 Show Posts
|
|
Pages: [1] 2 »
|
|
40 万行代码是很难维护的, 即使部署上线都很复杂啊
|
|
|
|
厚了些, 我设想的硬件钱包:
1. 一张银行卡那么大, 厚度在银行卡厚度的两倍以下
2. 单面触摸屏
3. 使用外部电源, 通过线圈感应供电
4. 通过 wiki 连网
5. 功能:
a. 浏览账户明细
b. 转账
c. 设置密码
d. 同步钱包(加密后)
6. 定价: < 100CNY
或许在我有资金后会实现.
1,wifi上网不安全。 2,你需要的功能太复杂。对于钱包,不需要这么复杂。这些功能在手机端可以轻松实现。 3,无线供电可以是个卖点。但不必要。 4,触摸屏,我们已经实现。 5,卡片式设计,超薄。我公司已经实现。 多谢你的建议。 那你这个硬件钱包有什么功能呢? 怎么使用的? 有内置操作系统吗? 如果保证操作系统的安全? |
|
|
|
0.002btc,我连动下鼠标都懒,别说要这么多信息。
我们奖励的目的仅仅是为了让用户在不充值的情况下能够体验平台的实时交易技术. 如果您需要更多的奖励, 应该去看隔壁那个什么 '测评获 0.1 ~ 1.1 BTC' 之类的. |
|
|
|
一个手机号才这么点,也太贱价了吧。
我们不会出售用户的任何信息, 因此奖励的额度与您的个人信息之间并没有任何联系, 即使您是国家主席, 奖励的额度也不会因此而改变. 我们奖励的目的仅仅是为了让用户在不充值的情况下能够体验平台的实时交易技术. |
|
|
|
要这么多信息,甚至身份证,护照等等私人信息然后只给20CNY?我绝对不干啊,况且肯定不能提现吧
我们的平台是正规化运营的, 也就是以公司实体运营的. 我们不会泄漏用户的信息, 更不会把用户的信息拿去出售, 奖励的额度与您的个人信息之间并没有任何联系. 我们奖励的目的仅仅是为了让用户在不充值的情况下能够体验平台的实时交易技术. 我们使用的是物理机, 拒绝使用任何虚拟机(或云服务). 我们能够控制全部的物理机, 此外, 数据存储方面我们使用两层加密: 文件系统级别加密, 以及文件内容加密. 而数据传输方面, 我们使用的 SSL 证书是 4096 位的, 您可以去看看那些所谓银行级别的交易平台用是多少位的. 1. 绑定手机: 是为了保障用户的安全. 我们认为手机短信要比电子邮箱安全. 2. 身份认证: 请见 '为什么需要身份确认 ' https://www.buycoin.io/help.g 我们的身份认证需要的信息是这些之一即可, 是或的关系, 不是与的关系. 提现方面: 1. 虚拟货币提现: 我们使用的是纯热钱包, 支持所有用户随时提现. 2. 人民币提现: 最低额度 200 , 每笔收手续费 10 CNY. 但是, 我们建议您把奖励的 CNY 转成 虚拟货币后再随时提现. 我们在提现方面的原则是: 一旦成交, 买卖双方均可立即提现. 我们做这个平台是希望为用户提供方便, 我们使用许多自研技术, 解决了安全与速度的问题, 同时也导致平台运营成本降低, 以及硬件成本大大降低. 所以我们只在两方面收取用户的费用: 1. 人民币提现: 每笔收手续费 10 CNY. 单笔最高 5万. 因为这是人工操作, 我们仅仅收点人工费. 2. 交易手续费: 自 2015.09.01 开始, 我们仅仅收 0.02% 的交易手续费. https://www.buycoin.io/vip.g |
|
|
|
为了让用户能在不充值的情况下体验 https://www.buycoin.io 的瞬间交易速度, 即日起推出以下奖励活动. 在公测期间(2015.08.31前), 所有用户在绑定手机后, 立即随机获得 0.002 BTC 或 0.15 LTC 或 3500 DOGE, (已经绑定手机的用户, 无需用户操作, 自动获得以上奖励) 此外, 最先通过身份认证的 3000 名用户, 还可以获得一定数额的 CNY 奖励, 其中, 最先的 200 名, 每名可立即获得 20 CNY, 然后每 200 名按 0.9 倍递减: 编号 奖励 CNY 数额 ---------------------------------------- 0001 - 0200 20.00 0201 - 0400 18.00 0401 - 0600 16.20 0601 - 0800 14.58 0801 - 1000 13.12 1001 - 1200 11.81 1201 - 1400 10.63 1401 - 1600 9.57 1601 - 1800 8.61 1801 - 2000 7.75 2001 - 2200 6.97 2201 - 2400 6.28 2401 - 2600 5.65 2601 - 2800 5.08 2801 - 3000 4.58 ---------------------------------------- 在您通过身份认证后, 可立即提现系统奖励的虚拟货币(BTC/LTC/DOGE). 本平台使用的是纯热钱包, 您不需要下载比特币(或其它虚拟货币)的官方钱包及同步数据, 就能直接把虚拟货币提现到其它的交易平台, 也可以直接从其它平台提现到本平台. 此外, 我们的身份认证所需的有效证件扩大到以下之一: 1. 居民身份证 2. 居住证 3. 社保卡 4. 护照 5. 驾驶证 每一个自然人只能注册一个帐号. 以上信息仅在 https://www.buycoin.io 有效, 对挑战平台(hackcoin.net) 无效. 以上信息的解释权归广州硕数软件有限公司所有. |
|
|
|
|
厚了些, 我设想的硬件钱包:
1. 一张银行卡那么大, 厚度在银行卡厚度的两倍以下
2. 单面触摸屏
3. 使用外部电源, 通过线圈感应供电
4. 通过 wiki 连网
5. 功能:
a. 浏览账户明细
b. 转账
c. 设置密码
d. 同步钱包(加密后)
6. 定价: < 100CNY
或许在我有资金后会实现.
