Show Posts
|
Pages: [1] 2 3 4 »
|
I could do this I guess. My current bot is at https://github.com/knowitnothing/miscThere is a trackplayer.py which already reconnects when disconnected, works with google auth, runs on Linux and Windows, and is open source. You need to install Python before using it: http://python.org/download/releases/2.7.5/PS: To get a proper bot first you need to define the actual parameters you need/want to set, very precisely. Can you do that ?
|
|
|
Wow, what a reason for deciding to increase the rate to 5%...
Hopefully you don't know people that scam other people, so you won't decide to do the same because they told you it is a very common approach and should be replicated.. or
Hopefully you don't know people that dislike your site and told you to close it and disappear.. or
.. you got the idea.
I am more comfortable with 5% than 1%. Just saying. It means a bigger incentive for dooglus to be honest and not run away with invested coins. I'm more comfortable with 5% too. I've been working 20 hour days on the site since launch, and earning approximately nothing in return. I'm used to working for other people, and earning significantly more than that. Now I'm working for myself and not even covering expenses? If it becomes apparently that 5% is stupidly high, then I'll reduce it again. Wouldn't be better to increase the house edge then ? 1% might be nice for the players, but maybe not so nice for the investors. This is likely to increase the amount of BTC invested, allowing for a greater max profit, maybe attracting more distinct players, and in the end more profit for you. Do the math, at the current turnover and level of investment, 1% is fine. Do the math for what exactly ? To tell you what happens when house edge moves to 1.1%, .., 1.9%, etc ? Also, define what is "fine" here.
|
|
|
Wow, what a reason for deciding to increase the rate to 5%...
Hopefully you don't know people that scam other people, so you won't decide to do the same because they told you it is a very common approach and should be replicated.. or
Hopefully you don't know people that dislike your site and told you to close it and disappear.. or
.. you got the idea.
I am more comfortable with 5% than 1%. Just saying. It means a bigger incentive for dooglus to be honest and not run away with invested coins. I'm more comfortable with 5% too. I've been working 20 hour days on the site since launch, and earning approximately nothing in return. I'm used to working for other people, and earning significantly more than that. Now I'm working for myself and not even covering expenses? If it becomes apparently that 5% is stupidly high, then I'll reduce it again. Wouldn't be better to increase the house edge then ? 1% might be nice for the players, but maybe not so nice for the investors. This is likely to increase the amount of BTC invested, allowing for a greater max profit, maybe attracting more distinct players, and in the end more profit for you.
|
|
|
Wow, what a reason for deciding to increase the rate to 5%...
Hopefully you don't know people that scam other people, so you won't decide to do the same because they told you it is a very common approach and should be replicated.. or
Hopefully you don't know people that dislike your site and told you to close it and disappear.. or
.. you got the idea.
|
|
|
Uhm.. site offline ? Are you ready to take a large (or, better, a not so small) volume of players or bets ?
Dooglus said there would be around a 15 minute downtime for updates. I'm actually interested in knowing what kind of update is this. I mean, is there some kind of limitation regarding the way the system is coded, or the servers, or anything at all... ? This service is very new and I see people doing mistakes everywhere (security, bad code, bad decisions, etc), specially on web services so it worries me even though I've put only a tiny amount of bitcoins there.
|
|
|
Uhm.. site offline ? Are you ready to take a large (or, better, a not so small) volume of players or bets ?
|
|
|
Everything is perfect about this so far the only thing that is missing is early ivestors reward or long term investor or something like that
The reward for long-term investors is that... they will have more money. Not sure what is there to add. I understand his concern. The problem here is that with a normal security usually the early investors are taking a higher risk (i.e. you don't know if the company will be successfull) but will get a higher reward (i.e. they bought cheaper). Here instead, buying early give you no benefit over buying later (when you already know if the company is successfull). But this is not a "normal" security, this is basically guaranteed free money supposing long-term investments and honest operation together with people "nice enough" to gamble. I guess at some point the system could change in order to make it harder to be an investor, which automatically benefits the early investors.
|
|
|
Is there some form of API for the operations regarding investment ?
|
|
|
Just pay attention when using bigquery.cloud.com. It is very easy to get charged.
|
|
|
I suggest giving their IRC channel a try. Last time I went there, MagicalTux answered the questions I had. But this is a tad different, I'm not sure they are willing to change their API to the earlier behavior -- but hopefully it was just a mistake somewhere, and then the situation will be reverted.
|
|
|
You are skipping another approach that should be obvious: there are bugs everywhere. I don't actually need to compromise a computer in order to access their cookies (including the httpOnly ones), I just need a browser with a bug that has been published (or not) which allows access to cookies.
Of course there are other approaches, maybe they are just not feasible for you ? GMail uses cookies too, but plain passwords is something you won't find there.
I suspect you're going to have to wait for a long time for that bug, because this is the sort of bug that would break the entire internet. Cookies are sandboxed. If a bug allows a website to read another website's cookies then that's the mother of all 0days. I simply don't know what is your experience with this, and on what you are basing your answers. Are you aware of, for example, http://seckb.yehg.net/2012/06/xss-gaining-access-to-httponly-cookie.html ? This is the return of five seconds googling, I hope you are aware of people that simply don't share their findings in this area. Storing passwords in plain text anywhere is simply a bad idea, supposedly safe cookies in 2013 do not make them a better idea. You can just ignore the situation, of course.
|
|
|
Nice layout, and I'm mostly ok with the API.
But! This is a big "but" for me, by the way. Stop storing the user/password in a cookie, and specially do not store anywhere in plain text (much more specially don't do that in the cookies!). I just did a SELECT * FROM moz_cookies WHERE baseDomain = 'coinroll.it'; on cookies.sqlite from Firefox and I see everything as clear as it can get.
My second issue is the limit of bets. Are you scared of someone suddenly getting lucky on < 1 and stealing all your pot ?
Nevertheless, congrats on making a decent API for it.
This was a design choice. I wanted it to be loginless and stateless. The alternative would be to have a (static) session ID which would pretty much have the same effect: if someone has access to your machine they can access your Coinroll balance. Which I don't think is a problem anyway. If your system is compromised you have bigger problems than your balance on a gambling website. The cookie has the 'httpOnly' and 'secure' flags set, so it can't be read by javascript and it is only transmitted via HTTPS. You are skipping another approach that should be obvious: there are bugs everywhere. I don't actually need to compromise a computer in order to access their cookies (including the httpOnly ones), I just need a browser with a bug that has been published (or not) which allows access to cookies. Of course there are other approaches, maybe they are just not feasible for you ? GMail uses cookies too, but plain passwords is something you won't find there.
|
|
|
What, exactly, is the guarantee that Coinbase won't suffer the same problem as Dwolla ?
The issue is about MtGox not properly filling papers, so any service based on US dealing with MtGox is a potential target for shutdown. If that is not the case due to MtGox "re-filling" papers correctly, I would be more than glad to know.
|
|
|
BTC-e is completely retard on the ban issue.
Using bots and respecting their artificial limit of one query per second still can get you banned. I'm not fully against the ban, but the huge issue is that you get banned for every kind of access. This means you can no longer access the site, and the support email is a black hole. No email is sent telling the reason for the ban, neither how long will the IP continue banned. There is also the issue regarding dynamic IPs.
All in all, BTC-e please get smarter and change the way your ban behaves. Revoke the API key if you must, but don't act like a robber.
This also applies for every other kind of ban that is possible in BTC-e: the ban should block /only/ the action that caused the ban, not the fucking whole account for any kind of access.
|
|
|
Nice layout, and I'm mostly ok with the API.
But! This is a big "but" for me, by the way. Stop storing the user/password in a cookie, and specially do not store anywhere in plain text (much more specially don't do that in the cookies!). I just did a SELECT * FROM moz_cookies WHERE baseDomain = 'coinroll.it'; on cookies.sqlite from Firefox and I see everything as clear as it can get.
My second issue is the limit of bets. Are you scared of someone suddenly getting lucky on < 1 and stealing all your pot ?
Nevertheless, congrats on making a decent API for it.
|
|
|
if we feed zipline with tick data, handle data (which is called several times) will have to resample data several times... that's why I don't know if it's a good idea....
Is that a poem ? You are supposed to collect data in real time, which is very different from doing analysis in real time. There is very little value in doing the analysis in real time, actually. So suppose right now you have all data ever produced by some exchange, and some new data come in. You aggregate it to your existing data, and, for example, each 5 minutes you update your analysis on this data. Note that there is also little value in using the entire history for doing something like EMAs, per definition of EMA. You still need to resample data, but only each 5 minutes. And resampling is done very efficiently by pandas.
|
|
|
Thanks a lot for your link...
So in your mind we could feed zipline with tick data...
But I wonder if we could have differents indicators with differents timeframe (M30 and H1 for example)
for example a Moving average based on M30 candlestick chart and an other indicator (RSI for example) based on a H1 candlestick chart
I didn't really read the thread, but it seems people is using pandas here. Are you aware of the resample method that is available ? If you have real time (ticker) data, you can resample it based on any granularity very easily using pandas.
|
|
|
I feel very uncomfortable in trading at Bitstamp (and some other exchanges) through the API, and I hope they did different decisions in their internal code. Why, oh why, did they think it was a good idea to send user and password when making requests ? This is too sensitive, and users very often pick the same password for different services. This data is ultimately going through HTTPS, but still..
I understand the gut reaction, but it's https! The real risk lies at each end of the connection. But then there would still be risk at each end even if they used something like gox's secret. DO you not have faith in https? There is a huge difference in using generated key/secret pairs from using the actual username/password pairs. For a starter, the former can be restricted to perform only certain operations, the latter can perform everything always. Even if some key/secret from MtGox or BTC-e were leaked, it could be the case that the attacker wouldn't be able to do anything interesting with them.
|
|
|
|