GLBSE's latest updates (an early Christmas present for non-techies)

[Nefario]

Important reminder - back up your .blackmarket3.rsa private key file NOW.

I've made quite a few updates over the last week on both the server and python client.

Firstly for the server there is this.

Client
Motions
With thanks for kokjo for fixing the motions bug. You can now view the contents of all motions without any errors.

List assets
Using the command line client you can see all the assets on the exchange.

Recall
For every who has issued shares they want to recall you can now do this, the recall command will take issued assets out of circulations, the ones in the issuers account.

See your History
Specify your transaction history (using the command line client), see as many entries in bitcoin, asset, and market history as you like.

And finally, the big piece of news, this is what has been keeping me up at night.

Web based client
With much thanks to Jere Jones (who has been well paid for this task)


Start here

If you already have a glbse account you want to login, not register.

Written as a single html page, the web based client performs most (not all) the functionallity of the command line. For the average user/issuer it will cover all their needs, and compared to bmc.py, it's soooo pretty.

And best of all, it handles bitcoin as normal decimal instead of the more difficult to use int64(as is still the case with bmc.py)

Using the web based client

If you already have an account on GLBSE, then you'll probably want to use that.

Firstly get your account number, bmc.py user
Then you will need your unencrypted private key.

Your key is probably not unencrypted so to unencrypt it you must:

RSA file decrypt using openssl
Make sure you're in the same directory as your .blackmarket3.rsa file

Code:

openssl rsa -in .blackmarket3.rsa -out .blackmarket3-non-AES.rsa -passin pass:mypass

replace mypass with your password

.blackmarket3-non-AES.rsa contains your private key, copy pasta to the textbox and enter your userid, and hit login.

Your private key is not at any time sent to the server.

Register
The secure way to register is to generate your own public-private RSA keypair using openssl(if it's installed on your system), and then copy/paste them in before hitting register.

See here for more info on how to do that, but forget the -des3 part from that.

The unsecure method is to have our server do this for you and fill in the fields automatically by pressing the Generate new keypair.

It's handy but remember, all that information is sent in plain text over the internet so anyone listening (ECHELON) will have a copy. You're choice.

And don't lose that information, keep your private key safely stored, and don't lose your user id.

You can start trading with the client right now.

Start here

Oh by the way, private key formating is important.

Code:

-----END RSA PRIVATE KEY-----

Should be on a newline.

p.s. please don't melt my server, be understanding, sometimes the client is a little slow(often the server is slow).

Nefario

[1713306678]

1713306678

[1713306678]

1713306678

[1713306678]

1713306678

[REF]

I'll need to take a closer look at this later. Good work on the site over the past 2 weeks or so Iv seen you ever active in the development of the site.

[eturnerx]

Good work!

[cypherdoc]

this is what i get back when typing in command line.  yes i used my "name" and "mypass" but want to hide them here:


C:\Users\name>openssl rsa -in .blackmarket3.rsa -out .blackmarket3-non-AES.rsa -passin pass:mypass
'openssl' is not recognized as an internal or external command,
operable program or batch file.

[Nefario]

this is what i get back when typing in command line.  yes i used my "name" and "mypass" but want to hide them here:


C:\Users\name>openssl rsa -in .blackmarket3.rsa -out .blackmarket3-non-AES.rsa -passin pass:mypass
'openssl' is not recognized as an internal or external command,
operable program or batch file.

try openssl.exe, or try to put the full path to the openssl executable.

[cypherdoc]

this is what i get back when typing in command line.  yes i used my "name" and "mypass" but want to hide them here:


C:\Users\name>openssl rsa -in .blackmarket3.rsa -out .blackmarket3-non-AES.rsa -passin pass:mypass
'openssl' is not recognized as an internal or external command,
operable program or batch file.

try openssl.exe, or try to put the full path to the openssl executable.

in that case do the private key and executable have to be in the same folder?

[Ben Walsh (beamer)]

Damn !!!

I managed to overwrite my existing .blackmarket3.rsa when I was prepping to try the web client.

What's the process for recovering the account it was attached to ?

I know the user ID and the password. I can also state exactly what the current contents of the folio is. I can also tell you what the deposit address was.


* Can I also get a bug raised to cover the python client shouldn't write the .blackmarket3.rsa file, if one already exists. *

[cuddlefish]

Uh. Transferring private keys over plain HTTP? No thanks.

[Nefario]

Uh. Transferring private keys over plain HTTP? No thanks.

If you've already got an account, and have your private key decrypted on your local machine then it's not sent at all.
It's a javascript version of the python client, it signs all messages with your private key, the messages are sent to the server and verified by your public key.

As I said, the key generation is there for convienience, security minded people wont use it, it's optional.

[Nefario]

Damn !!!

I managed to overwrite my existing .blackmarket3.rsa when I was prepping to try the web client.

What's the process for recovering the account it was attached to ?

I know the user ID and the password. I can also state exactly what the current contents of the folio is. I can also tell you what the deposit address was.


* Can I also get a bug raised to cover the python client shouldn't write the .blackmarket3.rsa file, if one already exists. *

Ouch, no process.

The private key is the only way to prove you own an account, the password only encrypted your private key on your local machine.

How much bitcoin did you have in the account?
pm me all your account details.

[cypherdoc]

Wow, i'm in.  but before i look around, what are the commands to re-encrypt my key?

[cypherdoc]

one other thing; do i have to do this process everytime i sign in?

[cypherdoc]

very nice.  how about "balance"?

[ColdHardMetal]

this is what i get back when typing in command line.  yes i used my "name" and "mypass" but want to hide them here:


C:\Users\name>openssl rsa -in .blackmarket3.rsa -out .blackmarket3-non-AES.rsa -passin pass:mypass
'openssl' is not recognized as an internal or external command,
operable program or batch file.

I had this same problem on my Win 7 machine, but got it fixed.

I dug around my HD and found a directory called "OpenSSL-Win32" inside that there is a directory called "bin". I went in there and found the openssl.exe file. I copied my blackmarket3.rsa file into the bin directory and then just used the same command nefario posted "openssl etc etc" and it worked fine.

[Ben Walsh (beamer)]

PM sent. Thanks.

Damn !!!

I managed to overwrite my existing .blackmarket3.rsa when I was prepping to try the web client.

What's the process for recovering the account it was attached to ?

I know the user ID and the password. I can also state exactly what the current contents of the folio is. I can also tell you what the deposit address was.


* Can I also get a bug raised to cover the python client shouldn't write the .blackmarket3.rsa file, if one already exists. *

Ouch, no process.

The private key is the only way to prove you own an account, the password only encrypted your private key on your local machine.

How much bitcoin did you have in the account?
pm me all your account details.

[ColdHardMetal]

one other thing; do i have to do this process everytime i sign in?

This.

very nice.  how about "balance"?

Mine shows in the upper left corner of my screen.

[cypherdoc]

one other thing; do i have to do this process everytime i sign in?

This.

very nice.  how about "balance"?

Mine shows in the upper left corner of my screen.

you're right; there it is.
so do we have to reenter previously existing orders?

[cypherdoc]

so each time we login do we have to retrieve our user id and pgp key?

[cypherdoc]

wait a minute.  logged out and now can't log back in using same user id and unenrypted private key.  get an "invalid rsa private key" message and then it locks up in "Executing" mode.

[Nefario]

so each time we login do we have to retrieve our user id and pgp key?

Yes, think of it as a long username and password. keep them in a textfile.

And yes you need to re-enter your orders.