WARNING !!!!! if you send bitcoin amount much less than you have, all the rest goes SILENTLY for fee !!!!!! You must warn everyone NOT to do test sending of very small amount !!!!

[svsgoog]

I just tried to make test transaction of very small fraction of what I had on my BTC address, and FUCKKKKKKKKKK, 99% of my money went SILENTLY to fee !!!!!!!!! Bullshit !!!! I lost money because you programmed it in so dangerous and un-documented way !!!!!!!!!!!!!

[svsgoog]

P.S. if I have e.g. 1 BTC, how do I send small fraction of it without giving ALL THE REST for fee, i.e. how do I limit a fee to be as small as I desire ?

[reiven]

@cledaso you did that on the testnet or the mainnet? i'm very sorry but thats the way bitcoin works, not just this lib. Keep in mind that the function mksend includes a "change_addr" to send you back the "change" of the transaction. Also, you can read this guide about how the bitcoin transactions works

@vbuterin i guess you can close this issue

[svsgoog]

hi, guys, thanks for your response ! I know, RTFM, etc, I am programmer sinnce 1995 :) I mean that when a new user will download this python bitcoin tool (which is very nice by itself !) and just starts to use it according to YOUR short INSTRUCTIONS, he/she will probably just repeat my issue and will provide only one destination address without change_addr (as it was not indicated in the example which you show), and if he/she will not patch your code to make really control on the actual fee going to be charged, then he/she will suffer the same SILENT charge.

I Suggest you ADD a warning BEFORE you really send a transaction that "you send 0.000001" and the fee for this will be "0.05" because you missed change_addr, and then make a sys.sleep(5) in ordder a new user can KILL this if he is making a first try of this python tool without full experience in how it is implemented.

This is danger for NEW USERS in your IMPLEMENTATION, not just the theory of Bitcoin transaction, to say, you miss an important precaution for people like me and make people suffer real losses !

[svsgoog]

I propose to add PRECAUTION in your example on the main page:

Example usage (best way to learn :) ):

from bitcoin import * priv = sha256('some big long brainwallet password') priv '57c617d9b4e1f7af6ec97ca2ff57e94a28279a7eedd4d12a99fa11170e94f5a4' pub = privtopub(priv) pub '0420f34c2786b4bae593e22596631b025f3ff46e200fc1d4b52ef49bbdc2ed00b26c584b7e32523fb01be2294a1f8a5eb0cf71a203cc034ced46ea92a8df16c6e9' addr = pubtoaddr(pub) addr '1CQLd3bhw4EzaURHbKCwM5YZbUQfA4ReY6' h = history(addr) h [{'output': u'97f7c7d8ac85e40c255f8a763b6cd9a68f3a94d2e93e8bfa08f977b92e55465e:0', 'value': 50000, 'address': u'1CQLd3bhw4EzaURHbKCwM5YZbUQfA4ReY6'}, {'output': u'4cc806bb04f730c445c60b3e0f4f44b54769a1c196ca37d8d4002135e4abd171:1', 'value': 50000, 'address': u'1CQLd3bhw4EzaURHbKCwM5YZbUQfA4ReY6'}] outs = [{'value': 90000, 'address': '16iw1MQ1sy1DtRPYw3ao1bCamoyBJtRB4t'}] tx = mktx(h,outs) tx '01000000025e46552eb977f908fa8b3ee9d2943a8fa6d96c3b768a5f250ce485acd8c7f7970000000000ffffffff71d1abe4352100d4d837ca96c1a16947b5444f0f3e0bc645c430f704bb06c84c0100000000ffffffff01905f0100000000001976a9143ec6c3ed8dfc3ceabcc1cbdb0c5aef4e2d02873c88ac00000000' tx2 = sign(tx,0,priv) tx2 '01000000025e46552eb977f908fa8b3ee9d2943a8fa6d96c3b768a5f250ce485acd8c7f797000000008b483045022100dd29d89a28451febb990fb1dafa21245b105140083ced315ebcdea187572b3990220713f2e554f384d29d7abfedf39f0eb92afba0ef46f374e49d43a728a0ff6046e01410420f34c2786b4bae593e22596631b025f3ff46e200fc1d4b52ef49bbdc2ed00b26c584b7e32523fb01be2294a1f8a5eb0cf71a203cc034ced46ea92a8df16c6e9ffffffff71d1abe4352100d4d837ca96c1a16947b5444f0f3e0bc645c430f704bb06c84c0100000000ffffffff01905f0100000000001976a9143ec6c3ed8dfc3ceabcc1cbdb0c5aef4e2d02873c88ac00000000' tx3 = sign(tx2,1,priv) tx3 '01000000025e46552eb977f908fa8b3ee9d2943a8fa6d96c3b768a5f250ce485acd8c7f797000000008b483045022100dd29d89a28451febb990fb1dafa21245b105140083ced315ebcdea187572b3990220713f2e554f384d29d7abfedf39f0eb92afba0ef46f374e49d43a728a0ff6046e01410420f34c2786b4bae593e22596631b025f3ff46e200fc1d4b52ef49bbdc2ed00b26c584b7e32523fb01be2294a1f8a5eb0cf71a203cc034ced46ea92a8df16c6e9ffffffff71d1abe4352100d4d837ca96c1a16947b5444f0f3e0bc645c430f704bb06c84c010000008c4930460221008bbaaaf172adfefc3a1315dc7312c88645832ff76d52e0029d127e65bbeeabe1022100fdeb89658d503cf2737cedb4049e5070f689c50a9b6c85997d49e0787938f93901410420f34c2786b4bae593e22596631b025f3ff46e200fc1d4b52ef49bbdc2ed00b26c584b7e32523fb01be2294a1f8a5eb0cf71a203cc034ced46ea92a8df16c6e9ffffffff01905f0100000000001976a9143ec6c3ed8dfc3ceabcc1cbdb0c5aef4e2d02873c88ac00000000'

