Bitcoin Forum
November 19, 2024, 04:39:10 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Announcing BlockCypher's Transaction API: create&manage bitcoin transactions  (Read 1895 times)
CatheryneN (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
April 28, 2014, 07:10:08 PM
 #1

BlockCypher is a platform-as-a-service for crypto coins. It's exposed through simple web APIs and callbacks for developers to build Bitcoin apps. We rebuilt the Bitcoin platform from the ground-up and optimized it for high availability. Our up time is 99.99%. 

We just released our Transaction API. A transaction can be created in 3 steps:

1. With only an input address, output address, and the value transferred, we build the full unsigned transaction and the data to sign it.
2. You sign the transaction data (we do not store any private keys) and send us the signature.
3. We complete the transaction, broadcast it over the peer-to-peer network, and send it back to you.

For documentation on this and all our APIs, see http://dev.blockcypher.com/.
RussianRaibow
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I AM A SCAMMER


View Profile WWW
October 31, 2015, 06:20:01 PM
 #2

We just released our Transaction API. A transaction can be created in 3 steps:

1. With only an input address, output address, and the value transferred, we build the full unsigned transaction and the data to sign it.
2. You sign the transaction data (we do not store any private keys) and send us the signature.
3. We complete the transaction, broadcast it over the peer-to-peer network, and send it back to you.

So, sharing the hot wallet private key with blockcypher is a must to use blockcypher api to create, sign and send a Tx?

I AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMER
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
October 31, 2015, 06:21:49 PM
 #3

We just released our Transaction API. A transaction can be created in 3 steps:

1. With only an input address, output address, and the value transferred, we build the full unsigned transaction and the data to sign it.
2. You sign the transaction data (we do not store any private keys) and send us the signature.
3. We complete the transaction, broadcast it over the peer-to-peer network, and send it back to you.

So, sharing the hot wallet private key with blockcypher is a must to use blockcypher api to create, sign and send a Tx?

Did you miss point number 2?

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
RussianRaibow
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I AM A SCAMMER


View Profile WWW
October 31, 2015, 06:25:45 PM
 #4

We just released our Transaction API. A transaction can be created in 3 steps:

1. With only an input address, output address, and the value transferred, we build the full unsigned transaction and the data to sign it.
2. You sign the transaction data (we do not store any private keys) and send us the signature.
3. We complete the transaction, broadcast it over the peer-to-peer network, and send it back to you.

So, sharing the hot wallet private key with blockcypher is a must to use blockcypher api to create, sign and send a Tx?

Did you miss point number 2?


No... I dint. Signing is a part of their offered API. Here is their sample code...

http://blockcypher.github.io/php-client/sample/doc/transaction-api/CreateAndSignAndSendTransaction.html

Please check this line...

Code:
$txSkeleton = $txClient->sign($txSkeleton, $privateKeys);

I AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMER
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
October 31, 2015, 06:28:16 PM
 #5

No... I dint. Signing is a part of their offered API. Here is their sample code...

http://blockcypher.github.io/php-client/sample/doc/transaction-api/CreateAndSignAndSendTransaction.html

Please check this line...

Code:
$txSkeleton = $txClient->sign($txSkeleton, $privateKeys);

I'm not familiar with the language (I'm a C++ coder) but if it means that the signing is not done on the client side then that would be a serious issue (hopefully the OP will clarify this).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
RussianRaibow
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I AM A SCAMMER


View Profile WWW
October 31, 2015, 06:37:40 PM
 #6

No... I dint. Signing is a part of their offered API. Here is their sample code...

http://blockcypher.github.io/php-client/sample/doc/transaction-api/CreateAndSignAndSendTransaction.html

Please check this line...

Code:
$txSkeleton = $txClient->sign($txSkeleton, $privateKeys);

I'm not familiar with the language (I'm a C++ coder) but if it means that the signing is not done on the client side then that would be a serious issue (hopefully the OP will clarify this).


This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...

I AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMER
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
October 31, 2015, 06:39:39 PM
 #7

This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...

Okay - then I hope the OP will explain his misleading point (hopefully it isn't a scam but it could be).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
RussianRaibow
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500

I AM A SCAMMER


View Profile WWW
October 31, 2015, 06:49:09 PM
 #8

This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...

