I'm new in bitcoin.
I need to create something like a temporary bitcoin wallet for the currency exchange app. The wallet should be alive just one exchange transaction or 2 days(if the transaction wouldn't confirmed) and then should be removed.
But as I understand right from bitcoin docs - I cannot remove a wallet, because it is sort a "public key".
Any suggestions?
A 'wallet' doesn't actually really exist. All it is, is a collection of private keys (or just one private key that can be used to derive other keys from, like HD wallets do). These private keys allow you to spend the unspent output (UTXO), thus make a transaction.
These private keys are used to generate public keys, and from those the addresses are generated. You can't remove these addresses because they just exist. In fact, every address already exists, you just need the private key to access them.
Removing things from the blockchain wouldn't make sense anyway, the blockchain is literally a chain of blocks, each block being a container filled with transactions. If you would remove a transaction from a block, all the following blocks would become invalid because the hash of your block's merkle tree would no longer add up.
That being said, you may want to look into HD wallets. You could do something like this (see BIP44):
m / purpose' / coin_type' / account' / change / address_index
Here you can use an incrementing ID for account, so that each use has his own account. You can then create a new address for each incoming payment (change = 0 for inbound external transactions, change 1 = for change coming from your own wallet).
This means that each payment/whatever will have its own address. Because it's a HD wallet you can still access all the addresses with the master key if you like.
Related
I have questions about:
fungible Token example and NEP-21 itself.
It's a possible situation when escrow allowances > 0, but account balance = 0.
Is it legal flow and why?
It never checks account_id exists or not. Why? Is it secure?
Anyone can call: inc_allowance/dec_allowance?
And for let owner_id = env::predecessor_account_id(); will be created new account, new escrow allowance automatically (if not exist). Is that logic correct and why?
get_account always created a new account. It looks redundant.
For example:
fn get_account(&self, owner_id: &AccountId) -> Account {
assert!(env::is_valid_account_id(owner_id.as_bytes()), "Owner's account ID is invalid");
let account_hash = env::sha256(owner_id.as_bytes());
self.accounts.get(&account_hash).unwrap_or_else(|| Account::new(account_hash))
}
Will create "always" new account for new owner_id. And it's possible then that account will never be used. So is it really practical to silently "create" an account with get_account?
transfer_from is never check owner_id as the real owner of the account. Is there logic to protect transferring only by real owners?
Why fungible token doesn't have a name/title?
Do the NEAR Protocol have some standard or logic for Fungible Tokens exchange?
It's a possible situation when escrow allowances > 0, but account balance = 0. Is it legal flow and why?
AFAIU allowance is just a sanity upper bound that prevents abuse. Two accounts can have two allowance for the same account that together sum up to a number larger than account balance.
It never checks account_id exists or not. Why? Is it secure?
In a sharded blockchain it is impossible to check for account existence without an asynchronous cross-contract call, since that other account might live on a different shard. Additionally, by the time we get a reply from that other shard this account can be created/deleted.
Anyone can call: inc_allowance/dec_allowance?
It can be only called by the owner, see: https://github.com/near/near-sdk-rs/blob/master/examples/fungible-token/src/lib.rs#L106
And for let owner_id = env::predecessor_account_id(); will be created new account, new escrow allowance automatically (if not exist). Is that logic correct and why?
Yes. I am not sure, why this would be contradictory.
get_account always created a new account. It looks redundant.
It might be redundant, but it also might be optimized out by the compiler in situations like this one: https://github.com/near/near-sdk-rs/blob/master/examples/fungible-token/src/lib.rs#L213
transfer_from is never check owner_id as the real owner of the account. Is there logic to protect transferring only by real owners?
It is implied in this check: https://github.com/near/near-sdk-rs/blob/master/examples/fungible-token/src/lib.rs#L174-L180 If it is not the case of an escrow, then env::predecessor_account_id() should be equal to owner_id. So the receipt/transaction must have been sent from the account of the owner.
Why fungible token doesn't have a name/title?
