ewibit
Legendary
Offline
Activity: 2955
Merit: 1050
|
|
February 24, 2017, 06:38:27 PM |
|
I'm thinking about it......but i'm not sure there's a solution......if you have auto.backup probably best solution is to reload.
AND.....in CAT 4.8 there will be the restore WITHOUT any prompt message/confirmation message : 1 Click -> RESTORE ALL
ahh... wonderful
|
|
|
|
ewibit
Legendary
Offline
Activity: 2955
Merit: 1050
|
|
February 24, 2017, 08:36:57 PM |
|
I'm thinking about it......but i'm not sure there's a solution......if you have auto.backup probably best solution is to reload.
AND.....in CAT 4.8 ....
I do nothing now; - I will wait for 4.8
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 24, 2017, 08:37:49 PM |
|
Tomorrow BETA will be ready. I need to add 3 things, but it's not about system test, if you want to try the beta pm me
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 24, 2017, 11:01:20 PM |
|
Considering recent price rise i will give a 15% Discount during all the Weekend!!
|
|
|
|
Elmit
|
|
February 25, 2017, 01:22:25 AM |
|
NEVER CHANGE YOUR API KEY Or you won't be able to use CAT. I know there's a problem on poloniex. Hope they'll be able to solve. Your API Key should not have the withdraw option activated, so no risk for you.
Maybe, I am wrong, but it has a trading ability. Somebody could trade on my expenses to his crap coin! I think we should find another mechanism that allows us to change the keys by our own. E.g., to have an account with you, and get there a key, which only fits to exchanges we paid for. Make a CAT key pair for each user. In each version you just give in the keys and allowed exchanges for that key. Then we can use our own keys as we need to.
|
|
|
|
Yefet
|
|
February 25, 2017, 10:34:03 AM |
|
NEVER CHANGE YOUR API KEY Or you won't be able to use CAT. I know there's a problem on poloniex. Hope they'll be able to solve. Your API Key should not have the withdraw option activated, so no risk for you.
Hi, Sampey After the recent #Cloudbleed discovery users of most cryptoexchanges are strongly advised to change their passwords, 2FA and APIs But after that we won't be able to use C.A.T.! So what would you propose to solve this problem?
|
|
|
|
mObLOBScHAr
|
|
February 25, 2017, 12:10:00 PM |
|
I don't think this incident did any harm to exchange-api users. As far as I understand, the problem was mainly that some leaked data got cached on some search engines like google and was therefor longer available and publicly readable. But as an user of exchange api's this would not affect us, because api calls are surely not indexed by spiders. I this incident is more of a problem for "normal sites". But I could be wrong here. Some other things to put into perspective: - Only sites which used cloudflare are possibly affected. ( Here a list of possibly affected sites). In our CAT perspective: Possibly affected: btc-e.com, poloniex.com, kraken.com. All other trading sites, f.e. bitstamp.net, bittrex, bitfinex are surely not affected. - The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests). Meaning: If you didn't use CAT on this timespan on the mentioned exchanges there was most surely no leak of your data. As you can also see, only 0.00003% of requests were affected by this leak. It is highly inlikely that someone of here was even inside those requests. And even if they were, those requests must have been captured or cached to become a serious problem. The probability for that is even smaller. - If you have withdrawal disabled on your api key, any possible leak could not directly steal any funds from you. The only thing an attacker could do is buy/sell coins on your behalf, but they would still remains on your account. It is not even sure, that anyone was/is trying to make profit of this leak. I would really doubt that anyone would just messing around with some unknown trading portfolio if he can't use the fund for himself afterwards. So, as far as I can see, only 3 sites from here are affected and it's highly unlikely to be even a real problem. I don't think its necessary to change the keys. If your paranoid you can change btc-e, polo and kraken if you used them in the mentioned timespan. Just my two cents.
|
|
|
|
mObLOBScHAr
|
|
February 25, 2017, 12:17:45 PM |
|
Maybe, I am wrong, but it has a trading ability. Somebody could trade on my expenses to his crap coin!
See my post above, it's highly unlikely that something like this may happen. And even if, those traded coins would still stay on your account. an attacker could not transfer them anywhere. I think we should find another mechanism that allows us to change the keys by our own. E.g., to have an account with you, and get there a key, which only fits to exchanges we paid for.
Make a CAT key pair for each user. In each version you just give in the keys and allowed exchanges for that key. Then we can use our own keys as we need to.
please not. as far as I understand you, that would require communication with a third party server to maintain your keys. This is far more of a security concern than this whole cloudbleed thing now! Sampey, Please don't.
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 25, 2017, 01:53:43 PM |
|
Sampey, Please don't.
Of course i don't. CAT architecture is perfect in term of user security. I wrote few Rules in Term Of Services, and i apply that rules as a "non-human" algorithm. All CAT users that decide to replace API got the same treatment. This is what i call "intellectual honesty" : clear rule, same rule for anyone, no discrimination. My rules are simple : - When i made a mistake/when i create a problem -> I pay/I Fix/I Check - When other services/system create problems -> I Don't pay for them. Current problem it's very unlikely to affect your API Key, but if you want to change anyway your api we could discuss a lower price. That's because i understand that a real problem occurs, but you must understand i must not fully pay for it. Thanks
|
|
|
|
Yefet
|
|
February 25, 2017, 02:32:08 PM |
|
I don't think this incident did any harm to exchange-api users. As far as I understand, the problem was mainly that some leaked data got cached on some search engines like google and was therefor longer available and publicly readable. But as an user of exchange api's this would not affect us, because api calls are surely not indexed by spiders. I this incident is more of a problem for "normal sites". But I could be wrong here. Some other things to put into perspective: - Only sites which used cloudflare are possibly affected. ( Here a list of possibly affected sites). In our CAT perspective: Possibly affected: btc-e.com, poloniex.com, kraken.com. All other trading sites, f.e. bitstamp.net, bittrex, bitfinex are surely not affected. - The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests). Meaning: If you didn't use CAT on this timespan on the mentioned exchanges there was most surely no leak of your data. As you can also see, only 0.00003% of requests were affected by this leak. It is highly inlikely that someone of here was even inside those requests. And even if they were, those requests must have been captured or cached to become a serious problem. The probability for that is even smaller. - If you have withdrawal disabled on your api key, any possible leak could not directly steal any funds from you. The only thing an attacker could do is buy/sell coins on your behalf, but they would still remains on your account. It is not even sure, that anyone was/is trying to make profit of this leak. I would really doubt that anyone would just messing around with some unknown trading portfolio if he can't use the fund for himself afterwards. So, as far as I can see, only 3 sites from here are affected and it's highly unlikely to be even a real problem. I don't think its necessary to change the keys. If your paranoid you can change btc-e, polo and kraken if you used them in the mentioned timespan. Just my two cents. I use this site to check the affected - http://www.doesitusecloudflare.com/and it says that Bittrex, Yobit, C-CEX, Bter, HitBTC, CEX.IO are all use ClouFlare! I do not remember if I used CAT on that timespan, but surely I logged in to some of those exchanges, and if someone would know the pass and 2FA he could get the APIs as well, and even allow the withdrawal. So it will be better if Sampey allow to change the APIs for the affected exchanges.
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 25, 2017, 06:53:00 PM |
|
Hi C.A.T. users
This is the Definitive 4.8 CHANGELOG
4.8 - Various Improvements in Thread Concurrency/Memory Optimization - If 'Unhandled Exceptions' are written into CAT_Log_<TIMESTAMP>.txt (in CATSYSTEM Folder) a message will advice you during CAT Exit Routine. - Greate Improvements in Http Layer (improve synchronization routines with parallel calls) - Start Lookup Is More Verbose (You will have a summary about situation) - Main Window is no more full screen by default, but is 1500px X 900px. Window still remain resizable. - Internal Frames Are Removed : For Any Exchange you're logged in a TAB Will be added to a Max-Sized TabbedPanel (With DragNDrop Functions) - Backgrond CAT Image will be displayed only when you're not logged on any exchange. - Remove Active EXchange Tab From JFrame Toolbar - Market Errors are now also printed on Market General Log inside a Text Frame Around the message. - A multi-editor has been added to the "Order & Trades" Panel : - This editor Replace the Right Click Function - Editor appear/disappear when needed - Now You can open multiple Elements (by double click) at the same time - An Element in Edit Status will be suspended from the Current Running Algorithm until edit is finish - This new Architecture will be easier to maintain/improve - The "Super Thread" that search for "Frozen Ping-Pong Algorithm" to force restart, is now able to manage Lookup over 15 minutes - Template Parameters has ben added to the GENERATOR & PARAMETERS Panel - Now You can Save Your Current Algo Parameters As a Template to reload anytime you need - I'll be able to add new kind of templates in the future - You can delete templates - Templates are Stored as XML Files into new CATSystem/Exchange/AlgoPresets Folder - Added an Info to PONG Table in Order & Trades Panel : % Spread Ref/Current that is the % Spread between the current pong price and reference price - Added A Checkbox into RESTORE ORDERS PANEL (From XML) : Restore/Restart All Without Prompt Any Message. Checking this option before press the Restore Orders button won't ask you for any confirmation : all orders will be restored and parameters started. - 2 Options are added to exchange options : Delete MArket Logs older than x Days and Delete Exchange Logs Older Than x Day During startup C.A.T. will prompt a message about files to delete and you'll need to confirm delete from disk operation. Deleted file path will be printed in CAT General Console - Added Limit Option : "When Limit Is Applied Adequate Price To Limit". With this option limit won't stop order creation/recreation but will set price = limit
