Get jsonrpcclient. Connect to bitcoind RPC. The data is automatically decoded.
I recommend against this for three reasons. Firstly, unpatched, it can display your login information on errors. Secondly, it does not work with php 5.4 Thirdly, it is GPLed so anything you make using it has to be GPLed as well. GPL licenses does not work like that. If you don't have error reporting set to none on your production server, well.... |
|
|
|
Inputs.io lags hard. Direct deposit from CoinLenders has not appeared after 20 minutes now. Your confirmed balance: NaN BTC
Is it being DDoSed? Not a DDoS. Inputs.io has encountered a bitcoind deadlock bug. We're working with Bitcoin core developers in getting this bug fixed. Inputs.io is back up by the way - if you're missing a CL transaction, send a message to support@inputs.io and we'll fix it up for you. |
|
|
|
I got a transfer with 55confirms still unconfirmed lol  Credited. |
|
|
|
Site is back.
Will post a full update soon and what we're doing to prevent this from happening again.
What exactly did happen? We've encountered a deadlock bug with bitcoind. We're working with the bitcoin developers in tracking it down and getting it fixed. |
|
|
|
|
Site is back.
Will post a full update soon and what we're doing to prevent this from happening again.
|
|
|
|
Account security upgrade processWe're upgrading the security of Inputs.io to make it more resistant to attacks even if our web facing server was compromised. Inputs.io is not compromised at all, this is to make Inputs even more secure. Login (if you are already signed in, log out and relogin) to complete the account upgrade process. Thanks!
|
|
|
|
i don't think, this is still running, did he not already do, a new signature rent?
This is still running. Due to time constraints, I may only make payouts every couple of days. |
|
|
|
The approach we'll outline is more systematic and doesn't use tricks such as decoys, honeypots and other traps, I think you'll like it when you read about it.
Count me interested I mean if the server never sees the password in clear it can't check it in any way, if it checks the hash, and the hash is intercepted it can be used to forge requests. Great point. We'll roll out something soon which'll work as long as you were not compromised when first registering (which is when we store your password) or when you upgrade your account. Thanks for your comments, I really appreciate it. I'm interested in knowing your approach. OK, will stop derailing the thread for now |
|
|
|
You mean the one at the end of the SSL tunnel seeing passwords go through it in cleartext
Well, at least you're not using cloudflare :-) Passwords are never communicated through cleartext in any circumstance. Your browser automatically hashes your password. You will never see cloudflare or similar services, or 3rd party tracking services like Google analytics on Inputs. To go back to this Linode thing, if your server gets compromised without you getting knowledge of it you can have your user passwords progressively harvested and bogus transactions authorized. When BC comes back online we'll demonstrate a setup that gracefully handles a fully compromised frontend AND (N-out-of-M) compromised backend nodes. It relies on the crypto we all know and love and mechanisms for decentralized transaction clearance and audit.
Cheers!
We use bcrypt with a user unique salt. The server does not get plaintext passwords, because your browser does not send it. We have decoy accounts which are populated by "real" user data from our other databases. The hot pocket server automatically dumps all coins to cold storage if it sees a payment request from a decoy account. We have methods that makes it very hard for an attacker to determine if an account is decoy or not, even with root access to the linode machine and listening to traffic. Thank you for being concerned about our security! |
|
|
|
Why's that funny?
For one : what's special about it ? For two : $ dig NS inputs.io | grep linode Congratulations, you have figured out our web facing server runs on Linode. While it runs bitcoind (for blockchain access, verifying signed messages and pushtx), it contains zero coins and communicates securely to the hot pocket / "main" server, which also does it's own database integrity checks |
|
|
|
It would be SO funny if the last post was actually written by someone else who logged in using that account. |
|
|
|
People are Fallible. a machine especially when it's a well built machine isn't fallible. I'd trust a machine over a banker any day of the week
Have you never heard of hacks? @Awsan: Inputs.io offers free mixing, automatically. We don't charge any fees. |
|
|
|
|
Offchain transactions allows Bitcoin to scale. Sure, it has it's own drawbacks too, like how it requires trust, but it is still a solution.
|
|
|
|
Ended already, seriously now.
|
|
|
|
My bet is still the largest (I think), I'm ok |
|
|
|
Have a search of both the project development and development forums its discussed often in there.
They reckon bitcoind doesnt scale to well with large wallets, but maybe look at getting watch addresses to work with it (there is a pull request for it) and using -walletnotify?
Or have a look at and speak to the Armory developer or pywallet developer.
Thanks for that - will do. Unless you are using a patched bitcoind, don't bother because it is not going to scale well. |
|
|
|
Get jsonrpcclient. Connect to bitcoind RPC. The data is automatically decoded. $transactions = $rpc->listtransactions();
var_dump($transactions);
foreach($transactions as $tx){
echo "TXID: $tx <br />";
} Alternatively, try Inputs.io's API which is incredibly easy to use. Example callback PHP code is already given to you, you don't need to deal with running your own bitcoind. You can just set a callback URL and get the new transactions pushed to you. (Btw, WTF is in your linked youtube video?  ) |
|
|
|
 What this comes withFull Node.js server source code Full client JS / CSS / HTML files (you must use your own branding) Database structure Free one time setup 1 hour of development / support on CoinChat What this does not come withAny of the data Any of the CoinChat branding Any server or hosting Cost$2000 DetailsIt's a well developed chat server. All the bugs have been worked out, if you don't restart the server manually (eg updated code) it can have uptime of months. It's extremely efficient. CoinChat handled up to 160 concurrent users while using ~6% CPU on a Linode 512 and 40MB of RAM. With that, you don't need to worry about scalability because you won't need to scale. It has a LOT of advanced features. Smart tab completion. Auto updating user lists. Custom rooms, moderation tools, auto anti spam filter, smart dates display. Integrated with Inputs.io. Just take a look at every detail and you'll see that tons of work has been put into CoinChat. CoinChat will continue to run. I'm simply selling the script in case you'd like your own chat server. You don't have to add bitcoin - maybe you can rename it to credits, tokens, whatever. Add your own billables, like maybe charge for emotions. |
|
|
|
|
15 Carlos
5 Boelens
4 s1d2a3h4
3 whiskers75
3 juniotjg1987
3 DiamondCardz
(Does not count bonus referrals)
|
|
|
|
|
Show Posts
