Bitcoin

Transaction Malleability: No Shortcuts Allowed

Leave a comment

The past couple days have been a roller coaster of events for the bitcoin world. First, MtGox suspended bitcoin withdrawals for a bitcoin “design issue that has been largely ignored”. Attackers took note of this and begin running malicious nodes to increase the frequency of the attack. To handle the network attacks, other big exchanges like Bitstamp temporarily suspended bitcoin withdrawals as well, while some businesses remain unaffected and continue operations as normal.

So, what have we learned?

Continue reading

Coinvoice

Coinvoice begins processing payments from BTC to USD

1 Comment

Coinvoice has added the ability for merchants to have their customers pay in BTC and receive a USD payout, similar to other BTC payment processors.  This means that Coinvoice merchants can bill their customers in BTC and receive USD or bill in USD and receive BTC.  Our goal is to provide the most flexible set of payment options for merchants so they can focus on making sales rather than converting between BTC and USD.

Coinvoice BTC invoice step 1

Continue reading

Bitcoin, btcd, cryptocurrencies

Redecentralization: building a robust cryptocurrency developer network

11 Comments

As it was originally proposed by Satoshi Nakamoto, Bitcoin was conceived of as a peer-to-peer system that was fundamentally decentralized.  Many past and current discussions about the future of Bitcoin acknowledge that too much centralization is a threat to the Bitcoin network.  To some extent this process of avoiding centralization has been successful, but in several key areas it has not been very successful and it is in need of redecentralization.  The most pressing case for redecentralization in Bitcoin (and cryptocurrencies more generally) is the current development community:

  • the number of developers who have experience developing cryptocurrencies is very low, I would estimate there are less than 100 such developers
  • the majority of the developers are located in the US and other “Western” nations
  • the developer incentive structure with successful cryptocurrencies creates conflicts of interest

In what follows, I propose solutions to these issues cited above.  Since we develop our own full-node Bitcoin implementation, btcd, the criticism of the developer community status quo that follows applies not only to other developers, but also our developers who work on btcd.

Continue reading

Bitcoin, btcd, Golang

Deslugging in Go with pprof: btcd

Leave a comment

As btcd nears completion we decided to have at least one round of deslugging because we were much slower then bitcoind during chain download. Let me clarify that term for the ones that don’t know what that means. Deslugging is the art of measuring (or profiling) run times of individual functions, determining which ones are slugs and which ones could be optimized. Armed with that data one attacks said functions to see if there are some less then optimal algorithms. Surprisingly enough, this is often the case. An industry truism is “measuring is knowing” and attacking functions based on gut feeling often does not yield satisfying results. As always with these exercises, some things work and some don’t. Throughout this blog I’d like to walk our readers through some optimizations that succeeded, and one, objectively, failed attempt.

Continue reading

Bitcoin, Golang

btcwallet and btcgui: Wallet handling for btcd

6 Comments

Today Conformal is announcing alpha releases of btcwallet and btcgui, the wallet components of btcd, written in Go. We announced in a recent blog post that btcd, our full node Bitcoin implementation, was ready for public testing. We also announced that wallet functionality was being implemented separately and would be coming in the near future. Although our wallet daemon and GUI interface are not yet ready for production use, we feel they have progressed to the point where early adopters can begin testing their functionality on the Bitcoin Testnet network.

Our btcd blog post briefly discussed why wallet functionality is not a part of btcd. It highlighted various reasons why we believe separating wallet handling from blockchain handling improves on the integrated wallet design used by bitcoind and bitcoin-qt. This post will continue on that topic, further exploring the details of why a multiprocess wallet design was chosen, how such a design is beneficial to the Bitcoin community as a whole, and the implementation details this design.
Continue reading

Bitcoin, btcd, Golang

btcd: Not your mom’s Bitcoin daemon

21 Comments

We are pleased to announce that btcd, our full-node bitcoind alternative written in Go, is finally ready for public testing!

The installation instructions and source code can be found on github at:

https://github.com/conformal/btcd

A Brief History

Back in May, we first announced our plans to release btcd. A week later we released our first core package from btcd, btcwire, and announced our plans to continue releasing the component packages of btcd in a staggered fashion.

