Closed wethinkagile closed 7 years ago
The other offers in point 2 are the flash return rate offers in the market. They're the offers that you see on Bitfinex. Harmonia only keeps one offer active per process.
Here are simple examples to illustrate the points:
Do you currently send out manual offers? If you do, what is your logic when you send the offers?
I do not currently have plans to cryptographically hash the credentials. If it isn't clear, the "credentials" are the API keys. By using the API, you can't do things like trigger withdrawals. So, it's somewhat safer than using the actual username/password credentials. Harmonia is intended to be run on a trusted host in a jailed/container environment. If the API keys were cryptographically hashed, you would still need the cryptographic key to decrypt the API keys. I am pretty sure the API keys are sent each time an order is sent, so they need to be available whenever new deposit currency becomes available. If you know that API keys are somehow only used to establish a session, please correct me. However, even if the keys are used to maintain some HTTPS socket, the API keys would need to be available in the event of a socket disruption (lost ISP connectivity, etc.). It strikes me as too much hassle to have to repeatedly enter API keys in that case. Just keep the process in a jail and run it as a regular user with a non-trivial password. Does this make sense?
Thanks evdubs for the reply and extented explanation. Also congrats on the bot, it works great and the code is neat and no malware in it. On the security front, maybe there is a way for the exchange to combine API access with YubiKey technology or else; until then a VM will have to suffice, I guess.
Regarding the 3 "rules" of harmonia under which it operates; I think I fully understand them now. Rule 1&2 make sense given that FRR is most of the time the rate you want to hit.
1.) Does the Auto-Renewal Feature by the Exchange to be switched off for your bot to work? (My guess is no..)
2.) I also have a few questions regarding the CLI output:
What do these terms and its values stand for?
CurrentRate
newRate
Comparing best ask outside best bid amount
Estimated total accrued interest
Is your tool calculating this accrued interest for 1 day period? I see this is is growing (not always) when polling, how is this possible with a fixed rate?
3.) Would it be possible to maintain multiple harmonies (for multiple accounts) alongside each other?
4.) How do you yourself ensure harmony keeps running ?
5.) Does your bot hit Fixed rate at a 2 day lending period?
6.) What do you think about reducing the polling / interaction rate down to once a minute? I guess changing line 227 to read 600000
would do the trick?
Thread.sleep(20000);
Do you have a stack trace? The main loop of Harmonia contains a try/catch block that tries to catch known exceptions. If it isn't catching an exception related to insufficient funds, it probably should.
So far so good, tool runs nice, even between standby modes - probably a security issue, but so far I like the convencie of not having to enter access codes again. Regarding the Insufficient Funds: Will post the trace as soon as it hits again. But there is another problem encountered:
java.net.UnknownHostException: api.bitfinex.com
https://gist.github.com/nottinhill/209dbd653372db8aad4a
Also I am constantly getting on start up:
[WARNING] Checksum validation failed, expected 5c393ea756b50e77c0f0583c89a000b6e9aeb893 but is 634a0310a90f248ca5eb127936f10af60b510384 for http://repo.maven.apache.org/maven2/com/xeiam/xchange/xchange-bitfinex/maven-metadata.xml
Entering the access code on start up is annoying, but it strikes me as being slightly better than having a file where the API keys are stored. For me, the only time I handle the keys is when I generate them and enter them into Harmonia. If I need to restart Harmonia for whatever reason, by not having recorded the keys in a file, I just generate new keys. I think it's an okay practice to continually be regenerating keys (and deleting old ones). Of course, you could wrap Harmonia's execution in a script that passes in the keys rather than ever manually input them, if you so wanted.
The unknown host exception shouldn't have crashed Harmonia, right? The main loop catches IOException (the superclass of UnknownHostException). Was your internet interrupted or DNS down at some point?
The checksum warning is odd. Perhaps delete your ~/.m2 folder and run mvn clean and mvn compile before running again?
Are you up and running with Harmonia?
Hi there, could you explain these point a bit further?
e.g. what are the other offers you are talking about in point 2?
Regarding security, are there plans to add hashing fnctionality in order to obfuscate credentials?