In the next hours CAT 4.8 Beta Will be READY. PM ME to get your COPY
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 25, 2017, 11:47:01 PM |
|
C.A.T. 4.8 BETA is ready. You Can PM ME to get your Copy
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 26, 2017, 02:52:16 PM |
|
First CAT users are running 4.8 Version Hope you like changes. In the next days i will release official version, but don't miss the opportunity to start now with 4.8. PM ME
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 27, 2017, 10:01:15 AM |
|
today i will try to release 4.8 official
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 27, 2017, 10:48:51 AM |
|
Added this chapter to the Tips & Tricks : - What i need to run C.A.T. and How can i run it?First of all C.A.T. need java 8 official ( http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html) for your operative system (Linux/Windows/Mac) and nothing more. C.A.T. doesn't need installation : Once you have installed Java, you can simply double click che CAT.JAR File. If JAR extension is already used by another program (for example Winrar) you can simply Right Click JAVA.JAR -> Open with Java. C.A.T. is fully portable : you can copy your full CAT Folder and move to USB/Another PC without problems. These are che combination you can perform using C.A.T. - Run 1 CAT Instance on 1 PC and Log on X Exchanges -> For every exchange a dedicated panel will be shown. - Run X CAT instance on 1 PC and log on Y Exchanges -> For every CAT instance you will have a dedicated FRAME, for every exchange logged for any instance you will have a dedicated panel (for example you can run 2 CAT instance and log on 3 exchange for instance 1 and 1 exchange for instance 2) - Same combination as before but using different PC : You can run CAT on your Mac and another on your Windows PC. Try to avoid : - Run more than 1 CAT instance from the same folder : CAT 1 and CAT 2 will works on the same files. Only few of them could have a collision, but General Console LOG and CAT_LOG (the one create in CATSystemFolder) are 2 files where collision could happens. Solution is simple : if you want to run X CAT Instance, then create X CAT Main folders. - Run 2 CAT Instance and log on the same Exchange. This could cause bad behaviours (2 examples) - if you launch a "DELETE ALL ORDERS" from CAT 1 then CAT 2 could have big problems. - the NONCE (a progressive number always increased) API parameters could have collision : CAT 1 and CAT 2 could calculate same Nonce -> Exchange will refuse one of the 2 calls.
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 27, 2017, 12:57:14 PM |
|
Start sending 4.8 Version. I will finish later
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 27, 2017, 08:28:29 PM |
|
C.A.T. 4.8 is officially out! All copies are sent. For any problem, pm me
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 27, 2017, 10:49:48 PM |
|
Hi, it seems there's a DELAY in YOBIT myBalance APi REsponse.
As i can see from the response, after creating an order 2 weird things happens in MyBalance API 1 - Balance available is still the same, the new order qty hasn't been subtracted. 2 - The attribute "open_orders" (that is not used By CAT) is equal to 0 instead of 1.
I suggest to wait before continue trades or CAT won't be able to understand that your Balance is not correct. this could not cause you big problems, but you can get error like "No Balance Available". If problem persist i will try to contact yobit dev
|
|
|
|
khalid55
Jr. Member
Offline
Activity: 70
Merit: 3
|
|
February 28, 2017, 08:49:13 PM |
|
Ok guys, found the problem :
This problem could occurs only if your Nonce is "broken" Nonce is a progressive number that exchange wants inside any Private Api call. Nonce used by CAT is always higher than previous nonce (because is your local time stamp expressed as milliseconds). Poloniex API have (sometimes) problem about this Nonce : you get an error message like "You send me X i was waiting for Y"
In this case, CAT Parse Y, then start use Y as nonce, and increasing Y Value instead of local time as milliseconds.
Something changes yesterday on Poloniex API system : Errors are returned in the Http Error Stream and not in the Http Output Stream. This is why CAT is not able to read the message and continue works.
This is a bad behaviour from Poloniex Exchange : you must not change your API Version system after put in production environment. I Mean, if API System V1 works in a way, if you change something you must create a V2 API System. This is what happens if someone interface following a set of rules and you change that set of rules.
Solution : Give me no more than 48 hours and i will release 4.7 Version. This is the best i can do
Is there a free copy
|
|
|
|
Sampey (OP)
Legendary
Offline
Activity: 2632
Merit: 1040
|
|
February 28, 2017, 08:57:01 PM |
|
No Free copy, only full lifetime licenses.
|
|
|
|
|