MtGox Trader Desktop Application

[deebug]

Hi, I'm still bright and shiny new here, but in the meantime I have made this program.

Before you read on, let me tell you that this is work in progress, and no it's not available yet, but I want to see if there's enough demand for such an application.
If there is enough demand I will put the source code (no binaries or dll's) on github so it can be peer reviewed. Which is a must for any bitcoin related application, since any of them can be a wallet stealer or any other kind of malware.

Features:
- instant wallet and ticker view
- sell and buy (and cancel) orders with one simple click (using buy/sell and high & low values as predefined prices and a predefined amount)
- simple stock chart.
- event log

Features it lacks:
Hmm where to start...
- buy at a custom price and amount
- store the past ticker values and/or get them from the API (in progress)
- higher usability
- insert yours

Some screenshots!

Splash screen :
http://farm7.static.flickr.com/6008/5929567863_721f772f75.jpg
Overview tab:
http://farm7.static.flickr.com/6136/5929567939_dd0391656a.jpg
Chart tab:
http://farm7.static.flickr.com/6017/5930124730_f7f5a675d0.jpg
Log tab:
http://farm7.static.flickr.com/6021/5930124854_69a7c79046.jpg
Maximized example of chart tab:
http://farm7.static.flickr.com/6005/5930125002_329d228d73.jpg

Here is the code (with exception of the form code)  I created as proof that it's not just a photoshop or a fancy winforms drawing: http://pastebin.com/u/deebug

If you feel I'm on the right track and you wish to encourage development, you are welcome to donate at 19W2XQWkDME6YVkovnAeuxEz3ozFBnfift
(Since it's keeping me away from my "real" work, it would be a good motivator to continue)


Some more thoughts about this application:

*** Security
Since we are talking about a financial program, the security should be a number one priority within the program.
That worries me the most. I already did an attempt to increase security, here are some thoughts:

# password storage
As for now the application stores the password using a salt string that uses
- A key that is stored in code (which changes at every build, which can be found quite easily, unfortunately)
- Windows Login credential UID (which can be found if your account is compromised)
- CPU ID (which can be identical or easy to figure out)
- Mainboard ID (in some cases is empty and/or easy to figure out)

In all, the safest way of storing a password is not storing it at all.

# password control
The password input field is a custom control that obfuscates the keypress event immediately, it does this by:
- sending a fake character to the password control (you have visual feedback, but no real value behind the control, so no point trying to use a password control revealer)
- Every char is added to a SecureString and when you press "Save" it is instantly written as a decrypted string into the user application settings (using the salt value described above).
- After the char is added we destroy the all the used variables and force a garbage collection.

#sending out API requests
The password needs to be converted to an "unsecure" string value for a very short time to add it to the POST data.
After the request is made the password is destroyed by cleaning up the used variables and forcing a garbage collection.
All requests are send over HTTPS (SSL) but I still need some more info about how to check the validity of the SSL certificate!

*** Random notes

#VB.NET
Oh yes, it's written in VB.NET using Microsoft .NET 4.0 which means a lot of overhead, no or very difficult porting to mac and *nix and a potential for bad code. But this is the language I know the best so I'll stick to this.
In the process of choosing a cross platform IDE.

#maturity
It's far from ready mind you, it's at most a working concept.

#Stock chart
The stock chart is kind of unconventional, in stead of a constant time-line, the stock values are only updated when there is a change in stock value.
It changes whenever ticker values change, but displayed on a proportional autoscaling timeline.

#log
The log is mainly used to keep track of events (up/down of certain values) that might be tight to automatic actions in the future (auto trading perhaps?)

#the (slow) MtGox API
All timer events and requests to the (sometimes very slow) Mt Gox API are done in a background worker so the UI is very responsive.

#hello world
This is the first time I (try to) contribute so be gentle...

[EskimoBob]

I really like the idea but looks like M$ Windows only app. 

[deebug]

I really like the idea but looks like M$ Windows only app. 

Yeah, I realize that, but that's the stuff I know, I'm sorry.

If I had more time I would have figured it out as a Java app and if I had even more time I would have made it into an iPad app.

Imagine this on an iPad or any tablet device. "Mt. Gox Trader Tablet Edition - Trade any time, any place"... If only I had the time...

[ellipsis]

I really like the idea but looks like M$ Windows only app. 

