|
Title: How to improve your Bitcoin accessibility. Post by: bornil267645 on April 04, 2015, 08:32:49 PM I read in an article that:
"Bitcoin API that simplifies interaction with the block chain. With the help of a Bitcoin API, reliable bitcoin applications can be designed which will display user balances and transaction history without needing the private keys of the wallets. But what I'm interested is, what kind of vulnerabilities does the API have? Title: Re: How to improve your Bitcoin accessibility. Post by: gmaxwell on April 05, 2015, 10:13:29 AM APIs like that can feed you completely bogus data, at their whim, like payments that never really happened, causing you to give away goods. Even if you log the results, you can't even prove to third parties that the API lied to you.
Services like that often use third party 'dos mitigation' services that they had their SSL keys over to (and, of course, the security provided by SSL is paper thin in practice). Like many things, these things are perfectly secure if you have nothing to lose... otherwise? not so much. Bitcoin was design to eliminate the need for this kind of trust; too bad that so many have rusted to rebuild it in Bitcoin, rather than contributing to make the trustless infrastructure better meet people's needs. |