sets
-XSS prevention private function keys
-script execution window through uses of keys previously mentioned, expiring imediately by being added to the database as processed request record.
-double salt function applied to all json interactions
-key based  32,768 bit encryption of communications between the wallet servers(called "clients" as each one hosts a specific wallet) utilizing an encryption system i have developed in php using keys stored on wallet servers. the way it works is, information will be sent from the main server through a php page encrypting the json and other information. the client server will receive and before decoding, it will return the key also encrypted with the prototype algorithm. the double salting function reduces hash collision and create random, secure keys for each interaction, meaning these interactions can be neither decoded, understood, or repeatable because the window for execution of the command will be uninitiated by the requestor, in this case a malicous attack who wishes to reproduce a transaction to his withdrawal address, by forging a second transaction or attempting to intercept the encrypted command and keys and resubmit the already processed interaction which has a decaying window to be approved.



i'll update this thread as each task is completed.

i haven't contacted justin today as he is in school, but i would expect an update on his progress with multi market and the fee execution process modification, fixing a vulnerability that allows for doublespending within a users exchange account. thats about it for now.

r3wt

[r3wt]

got quite a bit done today.

justin worked on an administration interface, while i:

- built the framework for the mobile site. tomorrow is on to the css of the mobile site.
- finalized attributes of password strength indicator.
- added a configuration script to easily disable the login and registration systems.
- played with some javascript in firefox 25's version of the site. meny.js div's look ugly in looks ugly in firefox. adding some firefox logic to the css            tomorrow to fix it.

[r3wt]

Another busy night coding. Sorry guys, still no market pages yet justin is writing a new trade engine, and all the test trades have cleared from the database. the plan will be to work with Chart.js for the market chart display on the homepage. we will be utiilizing an extra, js based database to store the last 120 trades from each market. we will use PDO to query each market and return an array of Datapoints. we will use php inside of our javascript to get the data array into Chart.js, which will take over the leg work from there.

Time for some pics before bed.

Account Page

Support System


Registration



Admin(Don't laugh to hard) lol

[r3wt]

oh by the way, that password strength is pure js/css.

here's the js if you want it for a project. i'm all about code reuse.

Code:

function passwordStrength(password)
{
	var desc = new Array();
	
	desc[0] = "Too Short";
	desc[1] = "Weak";
	desc[2] = "Terrible";
	desc[3] = "Better";
	desc[4] = "Good";
	desc[5] = "Strong";
	desc[6] = "Secure";
	desc[7] = "Legendary";

	var score   = 0;
	
	if (password.length > 8) score++;
	if (password.match(/\d+/)) score++;
	if (password.match(/([a-zA-Z])/) && password.match(/([0-9])/))  score++;
	if (password.match(/([!,%,&,@,#,$,^,*,?,_,~])/))  score++;
	if (password.match(/(.*[!,%,&,@,#,$,^,*,?,_,~].*[!,%,&,@,#,$,^,*,?,_,~])/)) score++;
	if (password.length > 13) score++;
	if (password.length > 20 && password.match(/(.*[!,%,&,@,#,$,^,*,?,_,~].*[!,%,&,@,#,$,^,*,?,_,~])/)) score++;
	
	

	document.getElementById("passwordDescription").innerHTML = desc[score];
	document.getElementById("passwordStrength").className = "strength" + score;
}

[r3wt]

New Screenshots.

Market Overview



Admin--Query User



Admin--ServerStats



Admin--Coin Monitor(Basic Interface for monitoring each wallet/network.



Trade Page(now with graphs etc)



Trade Page with Chat Open



Issues

-withdraws still do not work.
 --No one is assigned

-chat still isn't functional.
 --zelles is assigned

-need alternate style sheets for non webkit or mobile users.this can easily be accomplished with js and alternate stylesheets.
-- i am assigned

-trade engine
-- justin is assigned

-jquery/ajax page requests
--No one is assigned

-Market Data arrays controllers and functions for charts
-- I am assigned

-API
--No one is assigned

-Pen Testing
--Gorgo rom is assigned

If you wish to join the project, do not hesitate to contact me.

[crazy_rabbit]

Very cool, watching this!

[r3wt]

Very cool, watching this!

thank you for your support!

you are more than welcome to contribute ideas, tips, or pointers.

[elambert]

Godspeed rewt!

[Hazard]

I like.

[betacoindev]

Wow, very nice project!

[mercSuey]

I'm just now seeing this, been too busy!  Looks awesome, mate.  Good luck.

[Sustainable]

Really well done so far, very cool idea and interesting prospect. Thanks for helping the community!

[daybyter]

I work on java trading stuff. Do you have an API, that I could implement, so my code could trade on your site?

[gorgorom]

Very nice brother. Seems to be gaining traction. I will run another series of tests today, will update you in skype when it's complete.

[unfocus]

Very nice! Thanks.

[r3wt]

a small update:

over the weekend, i purchased a couple additional domains(Openex.info, home of the forums, and Openex.mobi home of the mobile version of the site) and security certificates for each, and finalized a deal for hosting of the site.


the site will be launched on the following hardware:

Dell Poweredge

Dual 6 core Xeon 5639's

48 GB ECC DDR3

Dual 1 tb sata with raid

100mbit port, firewalled

google pagespeed cdn+google shield

upgrade plans:

phase1:

-move wallets to server 2(Quad Opteron, 32 gb ddr2, dual 100 mbit port, firewalled)
-move openex.mobi(mobile site) to server 3(Core i7, 8 gb dd3, 1 gbit port, firewalled)
-launch openex.info(the forums)


phase2:

an upgrade with Alpheus moves us into tier 2 hosting, where we share the benefit of the following:

4x 100 gbit CISCO CRS-3 single port with 140G Cisco FPG


Tommorow, the site will go back online at the vps, and we will begin rigorously working on its completion. we have a tentative goal of December, however much of it will hinge on how confident i am in the security of the site. i am typically cautious and would like to err on the side of caution rather than to produce a bad exchange.

stay tuned folks

[muddafudda]

In all honesty the dev had admitted to previous scams and the title should be given the appropriate scam warning.