Selling exchange source code

[hybrid2]

Hello all.

I have written a coin exchange which i want to offer to your attention. The source code is developed from scratch with custom build PHP MVC Framework. My code is clean and well arranged, also HTML5 valid, CSS valid, Javascript valid. You can add any pair of coins, all you need are wallets behind them. In database there are no daemon passwords stored or something which can be harmfull for the wallets. All withdrawals can be processed fully manually or partially automatic, but with specific maximum limit. My source have administration panel which usually must be hosted on separated machine from the web server. I have used paid template from old project, but i also offer full customization like charts, template integration and such kind of stuff.

Schema: https://i.imgur.com/BsHsq2c.jpg

Screenshots: http://imgur.com/heAdLti.jpg

Prices:

1. Only source code: 3 BTC
2. Source code with full installation 5 BTC
3. Source code with full installation + custom template + extras (charts and such kind of things) 7 BTC

PM me for more details, like fully functional DEMO

[baokychen]

Newbie: 1

You expect payment first or you give source first. How can I even give 3 BTC ( near $2000 ) to a Newbie: 1 first.

If you willing to lower your price & give source code first, maybe I am interested to buy the script.

[Initscri]

Hello all.

I have written a coin exchange which i want to offer to your attention. The source code is developed from scratch with custom build PHP MVC Framework. My code is clean and well arranged, also HTML5 valid, CSS valid, Javascript valid. You can add any pair of coins, all you need are wallets behind them. In database there are no daemon passwords stored or something which can be harmfull for the wallets. All withdrawals can be processed fully manually or partially automatic, but with specific maximum limit. My source have administration panel which usually must be hosted on separated machine from the web server. I have used paid template from old project, but i also offer full customization like charts, template integration and such kind of stuff.

Schema: https://i.imgur.com/BsHsq2c.jpg

Screenshots: http://imgur.com/heAdLti.jpg

Prices:

1. Only source code: 3 BTC
2. Source code with full installation 5 BTC
3. Source code with full installation + custom template + extras (charts and such kind of things) 7 BTC

PM me for more details, like fully functional DEMO

- What MVC Framework
- Is this source code sold only once, or are you licensing this?
- If you are licensing, are updates included?
- Provide a demo... maybe?

You might want to answer the above questions on some level.

Good luck with sales!

[Jacksquere]

I have this free version ,
:/

[Initscri]

I have this free version ,
:/

Please explain?

[Puppet]

So who is going to vet this code has no security holes (or backdoors) when you dont opensource it, and whoever is buying most likely doesnt have the skills?

[Gordon Bleu]

This smells like coinex.pw

Rumors going around that coinex.pw lost all Coins.

[Initscri]

So who is going to vet this code has no security holes (or backdoors) when you dont opensource it, and whoever is buying most likely doesnt have the skills?

Nobody...

Not to mention he knows in the inns and outs; in all honesty anyone on this forum selling a script could easily throw backend loopholes and errors only they would know, and half the people would not be able to tell. No one audits on this forum.

Most likely anyone with half-decent programming skills could make this script within a week or so max... I know I could. Not bragging, I'm simply stating anyone could make this script in a month with horrible yet available skills within programming, release it, it has bugs/security issues and no one would know until it's too late.

[medUSA]

If the code works, OP should start an exchange right away.
There is more profit from an exchange than selling code for 3 btc.

[hybrid2]

1. To baokychen: First i will presen you my source over skype or some messanger, i will show you the source and if you are interested then we will think how the payment and installs will occur.
2. To Initscri: The MVC which i use is my own at 100%. I dont plan to license it. I have a DEMO - pm me.
3. Jacksquere: ... i dont know why you are loosing time to post replies ... but anyway i am interested to see my dbi class liar
4. Puppet: As it open source you can always read it ... the idea is not to drain your exchange - my idea is to sell my source I will be more than glad if you can find any whole or backdoor inside
5. Initscri: Yes it true, but i am also a miner and i know how one exchanged can be drained My version is written on high level security.
6. medUSA: I dont have the time and nerves to start and exchange ... and first of all i dont want

This version is 100% original source code maked from scratch. Please if you dont have what to do, dont flood with nonsenses.
This source code must be installed on SELinux with Stunnels to have a security at maximum level and must be configured properly.
The main logic is that exchange cannot be drained because its using only 4 daemon methods to work properly and sendfrom, sendtoaddress are non existing methods in my source

And please do not confuse my wonderful code you already known pmtocoins, coinex and suchlike shits - i am not an Indian who use global variables on even dont know what is mysql_real_escape_string()

Feel free to contact me

[loljosh]

1. To baokychen: First i will presen you my source over skype or some messanger, i will show you the source and if you are interested then we will think how the payment and installs will occur.
2. To Initscri: The MVC which i use is my own at 100%. I dont plan to license it. I have a DEMO - pm me.
3. Jacksquere: ... i dont know why you are loosing time to post replies ... but anyway i am interested to see my dbi class liar
4. Puppet: As it open source you can always read it ... the idea is not to drain your exchange - my idea is to sell my source I will be more than glad if you can find any whole or backdoor inside
5. Initscri: Yes it true, but i am also a miner and i know how one exchanged can be drainde My version is written on high level security.
6. medUSA: I dont have the time and nerves to start and exchange ... and first of all i dont want

This version is 100% original source code maked from scratch. Please if you dont have what to do, dont flood with nonsenses.
This source code must be installed on SELinux with Stunnels to have a security at maximum level and must be configured properly.
The main logic is that exchange cannot be drained because its using only 4 daemon methods to work properly and sendfrom, sendtoaddress are non existing methods in my source

And please do not confuse my wonderful code you already known pmtocoins, coinex and suchlike shits - i am not an Indian who use global variables on even dont know what is mysql_real_escape_string()

Feel free to contact me

presen
drainde
maked from scratch



I think you are the one who developed president coin.

[hybrid2]

1. To baokychen: First i will presen you my source over skype or some messanger, i will show you the source and if you are interested then we will think how the payment and installs will occur.
2. To Initscri: The MVC which i use is my own at 100%. I dont plan to license it. I have a DEMO - pm me.
3. Jacksquere: ... i dont know why you are loosing time to post replies ... but anyway i am interested to see my dbi class liar
4. Puppet: As it open source you can always read it ... the idea is not to drain your exchange - my idea is to sell my source I will be more than glad if you can find any whole or backdoor inside
5. Initscri: Yes it true, but i am also a miner and i know how one exchanged can be drainde My version is written on high level security.
6. medUSA: I dont have the time and nerves to start and exchange ... and first of all i dont want

This version is 100% original source code maked from scratch. Please if you dont have what to do, dont flood with nonsenses.
This source code must be installed on SELinux with Stunnels to have a security at maximum level and must be configured properly.
The main logic is that exchange cannot be drained because its using only 4 daemon methods to work properly and sendfrom, sendtoaddress are non existing methods in my source

And please do not confuse my wonderful code you already known pmtocoins, coinex and suchlike shits - i am not an Indian who use global variables on even dont know what is mysql_real_escape_string()

Feel free to contact me

presen
drainde
maked from scratch



I think you are the one who developed president coin.

I still cannot develop coins - sorry

[Puppet]

4. Puppet: As it open source you can always read it ... the idea is not to drain your exchange - my idea is to sell my source I will be more than glad if you can find any whole or backdoor inside

And how am I going to find it if you dont opensource it? Seriously, this is a disaster waiting to happen, and assuming you are legit, you do not want to have sold unvetted software to an exchange. What makes you think you will not be held liable if (or rather when) it gets hacked?

The only way I *might* see this work is if you opensource it with a commercial licence.  Let anyone check your code, but dont allow its usage for for profit enterprises without paid license.  Not that that will guarantee a lot, it would take at the very least a significant bug finding bounty that has run for quite some time before Id even consider using an exchange running your code,.

For the record, there are plenty of similar opensource projects:
https://bitcointalk.org/index.php?topic=87836.0

[hybrid2]

4. Puppet: As it open source you can always read it ... the idea is not to drain your exchange - my idea is to sell my source I will be more than glad if you can find any whole or backdoor inside

And how am I going to find it if you dont opensource it? Seriously, this is a disaster waiting to happen, and assuming you are legit, you do not want to have sold unvetted software to an exchange. What makes you think you will not be held liable if (or rather when) it gets hacked?

The only way I *might* see this work is if you opensource it with a commercial licence.  Let anyone check your code, but dont allow its usage for for profit enterprises without paid license.  Not that that will guarantee a lot, it would take at the very least a significant bug finding bounty that has run for quite some time before Id even consider using an exchange running your code,.

For the record, there are plenty of similar opensource projects:
https://bitcointalk.org/index.php?topic=87836.0

Yeah you can always use them After that you will be in "list of hacked" exchanges like mtgox and the other ones I can guarantee that this source is very high secured. If you have interest please contact me and i will send you a DEMO site to try your hacking skills

[Puppet]

Yeah you can always use them After that you will be in "list of hacked" exchanges like mtgox and the other ones I can guarantee that this source is very high secured.

How much do you want to risk on that guarantee? Words are cheap. Make public your demo site, put up a 100BTC bounty for anyone hacking it, and then your words carry weight. Until then, its just that, words.

If you have interest please contact me and i will send you a DEMO site to try your hacking skills

Im no hacker, but lets assume that I am. Why would I spend time finding flaws in a demo site? Why would I just not wait until someone actually uses your code so I have a hotwallet to empty?

[hybrid2]

There is a online demo with my source at http://exarena.net

Feel free to contact me for any bugs found or suggestions

[ihaveaducky]

Alright, just sayin'. I spent like 3 minutes on the site, less than 10 requests and i found security bugs. Nothing that would immediately allow you to steal stuff, but none the less.

Also, is using a random variable name meant to enhance security somehow or just piss people off?
zqfu1Q906oTCsYjmz3RoDWVWZNsGFPafgqcfYOmOaEo=yfxH6RPot9jTMi4hUx1y_r-xFZh9slMHjLmg&NUbOATQEKITiH-nrlgEThLMEDQQIySzPx7nD3gGuLB0=&SqOQB5zF_X2yDKO7owE329X0L3TgyE2zgLjOcE_TTIs=blah&7Iiu7XXy-G3ZIrOFZv2dU46N3pIwuWnyDt1q8zlIpaM=blah&O4OyL8IRzomeQ5_Tk2dO39rCctKkC7Zm5gM19JUxzQg=

For what its worth, i work as a penetration tester

EDIT: Happy to pentest for bitcoins, fyi.

[gweedo]

Yeah those random variables don't work really... I can tell what most of your variables are for.

I think I found the same security bug as the guy above me and another minor one, but these could lead to a hot wallet attacks with a couple of the right chained attacks.

I will not disclose it since people shouldn't be using drop in exchange software

[ihaveaducky]

For those interested, there are open source exchanges you can look into, not sure how updated they are but surely there will be something open source that is maintained available soon.

e.g.
https://github.com/dooglus/intersango

[Keeminakar]

5 BTC for source code with full installation is too much!