Use other web APIs as well as blockr.io

[chris-belcher]

Quite frankly many people won't be installing Bitcoin Core and sync'ing the entire blockchain before they use JoinMarket. However we can do much better than relying on a single website blockr.io which is owned by coinbase.com to boot.

Insight is an open source blockchain explorer which has a web API. Anyone can run it and there are several public servers running it. Other blockchain explorers could be added to.

The API: https://github.com/bitpay/insight-api/blob/master/README.md

Examples: https://insight.bitpay.com/ https://chain.localbitcoins.com/ https://search.bitaccess.ca/ http://insight.anduck.net/

[chris-belcher]

In practice this is done by writing a subclass of BlockchainInterface. Look in https://github.com/chris-belcher/joinmarket/blob/master/lib/blockchaininterface.py to see how its done for blockr.io and bitcoin core.

It should be a fairly easy addition to do.

It would also be required to find a large list of insight URL instances, JoinMarket should store them and perhaps randomly choose one on startup. Using Bitcoin Core instead of web APIs is hugely preferable, but realistically there will always be some who cant or wont.

[chris-belcher]

blockchain.info API could be used too, to further decentralize the web API services.

The actual web API used should probably be chosen in a deterministic way from hashing something from the wallet, that way only one service learns which addresses are yours, but somebody attempting large scale monitoring has to coerce several services.

In BitcoinCoreInterface there is a similar hashing to create the name of the account.

The pushtx web api does not need to be deterministic, can be randomly chosen anew each time.

[chris-belcher]

In practice you'd create classes for each web api, called InsightInterface, BCIInterface, BlocktrailInterface, BiteasyInterface and so on.

Then there would be a class called WebAPIInterface which does the random choosing of each.

[chris-belcher]

Here are more explorers which might have an API https://chain.com/ and https://live.blockcypher.com/btc/ https://www.blocktrail.com/

[tailsjoin]

I'm no python coder, but may there's something in here we can use for a quick fix until the library is switched (which may or may not provide a different solution): https://github.com/richardkiss/pycoin/blob/master/pycoin/blockchain

[eordano]

Hey @chris-belcher,

I was considering that making the same request to multiple services could be beneficial against a possible malicious or out-of-sync server. Something along the lines of "make the same request to M services, and error if less than N reply the same response" (for example, take the replies from 5 services, and expect at least 4 to reply the same info).

[chris-belcher]

@eordano Thats true, although then multiple services know which addresses are yours and what your IP is. There's a tradeoff with this stuff. Correctness vs amount of people you trust.

In my view the web api services are very unlikely to directly lie to you and it's the privacy issue that's more important.

[chris-belcher]

Another list of blockchain explorers https://docs.google.com/spreadsheets/d/1Ku9Nlo_TwhE_gLX3oDmRURbvc_iB_7j90MyfCG69zLw/edit#gid=0

[chris-belcher]

Another one http://insight.thebit.info/

[chris-belcher]

Also found this page which might contain something new https://en.bitcoin.it/wiki/Category:Block_chain_browsers

[chris-belcher]

With the blockchain.info bug that made people think satoshi's coins were moving, perhaps @eordano's idea about using more than one website should be given more thought.

[chris-belcher]

https://www.reddit.com/r/Bitcoin/comments/3fvoxm/a_list_of_block_explorers_more_than_10/

[chris-belcher]

We could connect to Electrum servers too.

[CohibAA]

I had a maker (temporarily) banned from blockr, I believe because it was making too many requests in a short period of time. It looks like someone was having trouble sending or tumbling and kept trying to use my maker many times in a short period, or maybe multiple takers were active. This resulted in around 8 threads to blockr attempting to get transaction data for non-existent transactions around the same period of time. Eventually blockr stopped responding to my bot, and my bot died. I had to wait about 24 hours before I could use blockr from that IP again (yield-gen and wallet-tool).

I don't know that it will prevent the problem, but I did increase the unconfirm poll period to 20 seconds after this happened, as 5 seemed very spammy, but I think this increases the risk of other bad behavior causing a crash so I don't know that it's worth doing a PR. It's probably just another item to add to the reasons blockr sucks and we should implement alternatives and push using bitcoind rpc when possible.

[chris-belcher]

Yikes. Banned from blockr.io Historically that API was good because it also had testnet.

Well even though this issue is labelled as Medium, its not very hard. You can essentially copypaste the existing code and change the URL to another site and it should work. Better yet, write it in an OOP way where code doesn't have to be copypasted.

[lacksfish]

See pull request #481