We are working on adding metadata to our contracts, see our Q1 OKRs here: https://airtable.com/shrw0AD36eIbfEW02
Do the NEAR Protocol have some standard or logic for Fungible Tokens exchange?
We have partners working on implementing something similar, but I don't think we have a standard.
I'm trying to get a list of addresses that have made transactions with a given bitcoin address for a project that examines how people use bitcoin for non-nefarious purposes. I've got a lot of addresses so a web based blockchain explorer like blockchain.info isn't practical.
I've downloaded the blockchain and used bitcoin-abe to dump it into a sqlite database. However I'm not finding addresses anywhere. Are the actual addresses called something different in the blockchain?
The spending conditions, i.e., who is able to spend a given output, are encoded as scripts in the output. What is commonly referred to as a Bitcoin address is little more than a default script format (either pay-to-pubkey or pay-to-pubkey-hash) which require a signature from a private key matching the pubkey in the script. For example P2PKH scripts look like this:
OP_DUP OP_HASH160 <PubkeyHash> OP_EQUALVERIFY OP_CHECKSIG
This checks that the pubkey on the stack matches the hash, and then checks that the signature and pubkey are valid for the transaction.
ABE stores the output scripts, but appears not to create an index for the addresses. So you probably want to convert the addresses that you're looking for into the script version (see the wiki for details on how to extract the pubkey hash or pubkey from the address). Once you have the pubkey hash or pubkey you construct a binary script similar to this (hexencoded):
76a914<pubkey-hash>88ac
You should then be able to search for these in the database ABE gives you.
You need to write a cron job using the BTC address of the user and check whether the transaction is made or not.
https://www.blockchain.com/explorer
Ex. https://github.com/bitpay/insight
End goal is to find all used addresses of a xpub programmatically, in batches, by querying a local node.
This PHP tool ( https://github.com/dan-da/hd-wallet-addrs ) extracts regular bitcoin addresses from an HD bitcoin wallet . I have to query a local bitcoin node to find out whether the extracted addresses have been used or not.This can easily be found out by querying the node one address at a time ( https://bitco.in/en/developer-reference#getreceivedbyaddress ). It works, but is too slow.
How can the same be done in batches ? i.e is there a Core function call or something to check info about a group of addresses ?
or any other way this can be accomplished ? I am relatively new to bitcoin and don't fully understand its inner workings.
P.S: can't use an external API like blockchain.info
With importAddress and rescan (3 paramter) set to true, you can add the addresses that you want watch.
Than with listTransactions you can list the last transactions that affect the imported address.
In my application I store users as user:n where n is a unique ID.
When a new user is created I increment a global variable such as user_count and use that ID as user:n.
But, I have an issue where I need to ensure an email is not already in use. I've done some reading around and the only way I can see how to do this is to:
1) Loop through the users. But, I am not keen on this solution as it could cause slower performance right?
2) Create a lookup that contains a list of email addresses used.
Both solutions seem a bit strange to me as I come from an SQL background.
Are these the only options available? I also have to do the same check for usernames too.
You could use Sets:
On registration: sadd taken_emails "john#example.com"
And testing with: sismember taken_emails "bob#exmaple.com"
Note that you have a possible race-condition where two users try to use the same email at the same time, both test and get "free" and then both register with it. You could use a lock to make sure they don't both get it, or make the registration operation atomic with either WATCH/MULTI/EXEC or with a lua script.
Can we edit and add new field to CTxOut class in order to send additional information to transaction object and then to the blockchain?
I got the following answer from here
Note that you should only do this, putting extra data into the block chain, if it is really necessary. The block chain has to be stored by every full node, so try not to take up all our hard drive space with unnecessary stuff whenever possible.
With that said, if you do want to add extra data to your transaction, then add an additional output to the transaction, for which the scriptPubKey has the following form:
OP_RETURN {80 bytes of whatever data you want}
80 bytes was chosen because it is big enough for a 64 byte hash and 16 other extra bytes of data, but not big enough to store anything maliciously big (like a movie collection). This transaction output is automatically un-spendable, and so will not be kept in the UTXO set in any pruning. The other UTXOs from your transaction will still be safe.