Topic: [BTC-TC] Virtual Community Exchange [CLOSED] - page 77. (Read 316457 times)
Has anyone found their balance empty? Shall it be that btc-tc is a scam?
whats going on? why am i getting acces denied message?
thanks for the info...
thanks for the info...
I get the same, was worried for a second until I saw your post. I am sure burnside will get it figured out
EDIT: Few minutes later and it is fixed
whats going on? why am i getting acces denied message?
thanks for the info...
thanks for the info...
Three questions:
1. Are the options on the exchange European style or American style? Meaning can I exercise them at any point in time up to the expiration date, or only on the expiration date?
2. Also, if I buy put options from someone, is it guaranteed that the user can fulfill his obligations in case the asset goes to 0 (worst case scenario for him)? Ie., for someone who writes put options, is the full amount of BTC required to fulfill the obligation locked in his account?
3. Is there a secondary market for options, or can I only buy options from issuers, and exercise them, but not sell them to someone else?
1. Are the options on the exchange European style or American style? Meaning can I exercise them at any point in time up to the expiration date, or only on the expiration date?
2. Also, if I buy put options from someone, is it guaranteed that the user can fulfill his obligations in case the asset goes to 0 (worst case scenario for him)? Ie., for someone who writes put options, is the full amount of BTC required to fulfill the obligation locked in his account?
3. Is there a secondary market for options, or can I only buy options from issuers, and exercise them, but not sell them to someone else?
1) American
2) The exchange reserves all coins/shares required in the accounts of the options writers.
+1. Mandatory 30 days is crazy.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
This seems sensible. Of course, an unauthorized access could then change it, so make (reduction) changes wait 30 days, in the same fashion. We can't have everything, but options are good, so long as the user is made blatantly aware that changing from the default carries an increased security risk.
[...]
If you use Google Auth print the QR code or write down the secret somewhere safe.
[...]
I don't have a printer, so printing the QR code is not an option.
Replying from my cell so can't really quote inline.
The options can't currently be backed by other options because they do not yet auto-exercise. Working on it...
The code should have been displayed below the QR code. You can turn 2FA off and it should show it to you again.
Cheers.
Why is the exchange running on London time and not UTC?
You can edit the time zone under Account - Settings.
Why is the exchange running on London time and not UTC?
What about asking for the PIN in case of lost 2FA and vice versa? Maybe together with a waiting period, but 30 days? Thats insane.
This is insane.I think PIN is terrible and I use 2FA, and if people could reset my 2FA using my PIN would completely defeat the purpose of using 2FA in the first place!
What about asking for the PIN in case of lost 2FA and vice versa? Maybe together with a waiting period, but 30 days? Thats insane.
This is insane.I think PIN is terrible and I use 2FA, and if people could reset my 2FA using my PIN would completely defeat the purpose of using 2FA in the first place!
Three questions:
1. Are the options on the exchange European style or American style? Meaning can I exercise them at any point in time up to the expiration date, or only on the expiration date?
2. Also, if I buy put options from someone, is it guaranteed that the user can fulfill his obligations in case the asset goes to 0 (worst case scenario for him)? Ie., for someone who writes put options, is the full amount of BTC required to fulfill the obligation locked in his account?
3. Is there a secondary market for options, or can I only buy options from issuers, and exercise them, but not sell them to someone else?
1. Are the options on the exchange European style or American style? Meaning can I exercise them at any point in time up to the expiration date, or only on the expiration date?
2. Also, if I buy put options from someone, is it guaranteed that the user can fulfill his obligations in case the asset goes to 0 (worst case scenario for him)? Ie., for someone who writes put options, is the full amount of BTC required to fulfill the obligation locked in his account?
3. Is there a secondary market for options, or can I only buy options from issuers, and exercise them, but not sell them to someone else?
1) American
2) The exchange reserves all coins/shares required in the accounts of the options writers.
+1. Mandatory 30 days is crazy.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
This seems sensible. Of course, an unauthorized access could then change it, so make (reduction) changes wait 30 days, in the same fashion. We can't have everything, but options are good, so long as the user is made blatantly aware that changing from the default carries an increased security risk.
[...]
If you use Google Auth print the QR code or write down the secret somewhere safe.
[...]
I don't have a printer, so printing the QR code is not an option.
What about asking for the PIN in case of lost 2FA and vice versa? Maybe together with a waiting period, but 30 days? Thats insane.
This is insane.I think PIN is terrible and I use 2FA, and if people could reset my 2FA using my PIN would completely defeat the purpose of using 2FA in the first place!
+1. Mandatory 30 days is crazy.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
This seems sensible. Of course, an unauthorized access could then change it, so make (reduction) changes wait 30 days, in the same fashion. We can't have everything, but options are good, so long as the user is made blatantly aware that changing from the default carries an increased security risk.
You can easily avoid ever having to use this reset system:
If you use a PIN, write it down somewhere safe.
If you use Google Auth print the QR code or write down the secret somewhere safe.
If you use Yubikeys, setup Google Auth as a backup or have a second backup key.
Don't permanently lock your withdrawal address unless you really mean it to be permanent. (2FA makes this feature overkill, just turn on 2FA.)
A little forethought/prevention goes a long way. The reset requests are an absolute last resort and really shouldn't have been necessary at all. The other thing to keep in mind is that eventually we'll be offering instant resets in exchange for escrow of 150% of the account value to be held 30 days. Also, you can create alt accounts in the interim period if you really need to make a trade.
