Keyur, can you tell us about how you store your wallets and such? By that, I mean that in any given day you probably only need 10% liquidity. So a good practice would be to have your active, server-accessible wallets separate from wallets containing the remainder of reserves. That major wallet should be elsewhere, such as on a computer not on your network and this computer is only turned on for 5 minutes a day in order to refill the active wallets. Also, it should be in a cage with several rabid monkeys who can only be tamed by a secret routine, such as reading them a bedtime story and giving out sedative-laden fruits. And this cage should be in a van that moves around a city 24/7. This is like that Burn Notice episode where a package was kept perpetually moving by a series of motorcycle couriers.
The computer in question should be backed up by a flash drive the size of a pill, which you repeatedly eat every few days in order to keep it in your body. The timing is perfect, I've found, to allow the backup to be only occasionally accessible depending on your regularity. If you need it in an emergency, then just eat a lot of prune juice or, in a really major emergency, find a Winogradsky column and drink it.
Then, if your site does get hacked, everyone's risk is minimized. See, I don't think many people take solace in prevention measures at exchanges any more. The more important question involves what hackers or rogue employees could obtain if given access. Please name one of the monkeys after me.
As far as I know, this is the exact procedure they use to protect Coca Cola's secret formula ;-) We understand your concern though about an inside job though. That is why we follow the best practices deployed in most of corporations: split component ownership, and chain-of-command for each component. This makes it easy to pinpoint rogue elements. - Keyur |
|
|
|
There haven't been much news from Camp BX lately... Are SEPA transfers still on the roadmap?
Nmat, We were hoping to launch in Europe late September, and also have a multi-currency back-end ready to go! Unfortunately running into some red-tape in Europe. We are hoping to get required permissions and redundant bank accounts in place by Q1 2012 to ensure uninterrupted service for our customers. Thank you, Keyur |
|
|
|
- We do not do business with companies that don't have a registered office in USA. (Paxum, Liberty Reserve)
Paxum does not have an office in the USA. They are based in South America with an office in Canada. There customer service is based in Mexico and they use a Belize and Canadian bank  Correct - that is why we do not support Paxum! Sorry the original post was not clear: should have said "No Paxum". |
|
|
|
|
Hi everyone,
We received multiple requests for information around Camp BX security measures in the wake of Bitcoin7 incident. So here is a high-level summary of precautions and processes in place at Camp BX: please feel free to ask questions and we will be happy to share additional information.
Physical Security:
- Professional, secure data center in Arizona
- Triple telecom backbone connectivity for redundancy
- Caterpillar diesel generators in case of power brown-out / black-out
- Restricted physical access to servers
Information security:
- Well defined chain of command for wallet and database ownership
- Nightly security scans by McAfee Secure
- Scheduled D-DoS attacks
- White-hat penetration tests
- 72-hour SLA commitment to address new vulnerabilities
Financial security:
- No fractional reserve: We hold 100% of user funds in reserve at all times
- All banking done on-shore in the USA
- We do not do business with companies that don't have a registered office in USA. (Paxum, Liberty Reserve)
Thank you,
Keyur
|
|
|
|
Wow, this article is shocking! Hard to believe that the shiny Wachovia HQ down the street were facilitating hundreds of millions in drug money. |
|
|
|
(Not shilling Camp BX this time, just sharing some personal thoughts)Came across this article about a face-off between 7 next-gen currency start-ups / technologies vs. Citi group. http://www.finextra.com/news/fullstory.aspx?newsitemid=22993The outcome according to FinExtra was: And despite all the talk of peer to peer transfers, social networks and decentralized currencies, it was the age-old topic of regulation and money laundering that delivered the decisive blow.
This statement made me wonder: Should Banking Industry really be using money laundering to knock on Bitcoins? Billions of dollars in drugs trade, funding for illegal weapons for warlords, and even funding for terrorist attacks have all gone through the international banking system successfully. Banks have done a better job of harassing legitimate businesses rather than preventing these activities. Bitcoin technology has the potential to do a little better. Electronic bank balances can rarely be traced all the way back to printing presses, while every Bitcoin's lineage can be traced all the way back to genesis block. And more importantly, bank balances do not have built-in scripting ability like Bitcoin does. I am curious to hear the Bitcoin community's thoughts on this. - Keyur
|
|
|
|
What do you mean by "free month"? I interpret that to mean that any commissions charged on trades for selling during the month are refunded. Is that what is meant?
Yes Stephen - we meant a 'Commission Free' month! Thank you, Keyur |
|
|
|
|
Hi everyone,
If you are planning to sell your Bitcoins, we invite you to try out Camp BX. We have a lot of new users looking to buy since the recent price drop, so we will be happy to set sellers up with a free month. Simply sell 100 coins or more by end of the month, and message us to take us up on this promotion.
Thank you,
Keyur
|
|
|
|
Yesterday you also had problems... I hope that your software architecture is designed to scale.  Speaking of which, I saw your tweet about API throttling. As long as we keep the 500ms between requests we're safe, right? Yes Nmat, our architecture is very modular so that makes scaling easier. Most of our work is to identify and prioritize where the best speed-boost opportunities are. You should be good with that latency. - Keyur |
|
|
|
|
Hi Eric,
The 20% price swing in Bitcoin today resulted in a lot of activity with traders and bots modifying orders.
