I am trying to use the bitcoin-ruby gem to create a new address for payment transactions from my public Bitcoin Address.
I am able to use the pubkey_to_address method to do this. However, each time I run the method the resulting address, payment_address, is the same. Services such as blockchain.info return a different address each time which is more consistent with my requirement.
Bitcoin-ruby github reference
https://github.com/lian/bitcoin-ruby/blob/master/lib/bitcoin.rb#L128
My Code is below
require 'bitcoin'
ORIGIN_ADDRESS = "1BjxMfaBpsXu8AnAA44TTgopWuE6QamvCQ"
payment_address = Bitcoin::pubkey_to_address(ORIGIN_ADDRESS)
puts payment_address
# => "171GYkox1rWqNf8skyK2Aw9EAnVJ1wPwKf"
With #Thilo's feedback I now understand this. The services that I had been using were abstracting the fact that the were generating new "receiver" address with new private key that automatically forwards back to the Bitcoin address I provided them when a transaction was confirmed on block chain.
As Thilo points out, I should use new pub/priv key for each transaction and keep the priv key offline if at all possible. This priv key can then be used for future Bitcoin transactions against funds paid to the public address.
I'm getting there.. thanks
I had a similar issue to what you had. Try doing this:
def gen_address
ORIGIN_ADDRESS = "1BjxMfaBpsXu8AnAA44TTgopWuE6QamvCQ"
return Bitcoin::pubkey_to_address(ORIGIN_ADDRESS)
end
puts gen_address()
(There might be a syntax error, but the code should be something like this).
Let me know if this doesnt work.
Related
I'm starting to use whoisrb and I'm noticing domains from some registrars return nil contact information.
For example:
domain_name = ARGV[0]
r = Whois.whois(domain_name)
t=r.registrant_contact
if t == nil
puts 'Registrant Contact is empty.'
end
Will return "Registrant Contact is empty." Trying to access the contact attributes results in an error, like undefined method 'id' for nil:NilClass (NoMethodError).
If I check the raw record that's being returned, puts r, I can see it's getting the thick record, so the contact information is there in the unparsed raw record.
The two registrars I've noticed this for, so far, are onlinenic.com and namesilo.com. If you try to run whois for those two domains, you'll see what I mean.
I'm checking the ICANN compliant sample here:
https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en#whois
against onlinenic.com and namesilo.com, and I don't see any substantial differences (maybe I'm missing something, though).
Any ideas why it's having trouble parsing these, or pointers on what I could check to fix it? Thanks.
It happens when the registrar has no parser associated, or the parser doesn't have the definition required to parse the contacts.
In other words, unless a parser exists, it's possible that the registrar details are in the response but the library can't find them.
In that case, the solution is to either add/update the parser corresponding to the specific registrar/registry.
Since this behavior is confusing to whoever is not familiar with the internals of the library, also note that the new release 4 will raise an error in this case (instead of silently returning nil). In this way it will be clear when the value is nil vs the value is unknown.
r = Whois.whois(domain_name)
The r here is a Whois::Record object and you can find the available methods here. registrant_contact is not one of them. You probably have to parse it out yourself.
I am attemping to create an object from a class. But the objects will be created when they are needed.. Code below a bit hard to explain
incoming_message = #message sent though inter webs
class Repeater
def initialize(username, ip)
#repeat incoming message to back to ip
end
end
incoming_message = Repeater.new(user, ip)
Now I can't do that Becuase incoming_message is not a constant.
How would I get around this?
EDIT:
To clear things up a bit. I do need to use this class to create multiple objects with diffrent names. The repeater is for a chat server where an incoming message from 1 user is taken in then sent back out all of the clients connected. Each new client that connects would have a object created with that specific IP address so that messages from others can be send to the client.
It would take in messages from the other users by everyone sending to the server on the same port read the message then write to clients what it received...
I hope this helped sorry for all the confusion :)
If you want to maintain some kind of global class-level state, you should define a class-level accessor on Repeater that you can assign your repeating message to.
class Repeater
class << self
attr_accessor :incoming_message
end
def initialize(username, ip)
# repeat Repeater.incoming_message to back to ip
end
end
Repeater.incoming_message = "what"
Repeater.new(user, ip)
You need to use some parsing + serialization . Can they wire an already serialized/marshalled string?
1) convert the ruby code to yaml or json
2) use the json or yaml load method like myobj = YAML.load(new_yaml_string)
or
save it in another file called input and do a
require 'input'
create object of repeater
I recently came across a situation where I absolutely needed to use the method OpenSSL::PKey::RSA#params. However, the doc says the following:
THIS METHOD IS INSECURE, PRIVATE INFORMATION CAN LEAK OUT!!!
...
Don’t use :-)) (It’s up to you)
What does this mean? How is the private key normally protected within the instance of the RSA key and how is this different from any regular object?
Can I prevent information from leaking by doing something like this, where the method is only accessed within a lambda:
private_key = OpenSSL::PKey::RSA.generate(2048)
save_private = lambda do
key = OpenSSL::Digest::SHA512.new.digest("password")
aes = OpenSSL::Cipher.new("AES-256-CFB")
iv = OpenSSL::Random.random_bytes(aes.iv_len)
aes.encrypt
aes.key, aes.iv = key, iv
aes.update(private_key.params.to_s) + aes.final
end
private_enc, save_private = save_private.call, nil
Also, if this security problem has anything to do with variables lingering in memory awaiting GC, can forcing garbage collection make things more secure?
GC.start
Thanks in advance to anybody who can clear this up.
It seems to give away information of the private key. The key components need to be available to perform any signing operation or decryption so normally the key information is in memory in the clear. Obviously if you retrieve it you must make sure that you keep it safe. I presume that this is where the warning comes in.
You can do all kinds of things like encrypting the private key parameters, but then you get to a point where you have to store the decryption key. Basically this will end up being impossible to solve without an external system (or a person keeping a password).
I use tweetstream gem to get sample tweets from Twitter Streaming API:
TweetStream.configure do |config|
config.username = 'my_username'
config.password = 'my_password'
config.auth_method = :basic
end
#client = TweetStream::Client.new
#client.sample do |status|
puts "#{status.text}"
end
However, this script will stop printing out tweets after about 100 tweets (the script continues to run). What could be the problem?
The Twitter Search API sets certain arbitrary (from the outside) limits for things, from the docs:
GET statuses/:id/retweeted_by Show user objects of up to 100 members who retweeted the status.
From the gem, the code for the method is:
# Returns a random sample of all public statuses. The default access level
# provides a small proportion of the Firehose. The "Gardenhose" access
# level provides a proportion more suitable for data mining and
# research applications that desire a larger proportion to be statistically
# significant sample.
def sample(query_parameters = {}, &block)
start('statuses/sample', query_parameters, &block)
end
I checked the API docs but don't see an entry for 'statuses/sample', but looking at the one above I'm assuming you've reached 100 of whatever statuses/xxx has been accessed.
Also, correct me if I'm wrong, but I believe Twitter no longer accepts basic auth and you must use an OAuth key. If this is so, then that means you're unauthenticated, and the search API will also limit you in other ways too, see https://dev.twitter.com/docs/rate-limiting
Hope that helps.
Ok, I made a mistake there, I was looking at the search API when I should've been looking at the streaming API (my apologies), but it's possible some of the things I was talking about could be the cause of your problems so I'll leave it up. Twitter definitely has moved away from basic auth, so I'd try resolving that first, see:
https://dev.twitter.com/docs/auth/oauth/faq
I'm running rails3 with rails exception-notifier gem. When an exception occurs, and an email should be sent, I'm getting an exception from the ParameterFilter class. I've found the problem in the rails source, and am not sure the best way to proceed.
The problem occurs in ActionDispatch::Http::ParameterFilter. In the compiled_filter method, an error occurs on line 38: key = key.dup when key is a symbol, because symbols are not duplicable. Here is the source:
def compiled_filter
...
elsif blocks.present?
key = key.dup
value = value.dup if value.duplicable?
blocks.each { |b| b.call(key, value) }
end
I see that they only call dup on value when it is duplicable. If I patch the source to only call dup on key when key is duplicable, then my problem goes away. I'm assuming there is a reason why the author put that condition on value and not key, so I'm curious if someone out there has a better understanding of this code.
This error only occurs when you add a block to your filter params in application.rb. So, maybe there is a workaround for my original issue that does not require using a block here. If you're interested see my coworker's question Rails: Filter sensitive data in JSON parameter from logs
The key for which this is a problem is :action. This comes from rails and I don't know if there is any way to force it to be a string instead.
I filed a rails bug https://rails.lighthouseapp.com/projects/8994/tickets/6557-symbol-duplication-error-in-parameterfilter-compiled_filter and I have a patch ready that adds if key.duplicable? to the key.dup line, I'm looking for input on whether or not that is the right solution.
This looks like a bug in Rails. Either the key should be a string rather than a symbol, or the dup should be protected by duplicable?.
You should file a bug at https://rails.lighthouseapp.com/, including a minimal test case if possible.