Anyway it was only 0.06 BTC
Topic: [BETA] EXCHANGE.BYTECOIN.IN - page 2. (Read 3487 times)
i got a rpc error somehow and nothing was sent, but amount was 0 after the error
Anyway it was only 0.06 BTC
Anyway it was only 0.06 BTC
Had an error when withdrawing BTC from the platform.. See your PM
Send me that to me also, i'll investigate your issue.
Had an error when withdrawing BTC from the platform.. See your PM
I notice you also added timestamps to the recent trade data, which is a big improvement, IMO.
We certainly need more exchanges to trade alt coins and, therefore, this initiative deserves praise. However, I think it would have more success with a more general accepted coin, like terracoin or ppcoin. Any plans to accept also these ones?
DO NOT USE THIS SITE YET
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
I have an easy solution for the exchange to fix the biggest problem there.
Simply allow users to lock their payment address.
I also recommend avoiding this site completely until this critical issue is fixed. Any site you visit in the same browser could steal your entire balance with absolutely zero interaction from you.
Funny, the first thing I thought of after seeing this site was "it is probably vulnerable to CSRF".
Issue Fixed!
And thanks to all for finding and reporting the bugs. We will continue to improve on it and we are always open to suggestions and feedback. No need to scream it in BIG RED FONT lol
exchange.bytecoin.in ?
I assume it's the same owners who have the pool that made my bytecoins go "poof" on withdrawal.
I assume it's the same owners who have the pool that made my bytecoins go "poof" on withdrawal.
DO NOT USE THIS SITE YET
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
I have an easy solution for the exchange to fix the biggest problem there.
Simply allow users to lock their payment address.
I also recommend avoiding this site completely until this critical issue is fixed. Any site you visit in the same browser could steal your entire balance with absolutely zero interaction from you.
EDIT: FIXED
Funny, the first thing I thought of after seeing this site was "it is probably vulnerable to CSRF".
I am buying 3750 BTE! fill my order please.
Welcome guys!
Thanx for it i try it soon 
Deposits and payouts work fine
Goog morning guys,
We are very happy to announce the release of the exchange (http://exchange.bytecoin.in)
It is still rough but the background is highly functional, but like in all betas, bugs are likely to show up.
Please use this thread to post all your feedback about the exchange and what changes/improvements you would like to see.
Enjoy!
Edit: IT experts, please test the site for security vulnerabilities. We want to make sure the exchange is rock solid. Thanks in advance
We are very happy to announce the release of the exchange (http://exchange.bytecoin.in)
It is still rough but the background is highly functional, but like in all betas, bugs are likely to show up.
Please use this thread to post all your feedback about the exchange and what changes/improvements you would like to see.
Enjoy!
Edit: IT experts, please test the site for security vulnerabilities. We want to make sure the exchange is rock solid. Thanks in advance
nice work Sir
DO NOT USE THIS SITE YET
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
I have an easy solution for the exchange to fix the biggest problem there.
Simply allow users to lock their payment address.
Wow you're a real jerk considering they asked for help pointing out security vulnerabilities and you go all ape-shit on them with your enormous red font.
Sorry. I just don't want other people to lose money like I did.
How much did you lose?
Post your address
Not much at all. I just used a tiny bit while testing and lost almost most of it, so I wanted to warn others. I apologise if I was rude about it before.
Wow you're a real jerk considering they asked for help pointing out security vulnerabilities and you go all ape-shit on them with your enormous red font.
Sorry. I just don't want other people to lose money like I did.
How much did you lose?
Post your address
Wow you're a real jerk considering they asked for help pointing out security vulnerabilities and you go all ape-shit on them with your enormous red font.
Sorry. I just don't want other people to lose money like I did.
DO NOT USE THIS SITE
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
Not to mention that in the process of testing it my 0.5 BTE magically turned into 0.005 BTE. I made one order to sell 0.5 BTE at a price of 0.1 (BTC per BTE I presume, but I can't be sure since are no units given for the price, amount or total). When I cancelled it, I only got 0.05 BTE back. I did a similar thing again and it further reduced my balance to 0.005 BTE.
So I'd definitely recommend avoiding this site for now/ever.
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
Not to mention that in the process of testing it my 0.5 BTE magically turned into 0.005 BTE. I made one order to sell 0.5 BTE at a price of 0.1 (BTC per BTE I presume, but I can't be sure since are no units given for the price, amount or total). When I cancelled it, I only got 0.05 BTE back. I did a similar thing again and it further reduced my balance to 0.005 BTE.
So I'd definitely recommend avoiding this site for now/ever.
Wow you're a real jerk considering they asked for help pointing out security vulnerabilities and you go all ape-shit on them with your enormous red font.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
DO NOT USE THIS SITE
It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
Not to mention that in the process of testing it my 0.5 BTE magically turned into 0.005 BTE. I made one order to sell 0.5 BTE at a price of 0.1 (BTC per BTE I presume, but I can't be sure since are no units given for the price, amount or total). When I cancelled it, I only got 0.05 BTE back. I did a similar thing again and it further reduced my balance to 0.005 BTE.
So I'd definitely recommend avoiding this site for now/ever.
Best way to fix csrf is to use POST more(with some hidden randomly generated tokens) for most stuff, and less GET requests with dynamic data. It is vulnerable to cross-site request forgery.
This basically means that if you are logged in to the exchange, any random site you visit can log you out, cancel your orders, possibly create new orders (haven't checked this one yet), or withdraw your money to the attacker's address (I have successfully done this with my own account).
Not to mention that in the process of testing it my 0.5 BTE magically turned into 0.005 BTE. I made one order to sell 0.5 BTE at a price of 0.1 (BTC per BTE I presume, but I can't be sure since are no units given for the price, amount or total). When I cancelled it, I only got 0.05 BTE back. I did a similar thing again and it further reduced my balance to 0.005 BTE.
So I'd definitely recommend avoiding this site for now/ever.
Jump to: