Show Posts
|
Pages: [1] 2 »
|
13
|
Bitcoin / Project Development / TestnetWallet.com - a testnet-only wallet for developers
|
on: February 16, 2015, 06:52:09 PM
|
Hi All, When building a bitcoin app, its usually a good idea to first test it on testnet, until all issues are ironed out. No point in losing mining fee on test transactions, right? Since there's a lack of testnet web wallets, we put together http://testnetwallet.com as a quick-and-dirty weekend project, to help you while you're testing that app you're building, or if you just want a quick testnet wallet to interface with a testnet service. On the homepage there are a few testnet resources listed. If you know any others we can add to the list let us know! Any games running on testnet out there? Any feedback is welcome! http://testnetwallet.comNote: The site is meant as a wallet to help you with testing, not a secure place to store your testnetcoins (as worthless as they may be)
|
|
|
16
|
Economy / Web Wallets / Re: BlockTrail.com | Bitcoin API | Block Explorer
|
on: February 13, 2015, 05:44:06 PM
|
BlockTrail recently released a Testnet faucet, enabling developers to get free testnet coins to help them build apps. The faucet is available after you login. If you received a special promo code from us, you can also claim Bitcoin from the faucet. For example, if you're the first one to read this, and you use faucet code 582780014377386 you should receive a small reward. Let us know if you got it Enjoy !
|
|
|
18
|
Economy / Web Wallets / Re: List of Bitcoin APIs
|
on: February 12, 2015, 12:05:25 PM
|
Thanks for answering, that's great, the multisig makes a perfect sense from security viewpoint. On the other hand what happens terms of transferring the coins if the service provider, in this case BlockTrail goes out of business? Since the service provider won't be able to sign the transaction how the coins can be transferred from my address? The BlockTrail website states that "You're always able to spend your coins using your primary key together with your backup key", is that means 2 keys from the three (which are my key, backup key and BlockTrail's key) are enough to perform a transaction?
I am actually planning to accept Bitcoin within our business and searching for an online wallet solution that offers a robust API as well. The Blockchain.info service is a great and matured solution, but I am concerned that Blockchain.info keeps full control over the wallet, while BlockTrail claims that they address this issue by letting users retain full control over the wallet. The BlockTrail API looks good as well, it seems the team at BlockTrail has done a great job so far.
Terms of the HD wallet, again, to mitigate the risk of the service provider BlockTrail goes out of business, should users make a backup of their wallet after every transaction or how can be the coins accessible in case if the BlockTrail servers aren't operational?
Hey Tzpardi, Again excellent question. Even if a meteor falls down directly on BlockTrail HQ and we are no longer able to sign a transaction, you STILL have access to your coins because you have 2 out of 3 keys, and two keys are always necessary to sign your transactions. So if BlockTrail is not around, you take the second key that you kept in cold storage and you sign your coins using your own two keys. You can do this manually, but we'll also be adding a tool to our SDK to help you do this easily. The beauty of HD wallet capabilities is that you never need to backup anything except for the 'master seed'. This is because using cryptography, you can recover all your addresses (and their keys) from this master seed. So essentially, after you've secured your master seed in a safe, you never need to make a backup ever again!
|
|
|
19
|
Economy / Web Wallets / Re: List of Bitcoin APIs
|
on: February 11, 2015, 04:43:02 PM
|
Generally I understand what multisig is for but could you explain in the case of BlockTrail service why need their signature for the transaction, what's the advantage of having a multisig transaction and BlockTrail's signature on the transaction?
Great quesiton. I'll give an example to help illustrate the problem and how 2-of-3 multisig solves it. Lets say you run a bitcoin service of some sort, for example, an exchange, a gambling website, an ATM network, etc. One morning you wake up to find that $1,000,000 worth of bitcoins are missing from your hot wallet If you were using 2-of-3 multisig, this scenario could have been prevented, because the service provider (for example BlockTrail) could enforce your custom restrictions and spending limits before signing your transactions. This allows you to greatly mitigate how much damage an attacker can do (i.e you would lose $10k instead of $1m). In order to circumvent the restrictions, an attacker would need to have access both to your systems AND the multisig service provider's systems, making it very unlikely for a successful attack. In another scenario, if the multisig service provider's systems are breached, then users' coins are still safe, because the service provider only has 1 out of 3 keys needed to make transactions. An attacker would still need to attack every single user individually, to actually get their bitcoins. This isn't necessarily the case with some of the more traditional APIs which either have access to your private key (coinbase) or which you need to send your password to the service provider (bc.info). Since we're on the topic of security I think its worthwhile mentioning some of the benefits of HD Wallets, which separate your keychain from your backup process. The issue is that if your bitcoin service (exchange, gambling site, ATM, etc) is constantly generating new bitcoin addresses for users to pay and deposit into, in a short while you'll find that you need to manage hundreds, or hundreds of thousands of private keys. If you have a high volume of transactions its likely that you have a very well defined backup process for getting these keys into cold storage. HD wallet technology eliminates this issue entirely - since you have one private key to manage all of your bitcoin addresses, forever, and you only need to back it up once when you initially created it. You can generate it, throw it in a safety deposit box and never need to expose your backup process to technical faults, human errors or unknown security vulnerabilities. This is also far easier to manage and gives you peace of mind.
|
|
|
20
|
Economy / Web Wallets / Re: List of Bitcoin APIs
|
on: February 11, 2015, 02:23:15 PM
|
Does your project and API support or implements green addresses? I am looking for a green address implementation/API other than the https://greenaddress.it one. No, BlockTrail uses 2-of-3 multisig (unlike greenaddress which makes use of 2-of-2), so BlockTrail does not have the control over the coins to prevent its users from double spending (and thus does not provide "greenaddress functionality" between its users)
|
|
|
|