Pages:
Author

Topic: Building a trading bot for the "trust no-one" guys . (Read 3249 times)

sr. member
Activity: 267
Merit: 250
Woodwallets.io
Sorry to be obtuse... but with Buy/Sell orders on Gox, what value does a trading bot do for you???

How can you tell gox to sell/buy 20coins at market price, only if the price drops/rise under/above a threshold?
hero member
Activity: 826
Merit: 500
Firewalls won't help! You could do some clever thing such as modify the cache of a browser to make it pass your API keys to your site when next opened. Inject into another process. Etc etc. There's tons of possibilities.

Source code or GTFO. Seriously, I'm not trusting anything I don't build from source, especially when it involves thousands of dollars.
yeah
full member
Activity: 210
Merit: 100
Sorry to be obtuse... but with Buy/Sell orders on Gox, what value does a trading bot do for you???

The question isn't really about a trading bot. The author is trying to figure out how to get closed source software trusted enough to be used. 

A bot that does nothing but trade on mtgox could be trivially reverse engineered to find out  whatever super secret algorithm is used.
gbx
full member
Activity: 226
Merit: 100
Sorry to be obtuse... but with Buy/Sell orders on Gox, what value does a trading bot do for you???
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




That's extraordinarily poor design

Hi joshki, I'd love to hear from you better designed solutions.

Why?  I have no desire to enable you, or teach you basic software design.
The constrain here is that the bot only communicates with mtgox. Please, enlighten us.
b!z
legendary
Activity: 1582
Merit: 1010
Firewalls won't help! You could do some clever thing such as modify the cache of a browser to make it pass your API keys to your site when next opened. Inject into another process. Etc etc. There's tons of possibilities.

Source code or GTFO. Seriously, I'm not trusting anything I don't build from source, especially when it involves thousands of dollars.

Thanks for the feedback TradeFortress, I will consider getting TFO. However I'm not forcing you (nor anybody else) to use it. I totally understand your point of view. If you have something else to add on the topic help me out!

PS: since you care so much about security, why would you be logged in as root on a ubuntu machine? Wink

Sincerely, Nicolò

Because it makes him seem like some sort of l33tanonhax0r.

To OP, I do suggest you release the software as open source. Bitcoin is pretty new and any open source things you release are helpful.
full member
Activity: 210
Merit: 100
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




That's extraordinarily poor design

Hi joshki, I'd love to hear from you better designed solutions.

Why?  I have no desire to enable you, or teach you basic software design.
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




That's extraordinarily poor design

Hi joshki, I'd love to hear from you better designed solutions.
full member
Activity: 210
Merit: 100
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




That's extraordinarily poor design
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




The part in bold sounds very bad...

why is that?
legendary
Activity: 1148
Merit: 1018
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!




The part in bold sounds very bad...
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public?
Hi nitrous Wink
Yes it is necessary that the bot remain closed source. The business model will be embedded in the source code and I can't allow people to just comment out those lines.
People on betalist will have to sign an NDA and will face consequences if distributing the source without authorisation.

Thank you again for your suggestions!


sr. member
Activity: 246
Merit: 250
Hi Advanced,

Is it important that your bot remain closed source? I don't have anything against closed source, but if you're willing to give access to your source code to those on the beta list, who could potentially release it themselves, why not just release the code to the public? You can still distribute precompiled binaries for those who don't know enough to compile it themselves, and other people can verify the authenticity of the binary for you. Many open source projects do this, and unless you intend to keep the source closed, this could help you with the trust issue. Of course, there would still be some who might question whether the binary is compiled from different code, but they would be able to check and compile it themselves.
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Quote
Sorry Advanced, but you aren't clear on what a firewall does, so i fear you have some things to learn before your project can take off.  And I don't know why you are against open source for software you don't seem to be planning to sell.  All the big boys in this movement invite others to read their code because they know the value is not in having the code, it's in being able to write good code to start with.  All of your stuff with 3rd parties cross signing is a waste of time.  Nobody will believe any of the "people" who cross sign your closed code - give it up.

Another way to put it:  If an idiot copies code he can eat a fish for a day.  The guy who writes good code will catch as many fish as he wants and will eat for a lifetime.  

