Correction to idea with RPC calls:
- I thought about it a little more and that's not that good idea actually - rpc protocol is plain http, we cannot trust it. One can write his rpc server and fake responses easily.
Regarding 2 latest ideas:
- simple daemon that run locally can be easily compromised too and I'm not sure we are capable of writing another safe crypto thing just for swapping coins
- I don't think exchanges are going to swap balance by unconfirmed deposits - pretty risky for them
Sorry, can't join IRC right now, please post ideas here too. Be back in 8-10 hours.
Thanks.
- I thought about it a little more and that's not that good idea actually - rpc protocol is plain http, we cannot trust it. One can write his rpc server and fake responses easily.
Regarding 2 latest ideas:
- simple daemon that run locally can be easily compromised too and I'm not sure we are capable of writing another safe crypto thing just for swapping coins
- I don't think exchanges are going to swap balance by unconfirmed deposits - pretty risky for them
Sorry, can't join IRC right now, please post ideas here too. Be back in 8-10 hours.
Thanks.
I am not an expert on the blockchain.... but, with regards the RPC method,
if we use listUnspent() then shouldn't the response be verifiable ?
Well, afaik "listunspent" gives you a list of transaction outputs (vout) that are not seen in inputs (vin) of any other transaction. And this info is publicly available in blockchain. As an example look at that address http://nc2chain.info/address/CeNudFti4pMv2DGhQny9tPZcgpBzh7pTa9
Note (U)nspent and (S)pent in transaction outputs...
Speaking of untrusted info and the way to help devs - you just gave me another idea btw
Dev can make simple form to request only this kind of info - "old address, signed message, new address". So there will be no need to make transaction and it can be nicely automated too.
This is how to make it work (yes, using console again, sorry everyone ):
1. some person sign his address as a message (you can sign any message with <Coin2.0address> only if you have private key for it)
Code:
signmessage <Coin2.0address> <message>
Code:
signmessage CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1 CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1
Code:
HGlGZcNK54gFlnKLOPUlFYdBlvyfaFrL6HRXJyJHtjoONPyr0JYaC940kuRgOYM3WIMySeoDNUoVhl8F33AB1oE=
- old address - CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1
- signed message - HGlGZcNK54gFlnKLOPUlFYdBlvyfaFrL6HRXJyJHtjoONPyr0JYaC940kuRgOYM3WIMySeoDNUoVhl8 F33AB1oE=
- new address - SomeNewAddressForOurNewCoin2walletqt
3. devs can easily verify that this person own this address by making RPC call to old daemon
Code:
verifymessage <Coin2.0address> <signature> <message>
Code:
verifymessage CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1 HGlGZcNK54gFlnKLOPUlFYdBlvyfaFrL6HRXJyJHtjoONPyr0JYaC940kuRgOYM3WIMySeoDNUoVhl8F33AB1oE= CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1
Code:
true
Code:
false
4. dev can use whatever method they like to get old balance, for example nc2chain.info API
Code:
http://nc2chain.info/api/address/CHAiN12348eGFtwQsMTVPFfGwQRniAMqw1/balance
Code:
7555.502597
Code:
sendtoaddress <NewCoin2.0address> <amount>
Code:
sendtoaddress SomeNewAddressForOurNewCoin2walletqt 7555.502597
What do you guys think?