Yeah, I realize that, but that's the stuff I know, I'm sorry.

If I had more time I would have figured it out as a Java app and if I had even more time I would have made it into an iPad app.

Imagine this on an iPad or any tablet device. "Mt. Gox Trader Tablet Edition - Trade any time, any place"... If only I had the time...

Switching to Qt or something else multiplatform may be easier than switching languages. iPad is a whole different world.

[Oldminer]

A single app would be great

[Zonyc]

Wow the UI looks very nice!  Nicely done.  I would imagine that the demand for an app like this exists.

[deebug]

A single app would be great

I'll look into it how to make it multiplatform.

@ellipsis

Could you explain a bit more in detail? I would really like to port it with the least effort.

I also did some cocoa programming recently for iPhone and iPad so it could work, given that I have enough time
Also there are multiplatform frameworks available that target android and iOS. But i'll stick to the desktop version for now and make it platform independent... Challenging, but fun

Meanwhile, the app has a better scaling and overview of the orders on the left and the buy/sell buttons on the right.

[ellipsis]

Could you explain a bit more in detail? I would really like to port it with the least effort.

Oh, there are so many. Basically, you switch your widget toolkit to something multiplatform and rely on those bindings instead of Microsoft APIs, ..., and then you're done. Here's a list of the most common ones to get you started on your research, since I don't know what your app currently looks like (source level):

wxWidgets/WX.Net
GTK+/GTK#
Qt
FLTK

Also there are multiplatform frameworks available that target android and iOS. But i'll stick to the desktop version for now and make it platform independent... Challenging, but fun

As for Android/Apple... if there are any decent ones, I wouldn't rely on any of them at this point. For the most part, the answer is, "No." You have things like Appcelerator's Titanium to help get you up and running, but I would probably individually implement these as clients to web services and just keep them as light as possible. Mobile devices implicitly rely on connectivity, so I don't consider that a downside as many do.

[deebug]

I did a quick lookup, not enough to be sure, but... Appcelerator Titanium desktop looks very promising to me. I'm mostly a web developper so that environment fits me well. Qt however looks more robust, but I think I could get the job done quite fast in Titanium Desktop. As for now I'll leave the mobile platforms alone.

Unless there's a good reason not to try TD I'll look into that tomorrow, hardly can't wait!

Thanks for your advice ellipsis!

[BitcoinPorn]

deebug, I shared this link on reddit  http://www.reddit.com/r/Bitcoin/comments/inpf8/wip_mtgox_trader_desktop_application_screens_and/ and noticed this message:

---

Maybe we can collaborate?
I am also writing a desktop trading application (using .NET). Mine also supports multiple markets as plugins. I am also implementing a WebAPI and automation so you can also deploy on a server and access from a browser.
Is your code on GitHub? Mine is on GitHub, but it is a private repository.

---

Just passing this along.

[deebug]

Thanks BitcoinPorn! I have contacted him. Let's see how we can get along.
Meanwhile I'm taking my first steps in a crossplatform version of this application... Fingers crossed

[vforvendetta]

Looks interesting - I'm guessing this will be a closed source release though?

[deebug]

Looks interesting - I'm guessing this will be a closed source release though?

As stated in my first post it will be open source (github) so anyone can review the code and contribute, but also to ensure the code is clean of any mallware.
We're talking about a financial program, so security is key, and you would want to trust the program that handles financial transactions on your Mt. Gox account!

tl;dr
Open source all the way!

[jrb596]

like the idea

[AnRkey]

Looks interesting - I'm guessing this will be a closed source release though?

As stated in my first post it will be open source (github) so anyone can review the code and contribute, but also to ensure the code is clean of any mallware.
We're talking about a financial program, so security is key, and you would want to trust the program that handles financial transactions on your Mt. Gox account!

tl;dr
Open source all the way!

Hi Deebug,

It sounds like you have the right idea so far. Keep updating this thread, I'm quite keen on getting my hands on those bins to give it a try. Are there any instructions on how to compile yet it?

R

[tuckerlee]

I'd like to try this out whenever you release it! Looks awesome

[CrownCloud]

Looks awesome ! Release it !!!

[Scared]

Nice Job!

[tom10122]

Wouldn't mind seeing a gui for btc-e or glbse ...hint hint

[late443]

This looks interesting. I like your idea and do believe this program would be a great addition to the bitcoin forum. The UI looks promising.