Okay - then I hope the OP will explain his misleading point (hopefully it isn't a scam but it could be).


Well... blockcypher is definitely not a scam. blockcypher API is also used by services like ShapeShift.io. blockchain.info needs your private key/password too to send a Tx. This has become the de-facto rule for small bitcoin app devs and most do not bother much about this (well they'll tell you lots of security stories though). I have used blockchain.info before and none of my faucets ever got hacked. The thumb rule is to keep low amount in the hot wallet. But, as I am preparing for a bigger project I was exploring for an API that offers better security.

I AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMER
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
October 31, 2015, 06:54:04 PM
 #9

Well... blockcypher is definitely not a scam.

Hopefully not - but claiming they don't keep private keys and having an API that asks for your private key doesn't add up to me.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
mobidirmob
Full Member
***
Offline Offline

Activity: 199
Merit: 100


View Profile
January 14, 2016, 11:43:11 AM
 #10

BlockCypher is a platform-as-a-service for crypto coins. It's exposed through simple web APIs and callbacks for developers to build Bitcoin apps. We rebuilt the Bitcoin platform from the ground-up and optimized it for high availability. Our up time is 99.99%. 



 Grin Grin Grin Grin Grin


fbueller
Sr. Member
****
Offline Offline

Activity: 412
Merit: 287


View Profile
January 15, 2016, 11:34:45 AM
 #11

This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...

This is false; the library signs using PHP itself. So they're doing it right: server generates the unsigned transaction, user signs locally and returns the signature.

https://github.com/blockcypher/php-client/blob/master/lib/BlockCypher/Client/TXClient.php
https://github.com/blockcypher/php-client/blob/master/lib/BlockCypher/Api/TXSkeleton.php

Bitwasp Developer.
Sereneum
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
January 15, 2016, 09:07:23 PM
 #12

Well... blockcypher is definitely not a scam.

Hopefully not - but claiming they don't keep private keys and having an API that asks for your private key doesn't add up to me.


if they do, it doesn't mean that this information is logged or stored. Sure it can be stored your end and passed through the API - I think Micro-transaction API. They can process it and not store. I think blockcypher are a trustworthy service, I know developers who use them over blockchain.info / other services just for the stability, speed, documentation and the bcy testnet.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 16, 2016, 01:16:43 AM
 #13

if they do, it doesn't mean that this information is logged or stored. Sure it can be stored your end and passed through the API - I think Micro-transaction API. They can process it and not store. I think blockcypher are a trustworthy service, I know developers who use them over blockchain.info / other services just for the stability, speed, documentation and the bcy testnet.

No-one should ever be trusting a server "not to store private keys" (and no such server should ever even see them) so if that is what they are saying then I would be even more worried about it being a shady operation.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
hhanh00
Sr. Member
****
Offline Offline

Activity: 467
Merit: 267


View Profile
January 17, 2016, 07:44:49 AM
 #14

If you look closer, you will see that the `sign` method is running on the client.

CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 17, 2016, 08:00:30 AM
 #15

If you look closer, you will see that the `sign` method is running on the client.

Thanks for clearing that up for us.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
aschk
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
January 18, 2016, 03:38:18 PM
 #16

This is PHP and the syntax is very similar to C. If you see the link I provided, it wont be very difficult for you to decipher the working logic. sign() is a server side function which is taking $txSkeleton & $privateKeys variables as input and returning the signed data. But, if I could sign using PHP itself, I could avoid this step and directly push the signed Tx. I hope, someone, who knows PHP, chime in and point me to a code that allows me to do so...

Okay - then I hope the OP will explain his misleading point (hopefully it isn't a scam but it could be).


Well... blockcypher is definitely not a scam. blockcypher API is also used by services like ShapeShift.io. blockchain.info needs your private key/password too to send a Tx. This has become the de-facto rule for small bitcoin app devs and most do not bother much about this (well they'll tell you lots of security stories though). I have used blockchain.info before and none of my faucets ever got hacked. The thumb rule is to keep low amount in the hot wallet. But, as I am preparing for a bigger project I was exploring for an API that offers better security.

Actually blockchain.info doesn't use your keys on their side, all signing is done in browser. You never hand over raw keys to blockchain.info thank the stars!
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!