print 'WARNING: you are sending ' + str(AMOUNT) + ' and paying this FEEE for it: ' + str(FEE) print 'you have 10 s to press Ctrl-Key if you are not sure you agree to it !!' sys.sleep(10)

pushtx(tx3) 'Transaction Submitted'

[svsgoog]

print 'WARNING: you are sending ' + str(AMOUNT) + ' and paying this FEEE for it: ' + str(FEE) print 'you have 10 s to press Ctrl-Key if you are not sure you agree to it !!' sys.sleep(10)

[svsgoog]

this is the WARNING which you should have, like the Bitcoin Wiki does here:

https://bitcoin.org/en/developer-examples#simple-raw-transaction

Warning icon Warning: createrawtransaction does not automatically create change outputs, so you can easily accidentally pay a large transaction fee. In this example, our input had 50.0000 bitcoins and our output ($NEW_ADDRESS) is being paid 49.9999 bitcoins, so the transaction will include a fee of 0.0001 bitcoins. If we had paid $NEW_ADDRESS only 10 bitcoins with no other changes to this transaction, the transaction fee would be a whopping 40 bitcoins. See the Complex Raw Transaction subsection below for how to create a transaction with multiple outputs so you can send the change back to yourself.

The fact that you did not warn users caused losses, at least to me, but maybe to other users too.

[ofek]

@cledaso Check out https://github.com/ofek/bit

[NickSto]

@reiven seriously? Not even a warning or a --yes-send-all-my-money-in-fees switch?

[homakov]

This must be fixed

[rsynnest]

@cledaso you could submit a PR to update the README. @vbuterin I think updating the README would be a good faith effort to help inform newcomers to lower level methods. Even something as simple as "please use the testnet first, inexperienced users are likely to lose BTC to fees when using these examples".

[svsgoog]

Yes, this is risk for REAL money, so I strongly believe any warning on potential money loss must be a part of any software like this. At least in README, but better interactively before you confirm any TX to submit, possible with "mute" option for experienced users.

Formally I do not remember that I was offered with a T&C text warning me on potential money loss into transactions fee and that I explicitly accepted such type of risk. So formally we may speak about financial damage caused by this SW tool to beginners in the crypto-programming like me, who followed STRICTLY to the README and example, and lost money by it. In particular I have lost 0.05 btc on this and with the current rates (16 K usd per btc ) I would be very much interested in having my losses be paid back ;)

[svsgoog]

what is PR and how could I submit it ?

[avramovic]

@cledaso https://help.github.com/articles/creating-a-pull-request/

[rsynnest]

@cledaso vitalik has shut down this library as of 9 hours ago, so I guess that solves the problem of risk exposure. There are many similar tools out there to use, I would still highly recommend learning how to submit pull requests so you can get involved in your favorite open source projects :smile:

[bobomurod]

how to use pybitcointools with public testnet ??