Bitcoin Forum
December 07, 2016, 04:33:19 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: [ANNOUNCE] Collate v0.4: Bring your wallets together.  (Read 2361 times)
Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
June 15, 2011, 04:42:25 AM
 #1

https://github.com/hach-que/Collate/raw/master/icon128.png

Bring your wallets together.


You can install the application from the Chrome Web Store.

Overview

For the past few days I've been working on a project called Collate.  The goal of the project is to allow a user to view and manage all of their BitCoin wallets in a single place, this means:

  • Wallets running in the desktop client.
  • Wallets stored online with wallet providers.
  • BitCoin balances for trading sites (such as MtGox).
  • Earnings from mining pools.

Latest changes (v0.4.21029)

Version 0.4 brings support for syncing configuration with a server (locally encrypted with AES-256).  It also updates the plugins to work, and disables MtGox (their API is requires more infrastructure to use now).  Importantly, it now supports wallets that use passphrases.

Downloads

Collate is written as a Google Chrome extension, but importantly it's not restricted to being a Google Chrome extension; the Chrome-specific element is the browser action (and if you can't tell, this is an encouragement for someone to port it to Firefox Wink).  It's designed such that it can be easily extended with new types of wallets and it's licensed under an MIT license (so it's open source).

You can install the application from the Chrome Web Store at https://chrome.google.com/webstore/detail/anlcpclkmbeeoglfgbfboogijdkbohkn.

You can download the source code from https://github.com/hach-que/Collate.

Features

  • Extendable with plugins
  • Wallets:
    • Local BitCoin Server
    • Block Explorer (via BlockChain)
  • Mining Pools and Control:
    • OzCoin
    • BTCGuild

In the works

An initial plugin for MtGox had been completed; but it does not yet support trading or the MtGox ticker.  If you're interested in working on this, get in contact with me.  Outside of that, we're planning plugins for more mining pools and wallet providers (it depends on what they support).  In addition, we're working with the developer of BitMiner to provide a plugin that will allow you to control GPU miners from the interface.

Screenshots

[1] [2]

https://github.com/hach-que/Collate/raw/master/screenshot01.png
1481128399
Hero Member
*
Offline Offline

Posts: 1481128399

View Profile Personal Message (Offline)

Ignore
1481128399
Reply with quote  #2

1481128399
Report to moderator
1481128399
Hero Member
*
Offline Offline

Posts: 1481128399

View Profile Personal Message (Offline)

Ignore
1481128399
Reply with quote  #2

1481128399
Report to moderator
1481128399
Hero Member
*
Offline Offline

Posts: 1481128399

View Profile Personal Message (Offline)

Ignore
1481128399
Reply with quote  #2

1481128399
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
June 15, 2011, 06:29:48 AM
 #2

I beta tested this, and i have to say, was very impressed! Could go alot further Cheesy
wonderbread
Newbie
*
Offline Offline

Activity: 11


View Profile
June 15, 2011, 07:07:42 AM
 #3

Looking good mate Smiley

Subscribed.
Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
June 15, 2011, 07:55:28 AM
 #4

Quite impressive. I did a quick skim of the code and it looks clean enough. It's nice to have another frontend for the bitcoin client, especially since I can see my balance change as I browse!

Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
June 15, 2011, 11:54:57 AM
 #5

I just finished the submission to the Chrome Web Store; I recommend that you install it from there as it means you'll get automatic updates when we release new plugins.
Basiley
Jr. Member
*
Offline Offline

Activity: 42


View Profile
June 15, 2011, 12:44:04 PM
 #6

nice. how about port FireFox 4.x and Opera 11.xx ?
Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
June 15, 2011, 12:46:23 PM
 #7

nice. how about port FireFox 4.x and Opera 11.xx ?

I haven't written a Firefox extension for years and I've never written in Opera extension at all (nor would I have the ability to maintain those).  I'm hoping someone with the relevant experience might have a go at doing it (it's 99% standard Javascript so it should port easily).
REF
Hero Member
*****
Offline Offline

Activity: 526


View Profile
June 15, 2011, 05:02:08 PM
 #8

cool project i hope someone can port it to FF i have a few coins around and this would make it a lot nicer.
carlerha
Sr. Member
****
Offline Offline

Activity: 252


View Profile
June 15, 2011, 06:03:00 PM
 #9

looks good

Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
June 20, 2011, 11:48:58 AM
 #10

I've just updated the source code in the repository (https://github.com/hach-que/Collate) to support reading a wallet via Block Explorer which means you now don't have to run the BitCoin server or leave your wallet unencrypted to do so (since it must be unencrypted for the BitCoin server to run).

So in summary, it's a much safer way of viewing your wallet from Collate since you don't have to leave your wallet unencrypted (and you shouldn't).  The main differences between the Block Explorer and the RPC-based plugin is that the former can't report or control local mining (but who does CPU mining these days?) and it also can't send coins on your behalf.

I've also merged the BTCGuild mining pool plugin from Wonderbread into the system, so that's built-in now for anyone using that mining pool.

This is the RC to the v0.2 release, however it's appreciated if people test the version in the repository so I can iron out any final bugs before packaging for the Chrome Web Store.
Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
July 07, 2011, 02:31:10 AM
 #11

Just to let everyone know, this project isn't dead, I've just been super busy lately with some other things.  Development should start again next week sometime.
amincd
Hero Member
*****
Offline Offline

Activity: 772


View Profile
July 07, 2011, 04:11:19 AM
 #12

Thanks for the contribution!
TeraPool
Jr. Member
*
Offline Offline

Activity: 42


View Profile
July 07, 2011, 04:13:58 AM
 #13

Would this make my coins "hackable/stealable" by any 0 day chrome/firefox/browser exploits?

Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
July 07, 2011, 04:21:11 AM
 #14

Would this make my coins "hackable/stealable" by any 0 day chrome/firefox/browser exploits?
Any exploit that could compromise the sandbox could also likely compromise the whole machine.

Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
July 07, 2011, 04:27:08 AM
 #15

It seems that the Chrome Web Store version is not yet 0.2! I meant to do that previously, but it seems I forgot (I'll get it done now).  It addresses the following concern:

Would this make my coins "hackable/stealable" by any 0 day chrome/firefox/browser exploits?
Any exploit that could compromise the sandbox could also likely compromise the whole machine.

In 0.2 you can use the Block Explorer to examine your wallet without actually having to run the BitCoin client.  This means you can keep wallet.dat on an encrypted partition via TrueCrypt or w/e and you can still monitor your account balance (although to send coins you will still need to start the BitCoin client for obvious reasons).  In 0.2 the Block Explorer method of viewing a wallet supersedes the old way of connecting to the BitCoin client since the latter requires that your private key be stored in memory all the time (which is a bad idea).

UPDATE: 0.2 is uploaded to the Chrome Web Store; I think it takes up to two hours to actually update in people's browsers however.
nhodges
Sr. Member
****
Offline Offline

Activity: 308


View Profile
July 07, 2011, 08:31:41 AM
 #16

Would this make my coins "hackable/stealable" by any 0 day chrome/firefox/browser exploits?

If the app is linked to your bitcoind, and an attacker has a way to execute arbitrary code within the browser controlling the app, then quite possibly yes.

Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
July 07, 2011, 09:56:30 AM
 #17

Would this make my coins "hackable/stealable" by any 0 day chrome/firefox/browser exploits?

If the app is linked to your bitcoind, and an attacker has a way to execute arbitrary code within the browser controlling the app, then quite possibly yes.

Not quite possibly yes, the answer is completely yes.  It's for this exact reason that I've deprecated the Local Server plugin in 0.2, or at least relegated it to a highly not recommended option when the Block Explorer is available (which conveniently enough only requires the public BitCoin address to show your balance, rather than having to set up RPC information).
wonderbread
Newbie
*
Offline Offline

Activity: 11


View Profile
July 07, 2011, 12:13:45 PM
 #18

Tradehill went down minuets after I started to screw around with a JS API wrapper for it... Typical...

I'm having a think about writing a tradehill plugin for it. The security implications are large so I'm going to have to have a think about a secure way of storing credentials and such.

Authorising transactions could be coupled with a simple captcha could it not?

Just thinking into the reply box here... I'll sleep on it.
Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
July 07, 2011, 01:26:55 PM
 #19

Thing is, if someone has broken the Chrome sandbox between applications, they could just steal the raw data they want and then send the request off..  CAPTCHA won't do anything.  But as I mentioned before, at that point, if they can break that security barrier, you have to question whether or not they can just take control of the whole system (I'm not sure how sandboxed processes are between each other in Chrome relative to each of them to the OS, but I would assume it would be similar).

So assuming that the Chrome sandbox holds up (which it should), the only thing you have to watch out for is rogue Collate plugins (as in account types); but that's why we screen any plugins that are submitted so it doesn't happen Wink

EDIT: Also think of it like this; if they can break the security barrier between website <-> chrome extension, then they'll be able to break the security barrier between website <-> website and steal any session data or login information that you're sending to normal sites.  So at that point, I don't think it's really much of a concern (i.e. they could just steal the session data to Tradehill anyway.. why go to all the trouble of getting the information out of the extension?)
Hach-Que
Newbie
*
Offline Offline

Activity: 19



View Profile WWW
July 27, 2011, 02:39:05 AM
 #20

So I've just released v0.3.10727, which adds some basic support for MtGox (basically read-only things like showing balance and open orders).

If someone is interested in writing a ticker viewer and trading operations into the plugin, get in contact with me via the forum's PM system or email.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!