Bitcoin Forum
December 02, 2016, 08:16:34 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Some questions about bitcoind daemon  (Read 1603 times)
Quizzesport
Newbie
*
Offline Offline

Activity: 15


View Profile
March 17, 2012, 05:33:59 PM
 #1

Hello, every one

i am hosting a bitcoind daemon on my vps, with my apache website, however, i still have few questions about it.


1: in my source code,"$bitcoin = new jsonRPCClient('http://superman:{super}@127.0.0.1:8332/'" here superman is a username,and super is a password, are they the same as wallet encryption function of Bitcoin-Qt? i mean if someone steal the wallet.dat, but he doesn't know this password, can he send any coins out with the wallet.dat? if this is just an independent password of bitcoind daemon, then how can i set up a password for all out going requests just like wallet encryption function of Bitcoin-Qt?

2: if the administrator of my vps, or a hacker hacked in my vps, he got the access of all my files, he saw my source code with the password, then he can steal all my coins with the password right? any other ways to improve the protection of such accidents? (because there are always new vulnerables found, for apache, for linux etc..)

3: how can i know about the translation fee before send bitcoins? ie, if a client has 15btcs in his account, and he send 15btcs out, how can i know how much is the fee of this translation before process it? because it might be free, it might be 0.01btc, it might be 1btc, i need to calculate the amount available before process his request. btw, i don't really get the definition of translation fee, is that obligatory or voluntary? if you pay, your request get faster process by btc network,if not, your request will still be processed, but just slower, right?

thank you for your help
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480709794
Hero Member
*
Offline Offline

Posts: 1480709794

View Profile Personal Message (Offline)

Ignore
1480709794
Reply with quote  #2

1480709794
Report to moderator
1480709794
Hero Member
*
Offline Offline

Posts: 1480709794

View Profile Personal Message (Offline)

Ignore
1480709794
Reply with quote  #2

1480709794
Report to moderator
1480709794
Hero Member
*
Offline Offline

Posts: 1480709794

View Profile Personal Message (Offline)

Ignore
1480709794
Reply with quote  #2

1480709794
Report to moderator
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
March 17, 2012, 10:26:49 PM
 #2

2: if the administrator of my vps, or a hacker hacked in my vps, he got the access of all my files, he saw my source code with the password, then he can steal all my coins with the password right? any other ways to improve the protection of such accidents? (because there are always new vulnerables found, for apache, for linux etc..)
Yes, the only way the prevent it is with multi-sig transactions, which is coming soon.
3: how can i know about the translation fee before send bitcoins? ie, if a client has 15btcs in his account, and he send 15btcs out, how can i know how much is the fee of this translation before process it? because it might be free, it might be 0.01btc, it might be 1btc, i need to calculate the amount available before process his request. btw, i don't really get the definition of translation fee, is that obligatory or voluntary? if you pay, your request get faster process by btc network,if not, your request will still be processed, but just slower, right?
You can set it to 0, but if the transaction is too "spammy", the client will still send it with the fee.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
Quizzesport
Newbie
*
Offline Offline

Activity: 15


View Profile
March 18, 2012, 03:22:28 PM
 #3

thanks for your reply.

i don't mind its free or not, but i need to know and charge the fee before client actually send his bitcoins out, so his account won't like -0.1 negative amount. if not, i am going to lose my bitcoins for his fee.
Pieter Wuille
Legendary
*
Offline Offline

Activity: 1036


View Profile WWW
March 18, 2012, 04:03:25 PM
 #4

1: in my source code,"$bitcoin = new jsonRPCClient('http://superman:{super}@127.0.0.1:8332/'" here superman is a username,and super is a password, are they the same as wallet encryption function of Bitcoin-Qt? i mean if someone steal the wallet.dat, but he doesn't know this password, can he send any coins out with the wallet.dat? if this is just an independent password of bitcoind daemon, then how can i set up a password for all out going requests just like wallet encryption function of Bitcoin-Qt?

You can access the wallet encryption via the walletpassphrase, walletlock, encryptwallet and walletpassphrasechange commands. The RPC password however is something completely different: it's only for authenticating the RPC call itself. Wallet encryption is independent.

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Quizzesport
Newbie
*
Offline Offline

Activity: 15


View Profile
March 19, 2012, 12:07:52 AM
 #5

1: in my source code,"$bitcoin = new jsonRPCClient('http://superman:{super}@127.0.0.1:8332/'" here superman is a username,and super is a password, are they the same as wallet encryption function of Bitcoin-Qt? i mean if someone steal the wallet.dat, but he doesn't know this password, can he send any coins out with the wallet.dat? if this is just an independent password of bitcoind daemon, then how can i set up a password for all out going requests just like wallet encryption function of Bitcoin-Qt?

You can access the wallet encryption via the walletpassphrase, walletlock, encryptwallet and walletpassphrasechange commands. The RPC password however is something completely different: it's only for authenticating the RPC call itself. Wallet encryption is independent.


very helpful, any ideas for others 2 questions?

walletpassphrase is still write in source code, if vps got hacked, hacker still can read this password.

thank you so much
Pieter Wuille
Legendary
*
Offline Offline

Activity: 1036


View Profile WWW
March 19, 2012, 12:18:36 AM
 #6

2: if the administrator of my vps, or a hacker hacked in my vps, he got the access of all my files, he saw my source code with the password, then he can steal all my coins with the password right? any other ways to improve the protection of such accidents? (because there are always new vulnerables found, for apache, for linux etc..)

If you're going to run a service which needs to be able to send transactions by itself, my only advice it so only run it on hardware you own, or pay the hosting company for the level of protection you need. At least, for now. When multisig transaction become commonplace, other solutions may be possible.

If you're just going to receive transactions, pre-generate 1000 addresses and put them on the webserver, but run no live bitcoind there.

Quote
3: how can i know about the translation fee before send bitcoins? ie, if a client has 15btcs in his account, and he send 15btcs out, how can i know how much is the fee of this translation before process it? because it might be free, it might be 0.01btc, it might be 1btc, i need to calculate the amount available before process his request. btw, i don't really get the definition of translation fee, is that obligatory or voluntary? if you pay, your request get faster process by btc network,if not, your request will still be processed, but just slower, right?

That's currently hard: you can set the voluntary fee to 0, but bitcoind will always add a fee if it considers it absolutely necessary (too small outputs, too young/small inputs, too large, ...). This is usually very small, but whether it is necessary can depend on random factors (the input coin selection is random, so the fee requirement may or may not be there, though it rarely has much influence.

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Quizzesport
Newbie
*
Offline Offline

Activity: 15


View Profile
March 19, 2012, 01:03:12 PM
 #7

great advice.

thank you again.

so i will have to pre charge 0.01btc for every out going bitcoin translations.
Pieter Wuille
Legendary
*
Offline Offline

Activity: 1036


View Profile WWW
March 19, 2012, 01:44:10 PM
 #8

You can also only allow transactions if at least 0.0005 (or even up to 0.01) BTC is present in the user's account, but only subtract the actually used fee?

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!