Pages:
Author

Topic: [NXT] API 2 Brainstorming - page 2. (Read 5024 times)

full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 10, 2014, 07:30:09 AM
#38
I think it would need to have an API to see if an account is or not forging.

isForging(ACCOUNTID) = Boolean(True/False)

Forging is an interesting issue as I think it's technically in what I refer to as the Client supporting servlet (lock and unlock) and not the api. So, I'm not sure how forging will be handled.

I put generateBlock and a placeholder for a call to determine when an account could try to generate a block.

C-f-B?
sr. member
Activity: 308
Merit: 250
January 10, 2014, 03:57:19 AM
#37
Api call to see number of peers that accepted a transaction. This allows us to set a good value for pushTreshold.
member
Activity: 112
Merit: 10
January 10, 2014, 12:11:30 AM
#36
I think it would need to have an API to see if an account is or not forging.

isForging(ACCOUNTID) = Boolean(True/False)
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 04:23:18 PM
#35
What is the advantage of moving the crypto from server to client?
On the contrary, wouldn't it be better to even have the secret input dialog in the core, so that clients don't even get access to it?

Service Providers will earn money by working as public nodes. And casual users won't need to install Java and NRS server part.
full member
Activity: 224
Merit: 100
January 09, 2014, 04:22:05 PM
#34
So, all of the APIs that currently have a secretPhrase need a variation that assumes the client does their own crypto.

It seems like a bounty project in itself to implement NXT client libraries that do the crypto in different languages.

Seems so. Anyway, Legacy API will be supported too. For the time being.

What is the advantage of moving the crypto from server to client?
On the contrary, wouldn't it be better to even have the secret input dialog in the core, so that clients don't even get access to it?
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 04:16:23 PM
#33
So, all of the APIs that currently have a secretPhrase need a variation that assumes the client does their own crypto.

It seems like a bounty project in itself to implement NXT client libraries that do the crypto in different languages.

Seems so. Anyway, Legacy API will be supported too. For the time being.
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 03:45:54 PM
#32
When the client signs the transaction, there is no need to send the SECRET, right?

Right

So, all of the APIs that currently have a secretPhrase need a variation that assumes the client does their own crypto.

It seems like a bounty project in itself to implement NXT client libraries that do the crypto in different languages.
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 03:32:53 PM
#31
Right
full member
Activity: 224
Merit: 100
January 09, 2014, 03:31:04 PM
#30
Would a public/private key encryption for the SECRET make sense? Since we'll never have valid SSL certificates?

-Client requests public key from server
-Server send public key to client
-Client enrcrypts SECRET with servers public key. SECRET -> ESECRET
-Client can send commands with parameter SECRET or ESECRET
-Server decrypts ESECRET to SECRET and does the sendMoney, etc.


Clients must sign transactions by themselves.

I was looking for a way to get the plain text secret off the communcation channel between client and server.

If you currently use sendMoney, assignAlias, getAccountId, etc. the SECRET is in plain text and my idea was to prevent this. Won't these calls be available in API v2?

When the client signs the transaction, there is no need to send the SECRET, right?
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 03:08:43 PM
#29
oh yeah, it can get the timestamp of each block to determine direction. smart...

Not smart, just lazy. Smiley
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 03:06:32 PM
#28
getPreviousBlocks(start, end)
getNextBlocks(start, end)

Can't it be replaced with just

getBlocks(start, end)

?

We could do something similar with:
getNextBlock(current)
getPreviousBlock(current)

getBlock(offset) - where offset is plus/minus.

Although for APIs I like the literal stuff like getNextBlock(current).
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 03:02:56 PM
#27
getPreviousBlocks(start, end)
getNextBlocks(start, end)

Can't it be replaced with just

getBlocks(start, end)

?

oh yeah, it can get the timestamp of each block to determine direction. smart...
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 03:00:10 PM
#26
Would a public/private key encryption for the SECRET make sense? Since we'll never have valid SSL certificates?

-Client requests public key from server
-Server send public key to client
-Client enrcrypts SECRET with servers public key. SECRET -> ESECRET
-Client can send commands with parameter SECRET or ESECRET
-Server decrypts ESECRET to SECRET and does the sendMoney, etc.


Clients must sign transactions by themselves.
legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 02:59:37 PM
#25
getPreviousBlocks(start, end)
getNextBlocks(start, end)

Can't it be replaced with just

getBlocks(start, end)

?
full member
Activity: 224
Merit: 100
January 09, 2014, 02:53:46 PM
#24
Would a public/private key encryption for the SECRET make sense? Since we'll never have valid SSL certificates?

-Client requests public key from server
-Server send public key to client
-Client enrcrypts SECRET with servers public key. SECRET -> ESECRET
-Client can send commands with parameter SECRET or ESECRET
-Server decrypts ESECRET to SECRET and does the sendMoney, etc.




full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 02:08:17 PM
#23
Another thing that would be nice is REST urls for the api instead "nxt?requestType". This helps simplify movement to a new api while supporting the old for a while.

Examples:

GET /api/block/2680262203532249785
GET /api/block/list?start=2680262203532249785&end=3705873229391760257

GET /api/account/id?secret=SECRET
GET /api/account/balance
GET /api/account/aliases

GET /api/hallmark/encode?secret=SECRET&weight=100&date=2014-1-9&host=nxt.awesome.is

POST /api/payment/send
POST /api/alias/assign

This style would also make the list of API calls much smaller by condensing them.
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 01:51:12 PM
#22
For the high level, batch payments?

sendMultiplePayments via POST with json.

Personally I think sendMoney and anything involving creating transactions should be POST.
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 01:37:25 PM
#21
While we're at high level stuff... how about some blockchain walking calls?

getNextBlock
getPreviousBlock


How the server will know what the current block is?

Another set of cool ones would be getting a range:

getPreviousBlocks(start, end)
getNextBlocks(start, end)
full member
Activity: 168
Merit: 100
IDEX - LIVE Real-time DEX
January 09, 2014, 01:34:24 PM
#20
While we're at high level stuff... how about some blockchain walking calls?

getNextBlock
getPreviousBlock


How the server will know what the current block is?

Pass it in. So you could walk with this pseudo code:

Code:

last = getLastBlock
while last
  last = getPreviousBlock(last)
end

next = getFirstBlock
while next
 next = getNextBlock(next)
end

legendary
Activity: 2142
Merit: 1010
Newbie
January 09, 2014, 01:23:48 PM
#19
While we're at high level stuff... how about some blockchain walking calls?

getNextBlock
getPreviousBlock


How the server will know what the current block is?
Pages:
Jump to: