Who are you?
So, first let me introduce myself. I'm Rick Mac Gillis and I have over 12 years of experience as a web developer and I specialize in custom cryptographic security methods. If you'd like to know more about me, check out my Linked In profile and feel free to shoot me a message.
What are you creating?
Bit API Hub will allow developers to integrate hundreds of APIs in the Bitcoin market by simply calling our API using our one page SDK and writing very little code. Our server will act as a gateway to the third party API servers and where available, you will make calls using our API keys so that you don't need to even sign up with the 3rd-party API services. If the remote server speaks XML, JSON, or SOAP, you will receive the response as a JSON response in order to allow you to avoid having to convert the responses on your own. In the event that the remote server speaks another language, you'll be able to receive the response in it's native tongue.
We will have three package levels. Our free plan gives you access to everything that we get for free and sometimes even more. Tier 1 allows you to gain access to APIs that 3rd-parties charge for, and Tier 2 allows you to make custom API calls to any API on the entire planet. Aside from just allowing access to single API calls, developers can make what we call a "Data Call." Simply enter the name of the Data Call in your code and the response could be anything from ready to display charts to streamlined responses from remote APIs to save you bandwidth and and many lines of code.
An example of what you can expect to write (in psudo-code) is as follows.
require_once("../src/bitapihub.php");
$api = new BitAPIHub;
$api->api_url = $api_url;
$api->SigningPassword = $PrivKeyPass;
$api->PrivateKey = $PrivKey;
$api->api_key = "Your Bit API Hub API Key";
$request_data = array(
"api" => "counterpartybe",
"api-call" => "assetlist"
);
$request = $api->Call($request_data);
?>
As you can see, you can put most of that inside of a function and just write the
The API is cryptographically secure from Tier 1 on up and it checks to make sure that your OpenSSL private key truly signed the request submitted to the server. Without a proper signature, the request will not be used and changing the data sent will require a fully new signature to be generated. As the OpenSSL verification is a fairly intensive process, free members do not have access to signature checking. However, as we use our own API key for any static calls (call data that always stay the same for every call) and non-user-specific calls, you never have to worry about your keys being stolen by anyone on any plan that you use.
Our API will be hosted over HTTPS with a certificate signed by a major brand, most likely GoDaddy, so you'll always be sure that your data is encrypted to us. Our open source SDK implements cURL and forces certificate verification for our server. If a MitM attack is present, your call will simply fail. You can be sure that you will always be speaking to our servers when making a call with our SDK.
What does the future hold for Bit API Hub?
Before we even open our doors, we'll host a Bug Stomp and bounty competition. The announcement thread will give the Bitcoin payout address along with a signed message from that address so that you can be sure that we really own it. Our contest will feature a hackathon, design competitions,and an Easter egg hunt with prizes ranging from 0.001 BTC up to 0.1 BTC. We'll look to you to verify that our services are secure and up to your standards. Any necessary corrections will be made, and once there aren't any more bug reports, we'll stop the event. Afetr the event, we'll wait one week for every hacker to realize that the event is over and we'll place a notice on all of our URLs stating as such. After the week, we'll open for business.
What makes you think that hackers won't continue after the Bug Stomp?
Within 15 minutes of coming online, any computer is subject to attack. Hackers don't always hack computers manually, they use bot-nets to do a lot of the work. Therefore, you can we sure that hacker will try to hack our systems non-stop. Bitcoin companies are some of the hottest targets right now, but mainly hackers are interested in one thing, money. As we don't store any cash on our servers in any form, they have much less incentive to hack our server, but they will certainly try to do so.
Request for Comment
Do you have any questions, comments, or concerns? Are you interested in a service of this caliber? Let me know what you think about the new company.