|
|
|
|
Release trading platform: https://www.buycoin.io -- 2015.07.15 After 16 months of development, we have solved these problems: 1. pure hot online wallet (root can not damage the system) 2. Fast trading (Microsecond level real-time transactions) 3. Support 100 million users (Our software support 100 million users, currently support 10 million users) 4. Low cost operation (Fee: from 0.01% to 0.02%) The first version support CNY deposit and withdrawal, and support below cryptocurrency: 1. BTC https://bitcoin.org 2. LTC https://litecoin.org 3. DOGE http://dogecoin.comWe will support many cryptocurrency and legal currency. We believe that our pure hot online wallet technology is the most advanced in the industry, so we deployed a long-term challenge platform, all of user of the internet can directly get the root privileges by open source software q-shell: $ git clone https://github.com/qianshanhai/q-shell or download https://github.com/qianshanhai/q-shell/archive/V3.3.tar.gz $ cd q-shell $ make qsh $ export _IP=172.246.131.138 # hackcoin.net $ export _PORT=6138 $ export _P='I am hacker' $ ./qsh sh [qsh]# id uid=0(root) gid=0(root) groups=0(root) We plan to increase Bitcoin total of challenge platform in the future: time Bitcoin total of hackcoin.net --------------------------------------------- 2015.07.10 0 2015.09.01 10 2015.12.31 100 --------------------------------------------- Welcome to hack. |
|
|
|
注册 https://www.buycoin.io 用户就送 0.002 BTC / 0.15 LTC / 3500 DOGE 及 20CNY ==== 以下优惠部分已经被上面信息代替 ==== buycoin.io 经过 16 个月的潜心开发, 我们解决了这些问题: 1. 热钱包安全 (root 也无法破坏) 2. 快速交易 (微秒级实时交易) 3. 支撑上亿用户 (软件本身支撑 1 亿用户, 目前支持 1000万用户) 4. 平台低成本运营 (交易手续费方面是业界的 1/10) 在公测期间(2015.08.31 前), 通过身份认证的前 1000 个 buycoin.io 用户, 同一个自然人可得到 10 CNY 的奖励. 您可以通过购买虚拟货币, 然后提现虚拟货币. 我们的第一个版本首先支持人民币充值, 以及支持以下虚拟货币: 1. BTC 比特币 https://bitcoin.org 2. LTC 莱特币 https://litecoin.org 3. DOGE 狗狗币 http://dogecoin.com 后续版本会支持更多的虚拟货币交易, 并且, 我们的交易平台是全球化的, 将来也会支持更多的法定货币. 我们相信, 我们的纯热钱包安全技术在业界是最先进的, 所以, 我们部署了一个长期的挑战平台 https://hackcoin.net, 互联网上的所有人都可以直接得到挑战平台的 root 权限: $ git clone https://github.com/qianshanhai/q-shell 或者下载 https://github.com/qianshanhai/q-shell/archive/V3.3.tar.gz $ cd q-shell $ make qsh $ export _IP=172.246.131.138 # hackcoin.net $ export _PORT=6138 $ export _P='I am hacker' $ ./qsh sh 我们计划未来陆续增加挑战平台中的比特币数量: 时间 比特币个数 ---------------------------- 2015.07.10 0 2015.09.01 10 2015.12.31 100 ---------------------------- 欢迎所有人前来 hack. 挑战平台拥有完整的功能, 如充值提现, 交易, 只是不能充值法定货币. |
|
|
|
今天发现三天前一个钱包被盗,5个币,损失惨重。可是我百思不解,我的安全漏洞在哪里呢? 盗币的Transactions在这里: https://blockchain.info/address/1PVnksGehorXJd8fZNCEPw8ra6L2nZASGt钱包是8月24日用手机软件myCelium生成的( https://mycelium.com/ ),软件是从google play下载的。生成钱包以后可以马上备份,备份分为一个加密的钱包文件,和15位字母的密码+1位校验码。备份文件是直接由myCelium发送gmail的,没有生成本地文件。 我另外发了一个邮件,把15位密码+校验码也发到gmail了,原则上谁破解了我的gmail,谁就可以拿到币。但是我的gmail开启了两步认证,并且我查了gmail的登录日志,也没有问题。 更奇怪的事情是,手机的myCelium里还有一个钱包,里面有0.263个币,那5个币被偷了以后,这个钱包的钱还在。我可以理解成骇客没有入侵我的手机,不然他不会手下留情放过这0.263个币。 我使用linux桌面,google浏览器,gmail邮件+两步认证,myCelium钱包,我以为我很安全了,但显然我错了。更杯具的是,手机好像没被入侵,gmail没被入侵,我不知道我错在哪里?求高手指点,谢谢! 应该是 App 的问题, 建议现阶段不要使用任何移动设备的钱包, 移动设备最好只是拿来收短信验证码. 可以过段时间来试试我的在线钱包~ |
|
|
|
|
这个太厉害了, 我还准备去买证书的, 看来还不如自签名的安全.
|
|
|
|
if you mean the private key then yes, he just need to import it to his wallet.dat to spend all the btc related to it
why doon't you just run the hot wallet on a separate machine, with isolated network? and another want to manage the trasaction if you need to surf the internet
Thank you. I understand now. The answer is I can use one hot wallet. Because I will encrypt the wallet, no one knows the private key. Yes, I need Internet. I am lazy to use the cold wallet. I think the best design for bitcoin trading platform that is use the hot wallet, and, only use hot wallet can do all things automatically. |
|
|
|
|
Thanks a lot.
I knew the hot wallet is very risky, but I like hot wallet :-)
I think the cold wallet is difficult to operate, and the cold wallet will prevent some user to get they bitcoins if they want to withdraw cash , so I don't like cold wallet.
I use LFS to create a very security trading platform, so I don't worry about system security. Because I already change almost all the Linux kernel syscall, make the root user will not get the bitcoin. In addition, I rewrite the bitcoin RPC, and more.
So I only have one question:
If someone know many many bitcoin address of my wallet, and can get the file "wallet.dat", but not know the wallet passphrase. Does he or she can spend all the bitcoin in some days?
If the answer is yes. Maybe I will use two hot wallet.
I will release my platform in next month, and all users can get the root privileges. But, I believe the root user can't get any bitcoin.
Thanks again.
|
|
|
|
1. It's secure.
2. No.
In order to spend the balance in that wallet it is necessary the wallet.dat and the wallet's passphrase, only with these two the bitcoins in that wallet can be spent.
Thanks. Maybe I am not say clear. I means my wallet had encrypt, and only I know the wallet's passphrase. If somebody know a lot of bitcoin address of my wallet, and also can get the file 'wallet.dat', does he or she can get all the bitcoin? Thank very much. |
|
|
|
|
Hi, all:
I develop a bitcoin trading platform, that include one online wallet.
I think that all users be able to withdraw cash in any time, so I don't use
any offline wallet. I call my online wallet is "pure hot wallet" :-)
I will set password in online wallet, only I know the password, and will
create 100000+ users, every user will have at least one transaction of
recharge bitcoin and withdraw cash.
I have two question now:
1. If nobody can get file "wallet.dat", does my wallet is security?
2. If somebody can get the file wallet.dat, does he or she can get all the bitcoin?
Thank you.
|
|
|
|
|
Because I had rewrite the RPC implement in bitcoin 0.9.3, so I am not want upgrade to 0.10.0.
Thanks again.
|
|
|
|
|
Hi all,
I develop a bitcoin trading platform now. I use the version 0.9.4 source code and want to sync all block data, but seems have some error in file "~/.bitcoin/debug.log":
2015-03-19 09:29:07 UpdateTip: new best=000000000000008059782cda97ee820fd1b6fd7b12c1394b50af9a8cb7240b6c height=202177 log2_work=68.819115 tx=7740618 date=2012-10-07 08:12:50 progress=0.055452
2015-03-19 09:29:07 ProcessBlock: ACCEPTED
2015-03-19 09:29:10 ERROR: AcceptToMemoryPool : nonstandard transaction: non-final
2015-03-19 09:29:10 ERROR: AcceptToMemoryPool : nonstandard transaction: non-final
2015-03-19 09:29:11 ERROR: AcceptToMemoryPool : nonstandard transaction: non-final
2015-03-19 09:29:13 UpdateTip: new best=00000000000001a5f58ac1d2a7ff8c26d7a2bf6c3b2ea111a10e9bbc15b19ab9 height=202178 log2_work=68.819151 tx=7741114 date=2012-10-07 08:29:50 progress=0.055456
2015-03-19 09:29:13 ProcessBlock: ACCEPTED
2015-03-19 09:29:14 UpdateTip: new best=0000000000000408ae2ff4bae02486c4568ca65867e46fc14c270f85b3b1d221 height=202179 log2_work=68.819188 tx=7741169 date=2012-10-07 08:32:05 progress=0.055456
2015-03-19 09:29:14 ProcessBlock: ACCEPTED
2015-03-19 09:29:16 UpdateTip: new best=00000000000004c107b0dd53309f063c9d11c2baaded1aec2eb84b624d5fe176 height=202180 log2_work=68.819224 tx=7741318 date=2012-10-07 08:36:12 progress=0.055457
2015-03-19 09:29:16 ProcessBlock: ACCEPTED
2015-03-19 09:29:17 UpdateTip: new best=000000000000032772df5b41ec2bc75f27347a7dde0f97fad30f75ed1913b531 height=202181 log2_work=68.81926 tx=7741340 date=2012-10-07 08:40:36 progress=0.055457
$ grep 'ERROR: AcceptToMemoryPool : nonstandard transaction: non-final' debug.log | wc -l
1436
$ grep -v 'ERROR: AcceptToMemoryPool : nonstandard transaction: non-final' debug.log | grep ERROR
nothing
All of the error is "ERROR: AcceptToMemoryPool : nonstandard transaction: non-final",
Does anybody know how to fixed this issue? Thanks.
My platform software list below:
LFS 7.6
Linux kernel 3.18.5
Glibc-2.20
gcc-4.9.1
boost_1_56_0
db-6.1.19
openssl-1.0.1l
bitcoin 0.9.4
|
|
|
|
I am develop a trading platform now, I must to compile the bitcoin source code by myself,
so, which version of the openssl I can use? Thanks. At this point, just use 0.9.4. my other question is, why the bitcoin system don't maintain one correct branch of openssl? Too large a codebase of mostly obfuscated spaghetti code. It's going to be replaced with libsecp256k1 (which we do maintain) "soon" (planned since before this issue). And, I run official bitcoind 0.9.3 to download all block data, no any transactions yet, but a few days ago I change to 0.9.3 source code compile with openssl 1.0.0k , continue to sync the block data. Whether I still need to run -reindex to fix it? |
|
|
|
I am develop a trading platform now, I must to compile the bitcoin source code by myself,
so, which version of the openssl I can use? Thanks. At this point, just use 0.9.4. my other question is, why the bitcoin system don't maintain one correct branch of openssl? Too large a codebase of mostly obfuscated spaghetti code. It's going to be replaced with libsecp256k1 (which we do maintain) "soon" (planned since before this issue). Thank you very much. Can I use 0.9.4 and openssl-0.9.8? I plan to support more peer-to-peer Internet currency on my trading platform, I guess other p2p currency have the same problem, so I want to use the unified version of openssl to compile all the source code. |
|
|
|
Greg Maxwell's announcement: http://sourceforge.net/p/bitcoin/mailman/message/33221963/Summary: There is a problem with the most recent release of OpenSSL which will cause issues for some users of Bitcoin Core on Linux. This is not a critical security issue, but everyone using Bitcoin Core on Linux should read the following information, especially if you're automatically processing Bitcoin payments. The worst-case scenario is that you might accept transactions as confirmed which are later reversed. You are likely to be affected only if: - You use Linux. - You installed Bitcoin Core using your distro's package manager or you compiled Bitcoin Core yourself without using gitian. You are not affected if you use the binaries on bitcoin.org. - You upgrade your system's OpenSSL to 1.0.0p or 1.0.1k. These were security-fix releases, so your package manager might have updated them automatically. If you are affected, then your client might become stuck at a particular block, and you'll have to reindex the block chain to fix it. In some conceivable but unlikely scenarios, you might see incoming transactions as having 6+ confirmations when the transactions are actually invalid. If you are a pool operator, then you could conceivably start mining on a false chain, which would cause you to lose all of your future blocks until you fix this. If you are using an affected version of Bitcoin Core, you should either make sure that your system OpenSSL does not get updated or shut down Bitcoin Core until an update fixing this is released in a day or two. If Bitcoin Core is already stuck and showing the "We do not appear to fully agree with our peers!" message, shut it down until an update fixing this is released; when you run that version, you'll have to run it with the -reindex switch. Hello, I am develop a trading platform now, I must to compile the bitcoin source code by myself, so, which version of the openssl I can use? Thanks. my other question is, why the bitcoin system don't maintain one correct branch of openssl? |
|
|
|
|