In summary, you can prevent ever needing this and when your email is compromised, you'll be glad it's like this. (Just ask the couple of people that have lost everything...)
Cheers
+1. Mandatory 30 days is crazy.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
Maybe have the time limit be settable by the user (pin/2FA required to change)? So if someone is normally on every day they can set it to say 5 days, but someone who hardly ever uses it could set it to 60 if they like. Then no complaints due to burnside whatever the outcome, because it was the user's decision what the wait should be.
Big change tonight to the reset process for PINS, WITHDRAWAL ACCOUNT LOCKS, GOOGLE AUTH, and YUBIKEYS.
Please visit https://btct.co/resetRequest if you need to reset any of the above.
It will send you an email.
You confirm the request by clicking the link in the email.
The request then sits in our queue for 30 days.
During the 30 days the request detail and status appears at the top of the portfolio page, including a cancel button to cancel the request.
After 30 days we process the request.
We apologize for the long wait period on doing these resets, but it is important to give an owner of a compromised email account plenty of time to realize they are compromised and recover their account before we hand over their entire account contents.
Automating this process has the side benefit that we'll be able to make resets free of charge going forward. (each reset used to be 0.5 BTC)
Cheers.
Well first of all its great that the process is now free and automated. But there has to be a better solution than having to wait 30 days. I guess just a few requests will be malicious and in this case there's still the possibility that I don't login within 30 days. Also the attacker needs to know the PIN or have 2FA in order to do anything serious.Please visit https://btct.co/resetRequest if you need to reset any of the above.
It will send you an email.
You confirm the request by clicking the link in the email.
The request then sits in our queue for 30 days.
During the 30 days the request detail and status appears at the top of the portfolio page, including a cancel button to cancel the request.
After 30 days we process the request.
We apologize for the long wait period on doing these resets, but it is important to give an owner of a compromised email account plenty of time to realize they are compromised and recover their account before we hand over their entire account contents.
Automating this process has the side benefit that we'll be able to make resets free of charge going forward. (each reset used to be 0.5 BTC)
Cheers.
In my opinion you buy little security with the waiting period with A LOT of inconvenience. What about asking for the PIN in case of lost 2FA and vice versa? Maybe together with a waiting period, but 30 days? Thats insane.
++PM see mmm+++-[BRAND NEW]-*DON'T UNDERESTIMATE OUR/\SUPERCOMPUTERS' FRIENDS FRIEDCAT AND OTHER "PASSTHROUGH" MARKETS=MASSIVE FOREIGN FVNNY MONEY IMO!!!!!
I was thinking about creating a python library to wrap the BTC-TC API. Who would find such a thing useful?
Me!Please do it.
Hi all, my schedule is going to be very tight this week. This is bound to slow down withdrawals, support requests, and ASICMINER transfers. I apologize for any inconvenience in advance.
Cheers.
Cheers.
Big change tonight to the reset process for PINS, WITHDRAWAL ACCOUNT LOCKS, GOOGLE AUTH, and YUBIKEYS.
Please visit https://btct.co/resetRequest if you need to reset any of the above.
It will send you an email.
You confirm the request by clicking the link in the email.
The request then sits in our queue for 30 days.
During the 30 days the request detail and status appears at the top of the portfolio page, including a cancel button to cancel the request.
After 30 days we process the request.
We apologize for the long wait period on doing these resets, but it is important to give an owner of a compromised email account plenty of time to realize they are compromised and recover their account before we hand over their entire account contents.
Automating this process has the side benefit that we'll be able to make resets free of charge going forward. (each reset used to be 0.5 BTC)
Cheers.
Please visit https://btct.co/resetRequest if you need to reset any of the above.
It will send you an email.
You confirm the request by clicking the link in the email.
The request then sits in our queue for 30 days.
During the 30 days the request detail and status appears at the top of the portfolio page, including a cancel button to cancel the request.
After 30 days we process the request.
We apologize for the long wait period on doing these resets, but it is important to give an owner of a compromised email account plenty of time to realize they are compromised and recover their account before we hand over their entire account contents.
Automating this process has the side benefit that we'll be able to make resets free of charge going forward. (each reset used to be 0.5 BTC)
Cheers.
Quick note, we had a 30 minute outage just a little while ago. There was a bug in our drip software that caused an infinite loop. Took down the app server for a while. It should be fixed now.
Cheers.
Cheers.
Any chance for an 'oob' page with a verified code displayed for standalone clients that can't handle callbacks?
You can use a callback to something non existant and manually copy the verifier from your browser. The callback redirects for exampe to http://XXXX/ and this looks like:
Code:
http://XXXX/?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&oauth_verifier=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The new landing page works fine, much better than copy/pasting from an address bar from a user-experience PoV.
I believe that the standard guideline for "oob" landing pages is to have a page in the layout of the site that says something like "Copy/paste this code into the box provided by the application you're trying to access
I'll see what I can do.
Any chance for an 'oob' page with a verified code displayed for standalone clients that can't handle callbacks?
You can use a callback to something non existant and manually copy the verifier from your browser. The callback redirects for exampe to http://XXXX/ and this looks like:
Code:
http://XXXX/?oauth_token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&oauth_verifier=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The new landing page works fine, much better than copy/pasting from an address bar from a user-experience PoV.
I believe that the standard guideline for "oob" landing pages is to have a page in the layout of the site that says something like "Copy/paste this code into the box provided by the application you're trying to access
Jump to: