Pages:
Author

Topic: New, simple online wallet: www.instawallet.org - no signup required - page 7. (Read 28908 times)

jav
sr. member
Activity: 249
Merit: 251
Instawallet just moved to a new server! Response times should be much better now. :-)
sr. member
Activity: 294
Merit: 252
Here's the class I wrote to interact with the API. Anyone can feel free to use/modify this. http://pastebin.com/ceaBBnGX

edit... I take that back, it wasn't the problem. Here is what I get from netcat:

Quote
Connection from 127.0.0.1 port 8080 [tcp/http-alt] accepted
POST /api/v1/w/tDd7m55Pf87SMQIsAeak3g/payment HTTP/1.1
amount: 50000000
address: 1AFLxpKwd549Vq6oeC3cHiCJ6WZwRF4yL4
User-Agent: Java/1.6.0_26
Host: 127.0.0.1:8080
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive

I think I see what's going on. In your code you use setRequestProperty which - as far as I can tell - is used to set an extra HTTP header. But for a HTTP POST call you need to send the arguments in the body of the request. It should look something like this:

Quote
POST /api/v1/w/2D3Yv-eNQQ3tbcb3oll_GQ/payment HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Host: 127.0.0.1:8080
User-Agent: Python-urllib/1.17

amount=123&address=1AFLxpKwd549Vq6oeC3cHiCJ6WZwRF4yL4

Here is some example code, which puts together a POST call: http://www.exampledepot.com/egs/java.net/Post.html . That example code also uses URLEncoder.encode() to encode the arguments, although since this will always only be Bitcoin addresses and numbers I guess it isn't really necessary.

D'oh, thanks. When I get it working I'll update the pastebin... If you want to use that code for whatever reason, feel free.
jav
sr. member
Activity: 249
Merit: 251
Here's the class I wrote to interact with the API. Anyone can feel free to use/modify this. http://pastebin.com/ceaBBnGX

edit... I take that back, it wasn't the problem. Here is what I get from netcat:

Quote
Connection from 127.0.0.1 port 8080 [tcp/http-alt] accepted
POST /api/v1/w/tDd7m55Pf87SMQIsAeak3g/payment HTTP/1.1
amount: 50000000
address: 1AFLxpKwd549Vq6oeC3cHiCJ6WZwRF4yL4
User-Agent: Java/1.6.0_26
Host: 127.0.0.1:8080
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive

I think I see what's going on. In your code you use setRequestProperty which - as far as I can tell - is used to set an extra HTTP header. But for a HTTP POST call you need to send the arguments in the body of the request. It should look something like this:

Quote
POST /api/v1/w/2D3Yv-eNQQ3tbcb3oll_GQ/payment HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Host: 127.0.0.1:8080
User-Agent: Python-urllib/1.17

amount=123&address=1AFLxpKwd549Vq6oeC3cHiCJ6WZwRF4yL4

Here is some example code, which puts together a POST call: http://www.exampledepot.com/egs/java.net/Post.html . That example code also uses URLEncoder.encode() to encode the arguments, although since this will always only be Bitcoin addresses and numbers I guess it isn't really necessary.
hero member
Activity: 714
Merit: 500
sr. member
Activity: 294
Merit: 252
I'm using Java. Now that I think of it, I am having trouble communicating with BitcoinD as well, so maybe it is due to my lack of familiarity with the language. Does your server need a specific content type set in the request or anything? I know I'm doing a POST and setting the request parameters.

There is no specific check for the content type, no. Hard to tell what's going on.  I just tested the Python client again and here the payment command works. If you like, you can post the relevant part of your Java source code here (probably also interesting to other people developing against the API) or send me a PM with it and I can see if I can figure out what's going on.

It might also be interesting to have a look at the actual request being sent. So I would either use something like Wireshark to have a look at what is send to the server or alternatively run a dummy server (easy on Linux with for example netcat - just do "netcat -l -p 8080 -vv" and it will listen on port 8080 for TCP connections) and then have your code connect to that (set the URL to "http://127.0.0.1:8080/") and see what netcat displays.

Here's what I get with netcat:

Quote
Connection from 127.0.0.1 port 8080 [tcp/http-alt] accepted
POST /api/v1/w/tDd7m55Pf87SMQIsAeak3g/payment HTTP/1.1
amount: 50000000
address: walletId
User-Agent: Java/1.6.0_26
Host: 127.0.0.1:8080
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive

I realized that it's because I wasn't sending you a Bitcoin address, I was sending you an Instawallet id... Maybe the message sent back should have been "malformed address"?

Here's the class I wrote to interact with the API. Anyone can feel free to use/modify this. http://pastebin.com/ceaBBnGX

edit... I take that back, it wasn't the problem. Here is what I get from netcat:

Quote
Connection from 127.0.0.1 port 8080 [tcp/http-alt] accepted
POST /api/v1/w/tDd7m55Pf87SMQIsAeak3g/payment HTTP/1.1
amount: 50000000
address: 1AFLxpKwd549Vq6oeC3cHiCJ6WZwRF4yL4
User-Agent: Java/1.6.0_26
Host: 127.0.0.1:8080
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive

Here is what I get from Instawallet:

Quote
{"successful": false, "message": "Please provide a Bitcoin address.", "message_code": 2}
jav
sr. member
Activity: 249
Merit: 251
I'm using Java. Now that I think of it, I am having trouble communicating with BitcoinD as well, so maybe it is due to my lack of familiarity with the language. Does your server need a specific content type set in the request or anything? I know I'm doing a POST and setting the request parameters.

There is no specific check for the content type, no. Hard to tell what's going on.  I just tested the Python client again and here the payment command works. If you like, you can post the relevant part of your Java source code here (probably also interesting to other people developing against the API) or send me a PM with it and I can see if I can figure out what's going on.

It might also be interesting to have a look at the actual request being sent. So I would either use something like Wireshark to have a look at what is send to the server or alternatively run a dummy server (easy on Linux with for example netcat - just do "netcat -l -p 8080 -vv" and it will listen on port 8080 for TCP connections) and then have your code connect to that (set the URL to "http://127.0.0.1:8080/") and see what netcat displays.
sr. member
Activity: 294
Merit: 252
Running into problems with the API. Every time I try to make a payment I get "2: Specify an address". Any ideas?

What tool or programming language are you using to access the API? Sounds like the "address" parameter is somehow not transmitted or maybe none of the parameters. It needs to be an HTTP POST call - so depending on how you go about this, you might have to switch your tool or library into HTTP POST mode. The sample client shows how to do that in Python: https://github.com/javgh/iw-console/blob/master/iw-console.py .

I'm using Java. Now that I think of it, I am having trouble communicating with BitcoinD as well, so maybe it is due to my lack of familiarity with the language. Does your server need a specific content type set in the request or anything? I know I'm doing a POST and setting the request parameters.
jav
sr. member
Activity: 249
Merit: 251
Running into problems with the API. Every time I try to make a payment I get "2: Specify an address". Any ideas?

What tool or programming language are you using to access the API? Sounds like the "address" parameter is somehow not transmitted or maybe none of the parameters. It needs to be an HTTP POST call - so depending on how you go about this, you might have to switch your tool or library into HTTP POST mode. The sample client shows how to do that in Python: https://github.com/javgh/iw-console/blob/master/iw-console.py .
sr. member
Activity: 294
Merit: 252
Jav,

Running into problems with the API. Every time I try to make a payment I get "2: Specify an address". Any ideas?
sr. member
Activity: 322
Merit: 251
FirstBits: 168Bc
I don't go out of my way to _not_ log users, which means that typical settings are in effect on the server... URLs are generated randomly and have no special connection to the Bitcoin address. The link between them is stored in a database... If you make two payments from your private wallet, it might be possible to link them using the block chain. If you do the same with Instawallet, it can always be argued that the second payment was some other Instawallet user (as to the outside, Instawallet just looks like one large wallet)... Of course if someone has access to Instawallets logs - like I mentioned above - they can get the IP address that initiated the payment. Using Tor could be an option here, to hide your real IP from that.

Thanks. Perhaps you could summarize these points in the FAQ
hero member
Activity: 714
Merit: 500
jav
sr. member
Activity: 249
Merit: 251
Jav, how's redevelopment going?

Slow, I'm afraid. My new job keeps me pretty busy.

So I came up with a blurb about Bitcoin that goes on the front of a business card, and on the back will go a unique Instawallet account. I'm creating a tool using the API to create, fill, and print the accounts, and I'm getting a lot of 504 errors, which makes creating new wallets very slow. Is there any way that developers could sign up for an API key or something, allowing bypass of normal rate limits?