Over the next month, we released btcjson, btcdb, and btcscript. Then in mid-July we released btcchain at which time we announced btcd was next. At that point, btcd had most of the core bits and we figured we’d be releasing it within a few weeks. Well, as you have no doubt noticed, it is now 10 weeks later…
Continue reading

Coinvoice

Coinvoice: Invoice in USD, receive BTC

2 Comments

Coinvoice logo

I am excited to announce Coinvoice, a new Bitcoin payment processing service that allows businesses to invoice for goods and services worldwide in U.S. Dollars (USD) and get paid in Bitcoins (BTC). Coinvoice makes it easy for any merchant to receive BTC without them or their customers having to worry about the infrastructure necessary to conduct and process these transactions. So long as the merchant’s customers can pay in USD via wire transfer, certified check or money order, Coinvoice will pay out to the merchant in BTC.

The idea for Coinvoice arose out of a handful of conversations I had regarding Bitcoins and receiving payment for invoices using cryptocurrencies more generally. I had remarked to one of my associates that “it would be great to take payment for invoices in BTC”, but I acknowledged that it was a serious pain point to dictate to all of your customers “now you need to go get BTC to pay me”. Then I went on to suggest I would be willing to give a discount on the invoice amount if they paid in BTC, and the seed for Coinvoice was sowed.

settle payments in BTC

settle payments in BTC

Beyond making a business out of the scenario I described above, Coinvoice is meant to fulfill a vital need in the Bitcoin economy: putting BTC in the hands of business owners with less friction. Enabling businesses to more easily access BTC is overall a positive thing for the Bitcoin economy, and it will have positive secondary effects, e.g. more customers for sites that accept direct BTC payments. More generically, Coinvoice is meant to enable payment settlement from USD to BTC, whereas most existing payment processing services are built to facilitate settlement from BTC to USD or solely in BTC.

Our target audience with Coinvoice is pretty much any business that wants to have customers pay in USD and ultimately receive BTC as payment for goods and services. A few examples of the kinds of businesses I’m talking about are:

  • IT contractor that invoices for their work at the end of each month
  • Chinese manufacturer that sells goods in the US
  • Vanuatu IBC that licenses intellectual property in the US

Coinvoice is meant to be used in a “traditional” business setting where invoices are issued and paid a number of days afterwards.

We are looking forward to enabling businesses to settle payments in BTC and helping grow the larger Bitcoin ecosystem. Coinvoice provides you with a safe, private, reliable and secure way for your business to receive BTC.

Bitcoin, btcd

btcchain: The bitcoin chain package from btcd

4 Comments

As all of you following our blog are aware, we have previously released several bitcoin-related packages (btcwire, btcjson, btcutil, btcdb, btcec, and btcscript) on our way towards the full release of btcd.

We are happy to announce our next package from btcd. The package is named btcchain and it implements the bitcoin block handling and chain selection rules. The code can be reviewed on github here:

https://github.com/conformal/btcchain

Overall Package Design

The bitcoin block handling and chain selection rules are an integral, and quite likely the most important, part of bitcoin. Unfortunately, at the time of this writing, these rules are also largely undocumented and had to be ascertained from the bitcoind source code. At its core, bitcoin is a distributed consensus of which blocks are valid and which ones will comprise the main block chain (public ledger) that ultimately determines accepted transactions, so it is extremely important that fully validating nodes agree on all rules.
Continue reading

Bitcoin, Golang

gotk3: GTK3 the Go way!

14 Comments

Today marks the first release of gotk3, Conformal’s own GTK3 bindings for Go (available on Github here). These bindings were developed out of a frustration with other GTK bindings for Go either using ancient versions of GTK, not handling memory in a way a Go developer would expect, or simply not working at all on our developers’ OpenBSD and Bitrig machines. gotk3 is Conformal’s response to these issues and attempts to be the best solution for developing new GTK applications with Go.

One of the goals for developing gotk3 was to perform memory management in a very Go-like manner. Like many libraries which must handle memory management manually due to the language they are implemented with, GLib (and GTK which uses it) uses reference counting to determine when an object will never again be used and is ready to be freed, releasing the memory resources it required back to the operating system. However, GLib chooses not to use traditional reference counting, but instead uses a quirky variant called “floating references” to achieve this goal. The rest of this post will cover what floating references do, why they exist, and how gotk3 works around this design to handle memory the way a Go developer expects.

Continue reading

security

HTTPS safe? maybe not!

2 Comments

At Conformal, we keep up with the most secure cryptography technologies available and implement these technologies into our products and services whenever possible. However, we consider ourselves the minority in this practice, with most other sites only offering the bare minimum in terms of security. Amid the recent PRISM leaks, more and more attention has been drawn towards mass acceptance of one such technology, known as Perfect Forward Secrecy (hereforth referred to as PFS). This blog post will cover how HTTPS without PFS fails to protect today’s communication against tomorrow’s attacks, how PFS is able to prevent against these attacks, and the current state of PFS on the web and Conformal’s servers.

Continue reading