We have already put in some additional measures to minimize this issue in future.
Thank you,
Keyur
|
|
|
|
I know that C is obviously faster and that it can probably cut down the decision time from, let's say, 100ms to 1ms. But given the current state of bitcoin exchanges, how relevant do you people think the language is? If all exchanges were using websockets I would understand, but right now you have to constantly poll TradeHill/CampBX/whatever to get new orders. The variance I get between HTTP requests makes those 99ms seem insignificant.
Agree - the HFT code may not win every latency race due to high latency on the exchange side. However on average / over long term, the HFT algos will have an edge. |
|
|
|
|
Nmat,
We do what Eric mentioned: run an order against open orders first, and if it gets filled it will never show up in the Order Book.
The remainder that does not get filled immediately gets added to the OB. Now you will still see some order that you cannot fill though, because as soon as an order shows up in orderbook bots attacks it rather aggressively. Some high-frequency bots written in C can fill the order before most of the regular algos in Perl/Python/Mathematica can react.
Hope this helps,
Keyur
|
|
|
|
|
Thank you Roger! Was great meeting you and Matt at the conference. I was very happy to hear about all the steps you guys are taking to alleviate the FUD resulting from MyBitcoin situation.
All the best,
Keyur
|
|
|
|
|
Hi FlipPro,
We have not forgotten NameCoin!
We are working on some major feature releases, and also upgrading our architecture to a seven-server setup. Once both of these changes are implemented (scheduled for early Q4), NameCoin is next in line.
Will keep you posted,
Keyur
|
|
|
|
Wanted to share more details on Wallet API calls:After you open your Camp BX account, you can use our API calls to: - Generate dedicated Bitcoin addresses for your Wallet - Query available,confirmed balance - Make payments from your account - Make CBX Instant transfers from your account - One more API call that allows you to find out last X deposits will go live soon You can of course do all of the above using the Website UI as well! More details about the API calls can be found at: https://campbx.com/api.php#transfersPlease let us know if you would like to see any more features, and we will be happy to include them right away. Thank you, Keyur |
|
|
|
Bitcoin trasnfer Seen in your FAQ, just sayin'  Thank you Davout! Have been making this transposition error all day long today; corrected the FAQ. Thank you, Keyur |
|
|
|
|
Thank you Nmat and FC!
Nmat, Sending you a PM about the question!
- Keyur
|
|
|
|
Hi everyone, We have rolled out many new features at Camp BX over the past week! Here is a quick breakdown: 1) Three new funding methods are live! You can use USPS Money Orders, Checks, or Wire Transfers to fund your account. Did you know that USPS Money orders are: - Always valid — they never expire.
- May be replaceable if damaged, lost, or stolen. Just hold on to your purchase receipt.
- Cost $1.55 to transfer up to $1,000 ($0.30 if issued by military facilities)
- Available at 31,000 locations
2) CBX Instant transfers allow you to send Bitcoins instantly to other users without paying miner fees. These transfers can be made using our website or API: CBX Instant Trasnfers: https://campbx.com/faq.php#fund-transfersAPI Call: https://campbx.com/api.php#transfers3) We have added new API calls that allow you to use Camp BX as your Wallet or backend processor. All of the calls have been heavily tested and optimized, and ready-to-use right away. We also offer custom API calls for our affiliates. If you have a business need, please contact us! 4) We also offer the most aggressive affiliate / volume discounts in the market, and best of all, we offer them retroactively if you have been trading at Camp BX. Thank you, Keyur Edit: Added more info. |
|
|
|
This is all well and good, and also completely meaningless. If thats what you want to do, then just do it. You don't need any support from the software.
Perhaps you're under the impression that bitcoin will forget about older addresses that it has given you after it gives you a new one? That isn't the case. (I'm just guessing wildly, because I can't figure out what you're thinking). All addresses your client generates will be remembered forever, any other behavior would lose money.
Hi Gmaxwell, Never mind - I was thinking aloud based on end user requests we receive. As I think more, this request feels more like feature creep rather than a core feature. Updating the original message to reflect this. Thank you, Keyur |
|
|
|
There's also an estimatetxfee patch, but the problem is that between the time you estimate the tx fee and the time the send happens the state of the wallet might change, making the estimate wrong.
The real question is why should customer A pay a transaction fee just because customer B funded their account with tons of tiny transactions? If customer A puts 1,000 bitcoins in their account and pays 0 fee, they're going to be pretty upset at you if you charge them to withdraw THEIR money from the account.
Gavin, Thank you - this explanation really helps me understand the design intent. RE Static Addresses: Customers have two different sets of needs. They can choose to use disposable addresses used for transfers / trades, and opt for a "static" address to plug into mining services or merchant solutions, where deposits can be made over extended periods of time. As Bitcoin matures like other financial system, this deposit period may extend well into years. Thank you, Keyur |
|
|
|
|
Show Posts
