It's an exciting time to be a JavaScript developer for Bitcoin. There are a number of JavaScript libraries for Bitcoin. Here is a comprehensive list of alternatives to Bitcore:
A deterministic K is used in many of these libraries, so randomness isn't needed at the time of signing transactions. window.crypto and the Node.js crypto library are often used for private key generation.
Looks awesome. Cryptocurrency development has seemed pretty intimidating to me but this is probably the going to be the push that gets me started supporting tip sharing features on my site.
It might be what you're looking for, unless you want to custom build something. In that case also give Chain.com a look as well as Blockcypher.com.
Coinbase also has some nice developer products, their api: coinbase.com/docs/api/overview
and if you want to do anything relating to raw bitcoin data (the blockchain and all transactions) i.e., run a node, I'd recommend Toshi.io, an open-source node that is very easy to query. Quite a few people run this thing on an AWS tier.
Hope that helps if you want to dabble with a bitcoin project for your site :)
I am wondering if anyone has some thoughts on the security of this in a web-application? Storing the private keys in a database connected to one's web-app is just a bad idea right? So than it just becomes a proxy to the Bitcoind installation via JSON-RPC? Would it be considered safe to encrypt user's private keys via their password+hash+salt the same way I'm storing their passwords?
Yep, storing your bitcoins in a plain web app is definitely a bad idea. The current trend in the bitcoin space is a mixture of:
* Discouraging the use of the webapp (if any available) in favor of a browser application (chrome app, firefox app, etc)
* 2 factor auth to login
* Bitcoin "multisig" transactions: require at least N out of M valid private keys (allowing the storage of these keys to be on different devices/services/media) before releasing funds
I believe haakon is correct on this one, unless I'm missing something. We just got into an argument at my work over the correct usage of the term "api", but found this post to back up my arguments - http://stackoverflow.com/questions/8772746/difference-betwee...
Anyway, I'm not trying to nitpick or keep this side-discussion alive. But I'm genuinely curious how most people classify the difference between api and library.
Also on a sidenote, who's downvoting all the comments and the thread itself? This seems like a really cool project and it doesn't look like anyone's posted anything completely irrelevant here.
> But I'm genuinely curious how most people classify the difference between api and library.
JMS is an API [1], [2].
ActiveMQ [3] is an implementation of the JMS API.
Commons BeanUtils [4] is a library. The library itself has an API (that's how we interact with the library).
There is a semantic difference between the "JMS API" and the "BeanUtils API".
The former is just an API. It's a standard. It has no implementation. Implementations are all expected to utilize the API.
The latter is a library, but we need to talk to the library - and we do that through its API. However, the API that BeanUtils exposes is not standardized. It's by and large local to BeanUtils.
> Also on a sidenote, who's downvoting all the comments and the thread itself?
The thread itself, no clue, how can you even see that? I'd assume there's quite a bit of people who get tired of hearing about bitcoin though. It's a bit like how I really, really didn't feel like hearing about social media being the biggest thing ever years back, until it became something actually substantial recently.
As for the comments, all I see is 'oh cool, awesome'. HN doesn't like that, you just use upvoting to show appreciation.
Anyway, I can't help but say it's pretty awesome, too. Bitpay's definitely been doing some great open-source work to create a bitcoin library that works as well (and similarly) in the browser as server side, it's really nice to work with and very comprehensive, too. I wish they had a little showcase page going where they point you to projects that use it, though. Their own Copay does for example, a shared wallet which I've tried a couple times, works very nicely.
> Also on a sidenote, who's downvoting all the comments and the thread itself? This seems like a really cool project and it doesn't look like anyone's posted anything completely irrelevant here.
Who else? Bitcoin haters and deniers like patio11. Such kinds of irrational and emotional people are everywhere, including HN. Keep in mind they can be good and logical at other things, but get emotional on one particular subject. Bitcoin shakes some of the foundations everyone on Earth has or has had at some point (like the concept of money, the justifications for inflation, etc.), and a lot of people don't like change.