Hello Professor,
I'm here to say that I don't take lessons of open source software. A simple bot with no algorithms whatsoever represent no contribution for the OSS community (it ain't no astrophysics http://arxiv.org/abs/1304.6780v1) . I've been contributing and I am contributing to OSS projects for the last 12 years, this is a different topic.

If you want to add something to this thread, try to help the others in finding workarounds to it. Otherwise,

so long and thanks for all the fish.
member
Activity: 103
Merit: 10
You cannot do what you wish to do.

If the application is closed source, it will not be trusted.  That's the bottom line.

Publish your source or live with it.

THIS

Thank you Rampion.

I agree with his statement  ^---- THAT ----^

Sorry Advanced, but you aren't clear on what a firewall does, so i fear you have some things to learn before your project can take off.  And I don't know why you are against open source for software you don't seem to be planning to sell.  All the big boys in this movement invite others to read their code because they know the value is not in having the code, it's in being able to write good code to start with.  All of your stuff with 3rd parties cross signing is a waste of time.  Nobody will believe any of the "people" who cross sign your closed code - give it up.

Another way to put it:  If an idiot copies code he can eat a fish for a day.  The guy who writes good code will catch as many fish as he wants and will eat for a lifetime. 
legendary
Activity: 1148
Merit: 1018
You cannot do what you wish to do.

If the application is closed source, it will not be trusted.  That's the bottom line.

Publish your source or live with it.

THIS
sr. member
Activity: 267
Merit: 250
Woodwallets.io

Would you consider writing a bot for something besides the Magic: The Gathering of Incompetents exchange?  BTC-e for LTC (read cheapo) traders?
I'm on it. Would you be interested in trying it out?


I probably would as I don't have any real wealth on BTC-e so if it was stolen the crying would be short lived.  Shoot me PM when you have something ready and are ready to hack my computer.  I am rather naive and dumb anyway.

Ok you are on the betalist ! Just be patient;) Thanks
sr. member
Activity: 267
Merit: 250
Woodwallets.io
Hi!

My idea: use an opensource trading framework, that allows you to load your strategy. It might limit your orders to user-entered accounts, so your strategy will only move funds from one user-account to another (so your bot cannot run with the money Smiley ).

However, I only release java-sources, so I don't know the javascript frameworks. If you want to look at some part of my sources: https://github.com/ReAzem/cryptocoin-tradelib
, but it still lacks the rule-engine stuff. Don't know if or how I should release it.

If you have a good concept, how to make money of it, let me know.... Wink

Ciao,
Andreas


Ciao Andreas, I'm working in java too and I already implemented the Strategy.java and the Rule.java Wink Thanks for sharing your ideas!

I'm adding a very simple demo bot these days, just to show the usage of the bot. However the loadable rule-set are done with drools here. But I don't have a very simple trading language yet, so the rules still look rather complicated. I looked for a collab to develop a better trading language, but it seems, that noone is interested in such stuff... Sad

Ciao,
Andreas


Hi Andreas!
I'm interested Wink That seems fun!  How can we proceed? lets talk about it out of this thread so we don't go OT
full member
Activity: 182
Merit: 100

Would you consider writing a bot for something besides the Magic: The Gathering of Incompetents exchange?  BTC-e for LTC (read cheapo) traders?
I'm on it. Would you be interested in trying it out?


I probably would as I don't have any real wealth on BTC-e so if it was stolen the crying would be short lived.  Shoot me PM when you have something ready and are ready to hack my computer.  I am rather naive and dumb anyway.
full member
Activity: 224
Merit: 100
One bitcoin to rule them all!
It has to be javascript? We are working on a java lib for trading...

Java is inherently unsecure

Hi Malawi, what do you mean by "inherently unsecure" ? I think that security is barely a property of a language itself. Some languages are more fault-prone than others, however I think this is not the case for java. Could you provide some reference ?

 You can write 'secure' code or 'unsecure' code in pretty much whatever comes to mind Wink

So you wouldn't use a bot only because the language it is written to?

There are found weaknesses/exploits all the time, thats why you get that "Justask" popup more or less every week.
IMHO - Java is fine for many tasks, but not for task that demand high security.

Here in Norway, the banks have publicly announced that you should avoid running java while doing your online banking.
Even found an english link about it - http://theforeigner.no/pages/news/java-issues-prompt-more-norway-warnings/
Pages:
Jump to: