Feature suggestion - Blockchain Wallet API List Addresses should include an optional field $confirmations
It does take the server significantly more effort to filter by confirmations but I'll look into adding this.
(Yet Another) Feature Suggestion — would it possible for blockchain.info to include an option in account settings, that when enabled, the user would be asked for 2FA (email, sms, gauth, yubikey, etc.) also upon trying to withdraw BTC (with the ability to set up a daily transaction threshold (in BTC of fiat), above which the user would be asked for 2FA)?
This isn't possible without multisig private keys. Adding restrictions to the user interface would prevent basic attacks, but sophisticated malware could just extract the private key directly out of the browser memory and import it into another bitcoin client.
We've made the decision that we don't want to hold any unencrypted private keys server side which means multisig is especially complicated. The keys not only have to be kept isolated from us but also from each of the user's devices as well. Having said that it would certainly possible to implement with a smartphone app. But for the moment I would prefer to prioritise Hardware wallet support over multisig.
Can blockchain.info somehow integrate with the Trezor? Have the trezor and web browser interact with it so the private keys aren't even on the computer?
I hope we will be able to add support for trezor soon after its release.
This will change everything!
If I had a satoshi for everytime I heard a bitcoiner say "This will change everything" I'd be richer than Satoshi himself
Is there any way to pull full raw transaction or block data in hex? I'm trying to use http://blockchain.info/rawtx/
$tx_index but the scriptsig and scriptpubkey are missing. Being able to pull the information is the same format as sendrawtransaction would be very useful.
This isn't possible at the moment. But you can use /q/outscript to fetch the output scripts e.g.https://blockchain.info/q/outscript?tx_index=94640319&tx_output_n=0https://blockchain.info/q/outscript?tx_index=94640319&tx_output_n=1
Cool. Thanks for going forward on this.
Do I understand correctly that the pool server still knows which inputs and outputs were provided by who? So you still trust the server regarding privacy, just not coins, right?
Correct the server has the ability to log the inputs and outputs and de-anonymize you, so it is not trust-less in that regard. There are a number of potential solutions to this some mentioned in the original coinjoin thread. My preferred solution would be to give clients the ability to trade inputs and outputs before submitting them to the server, then proxy back to the client they traded with when asked to sign the inputs.
One issue with the current version is that the blockchain.info wallet app only uses uncompressed keys, especially for sharedcoin change addresses, while internally the pool uses compressed keys.
Good catch, both the client and server will now randomly alternate between compressed and uncompressed keys.
In the following sharedcoin transaction 10 BTC was sent to 19BgLUEFhKAxbcELVMafbvZb4RCzGAkraa:https://blockchain.info/tx/4602e0c7a0ecb9def7d2f88540a326a4a4bf424622edb2d629c303dc2cb676bb
I'm offering a bounty of 4 BTC to anyone who can successfully predict the senders inputs. The transaction was made using multiple sharedcoin repetitions.