> Bitcoin shakes some of the foundations everyone on Earth has or has had at some point
really now...
> like the concept of money
Bitcoin is still money (which I would describe as a proxy for value with latency built in).
> the justifications for inflation
Other than eventually running out and deflating (probably a problem in it's own way), bitcoin doesn't address this problem.
What is bitcoin going to do to address fractional reserve banking, debt slavery, information asymmetry (insider trading), financial chicanery (selling debt-based products/toxic assets), which I would argue are bigger problems built into money as we know it. Nada that I'm aware of.
Why is bitcoin even less anonymous than traditional currency?
Why is it even more inequal (who has bitcoin? wealthy, technologically literate citizens of the first world) than traditional currency?
I agree that money sucks but bitcoin is hardly the solution we need.
I would guess his paranoia is more general than directed at npm directly. However, it's a fair point that NPM allows anyone to push projects with no oversight, whereas many other package manager inventories are maintained and curated.
I have a question about bitcoin in general - how do transactions on the network get verified? Does it mostly happen through miners? If so, what happens when mining reaches the point where it becomes economically worthless to everyone except a few electricity thieves? Will there just be a massive backlog of unprocessed transactions?
Unless I'm wrong somehow, I could see this becoming especially problematic as bitcoin becomes more popular and the daily transaction volume grows. How does the bitcoin foundation/community plan to tackle this issue?
This is clearly not the place to ask this question about mining. This is a thread about a software development on a whole different side of Bitcoin. If you are genuinely curious about the theme of your question, and not just interested in derailing threads, you are very welcome to educate yourself at bitcointalk, the main Bitcoin forum. There have been thousands -if not millions- of man hours in thinking, development, research and debate about the topics you enquire about. Head there and find the answers, and if still in doubt don't be afraid to ask (on an appropriate thread).
>If so, what happens when mining reaches the point where it becomes economically worthless to everyone except a few electricity thieves?
The difficulty of mining is represented by a certain target number. The process of mining involves finding another number (the nonce) such that the hash of the transactions and that nonce together is less than the target. The smaller the target is, the less possible solutions exist, and the more nonces you'd have to guess before you find one that satisfies the condition.
This difficulty is self-adjusting based on how long it took to find the previous 2016 blocks (at an average of 1 block every 10 minutes this is 2 weeks). If the previous 2016 blocks were found faster than an average of 1 every 10 minutes, then the difficulty will be increased so that the next 2016 go closer to 1 every 10 minutes, and vice versa. (There is a clamp on the change of 25% if I remember correctly, so it won't change drastically.)
The assumption in the end is that these few electricity thieves will not have so much hashpower that they will be able to drive up the difficulty so high the rest of the non-thieves can get profits from their miners.
> The fees go to the miners to incentivise them to keep mining, which in turn keeps the Bitcoin network secure. They already get a reward of 25 XBT for each block they mine, but this reward halves every 4 years. The plan is that as the block reward diminishes over the time, it will be replaced by transaction fees.
- https://github.com/bitcoinjs/bitcoinjs-lib (one of the best)
- https://github.com/indutny/bcoin (Indutny's work is found throughout Node.js and is the basis of elliptic curve cryptography in Bitcore)
- https://github.com/ryanxcharles/fullnode (ex-developer of Bitcore and now engineer at Reddit behind Reddit's crypto currency initiative)
- http://cryptocoinjs.com/ (disclosure: I started this one)
Here is an older article that I wrote about understanding how an Address is created (still valid, but using an older version of bitcoinjs-lib): http://procbits.com/2013/08/27/generating-a-bitcoin-address-...
The cool thing is that you can use test Bitcoins without any risk to learn how to program for Bitcoin. Use these faucets: http://tpfaucet.appspot.com/ and http://faucet.xeno-genesis.com/
Here is a very simple wallet that I built to demonstrate how easy it is to build one: https://github.com/coinbolt/simple-wallet
Finally, an open source app to test the purchasing experience of Bitcoin: https://github.com/coinbolt/catshop