piuk (OP)
|
|
February 12, 2014, 02:40:52 PM |
|
Apologies for the issues with the API. I'm expecting a resolution within the next 2 hours. Cloudflare has been enabled as a temporary measure to reduce load on the database while a crash on one of our database nodes is investigated. Typically this indicates that a startup just hired a new marketing person. Typically the first thing they do is to irritate everyone at the shop by coming up with a new logo as a means of demonstrating that they do things.
|
|
|
|
jayc89
|
|
February 12, 2014, 11:08:33 PM |
|
Hello, can you tell me if it is possible to identify the source address when receiving payments using the "Receive Payment API"?
When the callback page is called I can see the destination address and the newly created payment deposit address, but no source address from where the payment originated.
Thanks!
|
|
|
|
btcash
|
|
February 13, 2014, 03:29:32 PM |
|
Does Blockchain.info relay non-standard TXs? Just wondering how that 1 satoshi spam got relayed.
|
|
|
|
jratcliff63367
Member
Offline
Activity: 82
Merit: 10
|
|
February 14, 2014, 04:05:11 PM |
|
Sorry, I haven't read through the 151 pages of this thread to see if these suggestions have already been made, but I'll add it here.
Two features that would be nice to add to the wallet:
(1) Have a way to filter out dust/spam transactions when viewing your transaction history. (2) Have a way to view your 'spendable' balance. I have many watch only addresses in my wallet, but just a couple that the blockchain wallet has the private key for.
Thanks,
John
|
|
|
|
mwww
Newbie
Offline
Activity: 1
Merit: 0
|
|
February 14, 2014, 05:09:15 PM |
|
Today I held a presentation about Rublon (automatic two-factor authentication for web apps) at KBBS 2014 ( http://kbbs.uz.zgora.pl). One of your users asked us to get in touch with you because he would like to be able to protect his Blockchain.info account with Rublon. This is how it works: http://www.youtube.com/watch?v=JNorW7vvMR0In comparison to traditional two-factor solutions, Rublon does not require you to use your mobile phone. It's based on trusted devices. Once you add your laptop to your trusted devices, all you will have to do is just enter your password in order to log in.
|
|
|
|
cenicsoft
|
|
February 14, 2014, 05:50:45 PM |
|
Where does blockchain report the pool that solved the block? Are you talking about this: Note that it does not say " Solved by", it says " Relayed by". Blockchain.info is accurately reporting where they first heard about the block (which peer was first to relay the block to them). No, I'm not talking about the relayed by information, but the Coinbase signature. For example, look at https://blockchain.info/tx/336820af0a7b342883e7a60d96db82d5e1e329d5702c6316b0afad756347fb12 which you'll see this for the Coinbase: 03885c04094269744d696e746572062f503253482f2cfabe6d6dda14175dc3ce8af0faaa59c23d3 dc93a91ac6f1f32079db879f8c2560e4d6ea0010000000000000009757331602a00000010003a22 d2990200000000 (decoded) �\ BitMinter/P2SH/,�mm�]�Ί��Y�==�:��o2��y��VMn� us1`*:"ҙ Inside that, you have BitMinter. Most pools have an unique Coinbase signature, but blockchain.info doesn't seem to be parsing it correctly. Here's the Coinbase of another block that was attributed to BitMinter, but wasn't actually a BitMinter solved block - https://blockchain.info/tx/74f96248d0986d9ca4db75bec14e6bc44d3a9ed487063abf010048329099c64f which has a Coinbase of 03235c0403e23d02062f503253482f (decoded) #\�=/P2SH/
|
|
|
|
cenicsoft
|
|
February 14, 2014, 05:54:16 PM |
|
Are there any plans to improve the reporting on blocks solved by pools? It seems that there are a lot of blocks misallocated to the wrong pools.
For example, look at Block 284562 which is correctly reported as solved by BitMinter. The CoinBase has BitMinter in it.
Now, take a look at Blocks 284615 and 284640. Both of them have "P2SH" in the CoinBase, not BitMinter. It's reporting the wrong pool as being the pool that solved those blocks.
You're using the wrong tool for the job. If you want to get real time attribution (rather than the relayer), try http://blockorigin.pfoe.be/blocklist.phpI'm saying that "Relayed By" shouldn't be used. The CoinBase signature should be used instead. The only issue with http://blockorigin.pfoe.be/blocklist.php is that it uses each pool's own website which isn't a great external validation. Having a third party validate the information would be nice. Of course, unscrupulous pools could probably change their CoinBase randomly from time to time in order to hide the fact that they solved a block. Anyway, Blockchain's use of Relayer causes people to get upset when they report a block is solved by a pool when it isn't. If they used the CoinBase signature, then it wouldn't be as big of an issue.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3514
Merit: 4894
|
|
February 14, 2014, 05:56:03 PM |
|
Where does blockchain.info "attribute" that block to BitMinter?
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3514
Merit: 4894
|
|
February 14, 2014, 05:58:57 PM |
|
I'm saying that "Relayed By" shouldn't be used. The CoinBase signature should be used instead.
But how is that going to tell me who relayed the block to blockchain.info? Anyway, Blockchain's use of Relayer causes people to get upset when they report a block is solved by a pool when it isn't.
Only people who don't bother learning what the word "relayed" means. If they used the CoinBase signature, then it wouldn't be as big of an issue.
But that wouldn't tell us who "relayed" the block? Also, is the information in the coinbase a cryptographicly secure signature? Or is it just a tag placed there by the mining pool? If it's just a tag, then what keeps others from copying the tag to create a false attribution to the wrong pool?
|
|
|
|
|
cenicsoft
|
|
February 14, 2014, 08:42:49 PM |
|
I'm saying that "Relayed By" shouldn't be used. The CoinBase signature should be used instead.
But how is that going to tell me who relayed the block to blockchain.info? Anyway, Blockchain's use of Relayer causes people to get upset when they report a block is solved by a pool when it isn't.
Only people who don't bother learning what the word "relayed" means. If they used the CoinBase signature, then it wouldn't be as big of an issue.
But that wouldn't tell us who "relayed" the block? Also, is the information in the coinbase a cryptographicly secure signature? Or is it just a tag placed there by the mining pool? If it's just a tag, then what keeps others from copying the tag to create a false attribution to the wrong pool? I don't really care who relayed the block when it comes to determining who mined the block. They are two separate things. I was interested in which pool mined the block. Just because someone relay's the block, doesn't mean that they mined it, hence the current issue with the way BlockChain.info assigns which pool mines a block. Yes, someone could place a tag in their Coinbase signature when they mine a block and that could create false attribution. I just don't see the incentive to do so other than by a pool operator who's trying to hide the fact that they solved a block. With blocks being solved randomly, it would be pointless to consistency fake the data.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3514
Merit: 4894
|
|
February 14, 2014, 08:43:03 PM |
|
Ah, I see. You're right. That page is broken.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3514
Merit: 4894
|
|
February 14, 2014, 08:57:31 PM |
|
I don't really care who relayed the block when it comes to determining who mined the block. They are two separate things.
Agreed. And I don't really care who mined the block when it comes to determining who relayed the block. I was interested in which pool mined the block. Just because someone relay's the block, doesn't mean that they mined it
And I was interested in who relayed the block. I agree, mining doesn't mean relaying. hence the current issue with the way BlockChain.info assigns which pool mines a block.
Yes, I hadn't seen that particular page before. Now that you've provided the link, I can see that blockchain.info has an error in that particular page. Yes, someone could place a tag in their Coinbase signature when they mine a block and that could create false attribution. I just don't see the incentive to do so other than by a pool operator who's trying to hide the fact that they solved a block.
Perhaps a pool operator that doesn't want anyone to know that they are approaching 50% of the hash power? If there is an incentive to report the correct information, then there is almost certainly an incentive to report false information.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 14, 2014, 10:40:33 PM |
|
There are still blocks listed as "Relayed by Bitlc.net", which closed early last year. That "Relayed by" attribution itself is incorrect.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 14, 2014, 10:43:03 PM |
|
Yes, someone could place a tag in their Coinbase signature when they mine a block and that could create false attribution. I just don't see the incentive to do so other than by a pool operator who's trying to hide the fact that they solved a block.
Perhaps a pool operator that doesn't want anyone to know that they are approaching 50% of the hash power? If there is an incentive to report the correct information, then there is almost certainly an incentive to report false information. In which case a pool could swallow a bit of latency and make sure a block looks like it's been relayed from elsewhere.
|
|
|
|
dancupid
|
|
February 15, 2014, 04:43:56 AM |
|
I've been getting the following errors when I attempt to log in to my wallet: Unknown src attribute data (followed by a large block of text)then *** Serious Error - Javascript inconsistencies found. Maybe malicious - Do not Login! Please contact support@pi.uk.com
This email address looks dodgy to me. Anyone else getting this or is it just me?
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4788
Merit: 1283
|
|
February 15, 2014, 05:37:31 AM |
|
I've been getting the following errors when I attempt to log in to my wallet: Unknown src attribute data (followed by a large block of text)then *** Serious Error - Javascript inconsistencies found. Maybe malicious - Do not Login! Please contact support@pi.uk.com
This email address looks dodgy to me. Anyone else getting this or is it just me? Wow. Scary. From looking around, my best guess is that the e-mail addy is correct. If ~piuk coded in some sort of a checksum sanity check thing for the javascript, I could imagine that the e-mail addy might not have gotten updated even if support has migrated onward to some part of the increasingly large effort. I tried going to the web site in an incognito window and saw no warning signs. But I did not attempt to log in until I understand this issue better. I'm on a version of chromium built from source about a year ago. I would say that whatever you do, don't type in your password until we get some official feedback. And get a copy of the block of text (but don't publish it.) BTW, when exactly in the login process do you get the issue? Might be that it is a benign thing which could be cleared up by clearing your cache or cookies or something, but I wouldn't take any chances until there is more feedback from official sources. At least not if the account has any significant funds and/or your password is sensitive (e.g, you re-used it elsewhere which is not a great idea as I'm sure you know.) Please ping back and let us know what's up if you figure it out. Other interesting things to know would be browser, platform, country, ISP if you feel inclined to share the info.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
tvbcof
Legendary
Offline
Activity: 4788
Merit: 1283
|
|
February 15, 2014, 06:03:59 AM |
|
I've been getting the following errors when I attempt to log in to my wallet:
Unknown src attribute data (followed by a large block of text) ...
... Please ping back and let us know what's up if you figure it out. Other interesting things to know would be browser, platform, country, ISP if you feel inclined to share the info. Also note this if you've not found it already: https://bitcointalk.org/index.php?topic=152494.0
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
dancupid
|
|
February 15, 2014, 06:36:46 AM |
|
I've been getting the following errors when I attempt to log in to my wallet:
Unknown src attribute data (followed by a large block of text) ...
... Please ping back and let us know what's up if you figure it out. Other interesting things to know would be browser, platform, country, ISP if you feel inclined to share the info. Also note this if you've not found it already: https://bitcointalk.org/index.php?topic=152494.0Looks like the 'my wallet 1.9 firefox add on' has not been updated in a while and is now defunct - I can log on with the My Wallet in browser add-on (I have less than $20 worth of hot bitcoins in the wallet so didn't think I was risking much). I'll assume it's just a repeat of this cloudflare issue unless there is a further update.
|
|
|
|
Lohoris
|
|
February 15, 2014, 12:37:39 PM |
|
Both the site and the app consider my watch-only addresses as part of my "total" balance, and assumes the other wallets are (and stay being) mine. [...] I noticed that if I "archive" the paper wallets the balance will not take them into consideration (which is what i want), is that the correct way to deal with this? Any other way to mark a wallet as cold-storage? Do archived wallet addresses ever "go away" on their own? (like emails in a spam folder, that are automatically deleted after a few days)
As far as I know they are never purged, and it would be utterly foolish to do so, but I suggest to wait for an official answer anyway. In any case a good approach is to use two wallets: one "light" and another one "tight". The light one has less security measures and contains only small amounts of coins, to be used daily. The tight one keeps most of your balance, and should have all security you can get. The paper wallets could be linked to the tight one, and in this case it might make more sense not to archive them. (anyway even if those watch-only addresses would be deleted, they could be re-added from your paper wallet itself – they are there just for convenience)
|
|
|
|
|