Cool to hear Instawallet being used in this way! Unfortunately I can't lift the rate limits for you as there aren't any rate limits. Just a smallish server with too much load. But I am planning on switching to a new server fairly soon, so that should hopefully help!

Hi Jav, I understand Instawallet comes as-is with no warranty express or implied. However, I'm just curious about your logging practice. Do you associate IP addresses with URL/BTC addresses? Is the session stored entirely client side or does your server remember some key shared with the browser cookie? Are URLs derived from BTC addresses, vise versa or are they both just columns in the same database row?

I don't go out of my way to _not_ log users, which means that typical settings are in effect on the server - for example the webserver records a log file which could be used to associate IP addresses with Instawallet URLs.
Cookies aren't used anymore (in the beginning they were used to store the last visited Instawallet, but I have since changed that). So the site doesn't track any specific sessions - the URL is the only identifier needed and it's available as part of every request.
URLs are generated randomly and have no special connection to the Bitcoin address. The link between them is stored in a database, like you said.

I'm curious about this for a number of reasons but in particular I'm wondering if Instawallet helps scramble identity and is thus useful in preserving some anonymity?

I do think Instawallet can be a useful tool to increase anonymity. If you make two payments from your private wallet, it might be possible to link them using the block chain. If you do the same with Instawallet, it can always be argued that the second payment was some other Instawallet user (as to the outside, Instawallet just looks like one large wallet).

Of course if someone has access to Instawallets logs - like I mentioned above - they can get the IP address that initiated the payment. Using Tor could be an option here, to hide your real IP from that.
sr. member
Activity: 322
Merit: 251
FirstBits: 168Bc
Hi Jav, I understand Instawallet comes as-is with no warranty express or implied. However, I'm just curious about your logging practice. Do you associate IP addresses with URL/BTC addresses? Is the session stored entirely client side or does your server remember some key shared with the browser cookie? Are URLs derived from BTC addresses, vise versa or are they both just columns in the same database row?

I'm curious about this for a number of reasons but in particular I'm wondering if Instawallet helps scramble identity and is thus useful in preserving some anonymity?
sr. member
Activity: 294
Merit: 252
Jav, how's redevelopment going?

I've previously been using BitBills for introducing Bitcoins to people (leaving for tips, etc), but I wasn't happy because it was too difficult to spend them. After a friend that was interested in Bitcoin, but not technologically savvy paid for a breakfast and I gave them a pre-filled Instawallet account in return, it struck me as the solution to my BitBill problem. So I came up with a blurb about Bitcoin that goes on the front of a business card, and on the back will go a unique Instawallet account. I'm creating a tool using the API to create, fill, and print the accounts, and I'm getting a lot of 504 errors, which makes creating new wallets very slow. Is there any way that developers could sign up for an API key or something, allowing bypass of normal rate limits?
jav
sr. member
Activity: 249
Merit: 251
Thanks a lot guys, for all the kind words! I hope I can continue to provide a good service. I apologize for the site being slow from time to time at the moment. I am planning a complete rewrite of the back end to prepare the site for much higher loads which, as soon as I can complete it, should hopefully solve these problems.
full member
Activity: 140
Merit: 100
instawallet and vibanko are the ones we enjoy using personally for small amounts on the ipad
hero member
Activity: 836
Merit: 1007
"How do you eat an elephant? One bit at a time..."
I've been using this site for a few months and have been extremely impressed. That said, it's still not intended to be used for significant amounts of money. Don't store your savings there.

Agreed, not for large amounts or as your main place to keep bitcoins... but I have some BTC on an instawallet on my iPhone, and it works really, really well.

Agreed. See:

A Simple Wallet Solution for iPhone
http://bitcointraining.wordpress.com/2011/07/05/simple-wallet-solution-for-iphone/
legendary
Activity: 1106
Merit: 1001
I've been using this site for a few months and have been extremely impressed. That said, it's still not intended to be used for significant amounts of money. Don't store your savings there.

Agreed, not for large amounts or as your main place to keep bitcoins... but I have some BTC on an instawallet on my iPhone, and it works really, really well.
legendary
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
I've been using this site for a few months and have been extremely impressed. That said, it's still not intended to be used for significant amounts of money. Don't store your savings there.
newbie
Activity: 36
Merit: 0
Cool stuff jav, thanks a lot! Stuff like this is what the bitcoin community really needs.
Pages:
Jump to: