Coinkite Has an Onion for Tor

image

Many of our users protect their privacy and defend themselves against snooping advertising companies by using Tor. This has been the case from day one at Coinkite and we accept that everyone has their own reasons.

Until now, these users have been using the Tor Browser and simply surfing to Coinkite.com using that wonderful package. Starting today, anyone who wishes to use Tor with Coinkite can also use our new “onion address" to connect directly to Coinkite over the Tor network:

http://gcvqzacplu4veul4.onion

This is faster and more private, but comes with a few caveats:

  • The main font is not Open Sans, but something a little more plain.
  • Maps are not displayed because that leaks data to the map graphics provider.
  • Videos are removed for privacy reasons (only used in a few FAQ entries).
  • In-browser notifications (popup at top of screen) are not available. SMS and Email alerts will still happen however.
  • The Coinkite store works a little differently: you need to reload after adding to your cart.

What are the advantages to using the onion address?

  • Does not consume precious resources at the Tor exit nodes.
  • The exit nodes do not see your traffic, although it would be encrypted anyway (HTTPS).
  • Does not reveal your traffic to USA-based CloudFlare which is used for all normal HTTPS traffic.
  • Additional privacy as a few external services are not used (maps, videos, google analytics).
  • Slightly faster or much faster depending on chance.

New to Tor?

The best and easiest way to get started is by installing and using the Tor Browser. First though, take the time to learn more about the Tor Project and the many faces of it’s users. Almost everyone has a reason to get some extra privacy from using Tor occasionally.

I never plan to use Tor. Can I block it?

Yes, you can disable all access to your account over Tor, using a new setting under your account’s Misc Security Options.

But only criminals use Tor!

Certainly there have been some well-known criminal sites on the “dark web” that transact in Bitcoin, just like the normal web. Coinkite is a site with both a very public face and an onion address, so we are obviously something quite different. For more on this topic, start here with the Tor Abuse FAQ.

Final Notes

  • Please report any privacy problems you find with onion service so we can address them to protect all our users.
  • We reserve the right to suspend these Tor features if they are abused.

Read More

Six New World Currencies at Coinkite: MXN (Mexico), SGD (Singapore), HKD (Hong Kong), MYR (Malaysia), ZAR (South Africa), VUV (Vanuatu)

image

Total of six of new currencies have recently been added to Coinkite:

  • HKD Hong Kong Dollar
  • SGD Singapore Dollar
  • MXN Mexican Peso
  • MYR Malaysian Ringgit
  • ZAR South African Rand
  • VUV Vatu (Republic of Vanuatu, in the South Pacific)

To support this, we now track the following additional exchanges:

  • ANXPRO for HKD, SGD, JPY, AUD, NZD, and GBP (some are vs. BTC and LTC).
  • BitX for  ZAR.
  • iceCUBED for ZAR (vs. both BTC and LTC).
  • BITSO for MXN.

Most of these currencies have been requested by our Coinkite Terminal operators in those respective regions, so they can do “in person” bitcoin exchanges with our handheld device.

On Coinkite.com, you’ll see the new currencies:

- in the “rate box”, shown at the right of most interior pages

everything in our store can now be priced in those currencies

- the Coinkite API now supports them as well, particularly in the public/rates endpoint which lists a full currency matrix from any crypto to/from any fiat that we support!

Learn more about our Bitcoin API here and merchants can enable these new currencies on their terminals at their convenience.

Wallet-as-a-Service is Here: The Coinkite API has launched!

image

Not just another API—Coinkite’s API enables you to build complete crypto-currency systems. Want to move some funds? Of course that’s easy with the Coinkite API. Need to search by public transaction number, link that back to a voucher you made last month? Sure, no problem.

But there’s more, much more: we allow you to remotely control your Coinkite terminals, and make them print receipts with whatever you want on them. Maybe it’s the toppings for a pizza order or your latte’s pre-order with special instructions.

We use the Pubnub platform to send you or your web visitors real-time status updates on pending transactions (via push notification). This allows you to build Bitcoin invoices that respond to being paid: you can unlock the content or provide the digital goods right away, or at least thank your new customer for sending a bitcoin transaction. In fact, all your account activity can be pushed to your browser or server backend if desired. Finally a complete solution to automating payment processing for crypto-currencies without all the hard stuff like hosting super-sensitive P2P clients.

At the end of the day, there are other ways to do many of these things, but the reason many already choose Coinkite, is because of our HSM technology. Your funds on Coinkite are secure and yet fully liquid at the same time. You can send and receive funds immediately, with no limits using the API. Plus, you always have the option of using our simple web interface for admin functions or rarely-used features.

What’s Possible with the API?

  • View account balances, transactions and search by transaction hash.
  • Send funds, create vouchers, email funds, create new receive addresses quickly.
  • Monitor deposits, withdrawals, logins and all other events related to your account via Pubnub push notifications. Pubnub offers free toolkits for 20+ languages and platforms.
  • Drive your Coinkite Terminal remotely, causing receipts to be printed at any time.
  • Fetch public data about exchange rates and worldwide CK terminal locations.

Getting Started

  1. Check out the complete specification at our new documentation site: docs.coinkite.com
  2. Skim our sample programs and examples at Coinkite.com/apps and on Github.com/coinkite. Many of them are live demos and ready to be used, and all come with full source code and BSD license.
  3. Create your first API key here, and start experimenting!

What can I do with it? Live Examples and Sample Code

You can view all of our demos and language-specific toolkits in our “App Gallery" on Coinkite.

- The API includes everything needed to make a Bitcoin ATM (which we prefer to consider a crypto-currency vending machine). We made a complete example in AngularJS which you can use either in a demo mode, or by putting in your own Coinkite API key, as a working system.

- Making a complete Invoice system turned out to be a bit too much for a demo, but we wrote most of the HTML, Javascript and  Python for Google App Engine. You can see an example Litecoin invoice and if you download the code, it’s easy to run it locally to create invoices as well.

- We are developers ourselves, so we know what makes an API popular: lots of toolkits for the major web languages. Go to our Github page to see all the languages in place today: Python, Ruby, Javascript (Node and browser), AngularJS and PHP.

- We didn’t forget your favorite API starting point: curl. We’ve made a little helper program to make curl really easy to use with our authentication steps:

image

Security, Security, Security

We’ve given lots of thought to security (as always), so API access is of course locked out by default, and you must create API keys explicitly and each key can be limited in some really powerful and useful ways:

- by function (capability): you control if a key can read data and do nothing else. Other keys might allow authorizing sending out funds, or maybe you only do that  manually, and never give that permission to the API.

- by amount (specified in any currency): you can limit the amount sent out of your account to a specific number of dollars (or BTC, etc) per one-hour period. This is a great “safety fuse” to avoid those really bad days.

- by sub-account (any subset). You can limit a key to work only on a few specific sub-accounts (ie. perhaps “chequing” but not “savings”). Limited keys like this can’t even see transactions on the other accounts.

- by IP address range (CIDR or specific IP’s). You might not need the whole entire Internet to access your account, so why not limit it to your static IP address or your ISP’s netblock, etc.

Future Plans

We are going to be aggressively expanding our API to support our customers who are building their businesses on our platform. Already on our API roadmap:

  • More terminal control: allow some “take over” of the terminal so that the QR scanner, magstripe reader, and keypad can be leveraged for your applications. More receipt rendering options.
  • Send funds by SMS message (will launch in web UI at same time as API)
  • Enhanced event hooks.
  • Buy buttons, Javascript widgets for pricing are on the wishlist.
  • Typically new Coinkite features will be accessible via API at feature launch time.

Feedback

As always, we are looking for feedback (connect@coinkite.com). Please let us know what you are working on, what we can do to help and what we can do differently!

Coverage

CoinTelegraph: Coinkite Launches ‘Game-Changing’ API

Toronto Bitcoin Hackathon 2014

image

Bitcoin is an incredible technology and we’d like to see what you can do in one weekend!

Coinkite is launching our API in July, so we thought why not have a Hackathon!

Join us on August 22 through 24, at the Extreme Startups office.

Tickets available here

Official event site is www.tobh.ca 

Lots of prizes from us and Vault of Satoshi

All Cryptos Welcome! Litecoin, Blackcoin and all the alts.

New Feature: Flex Liquidity [Smart UTXO Management]

image

Improving Funds Availability for our Busy Merchants — Solving Slow Bitcoin Transactions

As requested by our merchant users buying and selling bitcoins, this new feature maintains more of your balance in a number of smaller UTXO. This means high-volume users are less likely to need to wait for confirmations.

When you have a single 1 BTC deposit (stored in a single UTXO), and you send just 0.001 of that, you might have to wait half an hour before you can use the other 0.999 BTC. This happens with all Bitcoin wallets because the “change” from the first transaction shouldn’t can’t be spent until the previous transaction completes and is confirmed. It is less of a problem on Litecoin and Blackcoin networks due to their faster block times.

Coinkite’s unique Flex Liquidity feature improves on normal Bitcoin wallets by splitting the “change back” from each regular transaction a number of small UTXO. Subsequent transactions are more likely to be able to use a small UTXO that is better suited to the needs at that time.

Flex Liquidity is enabled by default in all of our Professional  and up plans. We cover the additional transactional costs that this feature requires.

Not sure what a UTXO is? Learn more in our FAQ.

Blackcoin Comes To Coinkite

image

Today Blackcoin joins Litecoin and Bitcoin, as a fully-featured cryptocurrency on Coinkite. All Coinkite customers can create new sub-accounts to hold BLK (Blackcoin) balances and use the familiar Coinkite interface to send and receive them.

The Blackcoin community has been very helpful, after wining our recent competition to pick the first new altcoin to be added to Coinkite.

Just like Bitcoin and Litecoin, you can now:

- create a voucher, to be claimed by PIN

- send Blackcoins by email

- setup Blackcoin funds fowarding

Blackcoin works on Coinkite terminals too:

- easily create bills for your retail customers to pay in Blackcoin

- buy and sell Blackcoin as a “mini ATM” or mobile exchange service

- access your Coinkite account using your Coinkite card

Tell us your Blackcoin success stories. We’re really excited to be part of a new altcoin and particpate in the BLK community.

Background on Blackcoin

Blackcoin is a “Proof of Stake” coin that doesn’t use large-scale mining. Therefore, it’s considered more eco-friendly and doesn’t waste electricity for security purposes. Your transactions are fast because blocks are sent every minute (not ten minutes as in Bitcoin). 

Coinkite does not yet support staking, meaning you will not be credited 1% per annum on your Blackcoin deposits. In time, we may offer that option to our customers.

—-

How to:

image

image

—-

Donations back to the community. As promised, 25% (66,373) Blackcoins were given to the community for use. Audit here.

Now With P2SH Support

You can now send from Coinkite to bitcoin P2SH addresses. These addresses start with the number 3 and are used on a few sites to support special use cases such as escrow or multisig.

image

To use the feature, just supply a P2SH address when sending bitcoin. P2SH address look identical to a normal bitcoin address except that the first digit is 3 instead of 1.

If someone has a good list of sites which need P2SH or use them for some special purpose, please tweet a link to @Coinkite and we’ll update this posting with some example usage cases.

We only support P2SH for Bitcoin today, because we don’t know of anyone using it on Litecoin or Blackcoin. We can enable the feature for those networks easily, but held off doing so because we couldn’t test the feature.

Nooshin Mohtashami Joins Coinkite As Advisor

image

Nooshin Mohtashami joins Coinkite’s advisory board after serving more than 10 years as Chief Operating Officer of OANDA, where she was instrumental in building a unique and fair forex trading experience for retail consumers.

Nooshin has been exploring the Bitcoin space over the last year and we’re very excited to welcome her to our growing team.

Her background as a computer engineer and her in-the-trenches business leadership experience will serve her well as she guides Coinkite into a dominate position as an international cryptobank.

Peter Todd Joins Coinkite as Chief Naysayer

image

Peter Todd brings to the Bitcoin space an unusually diverse background: a fine arts degree focused on the intersection of art and technology, followed by five years spent in analog electronics design in a geophysics sensing startup, as well as embedded systems development and conventional programming experience.

Within the Bitcoin space Peter is known for his work on scalability, security, and privacy, and recently left his “day-job” to focus on Bitcoin full-time and a consultant and researcher. To Coinkite Peter brings this diverse background, and equally importantly, an independent skepticism with a willingness to say “No!”.

API Data for Terminal Locations

After a few requests, we’ve created a REST endpoint which lists all our terminal locations. Hopefully it’s so simple and easy to use that any developer can just read the JSON response and use it… because we haven’t had time to document it just yet.

Write your programs to fetch the JSON data from here. It doesn’t change more often than hourly.

Lots more coming on the API front, including a fancy documentation site so stay tuned.

Faster Zero Confirmations

image

We’ve revamped how we process zero-confirmation transactions so they are received faster.

This is an internal change and we’ve always supported zero-confirmation transactions in the past, but now they will show up in your account even faster!

We’ve been growing our infrastructure both to stay current with the latest bitcoin and litecoin releases, but also to support future altcoins, such as BlackCoin (BLK).

Learn more about bitcoin confirmations in our FAQ. It is important to understand the risks involved.

Open-Source Paper OTP Generator

Fresh on Github: our code for generating the nifty fold-up sheet with OTP (one time password) codes. Read more about the related services on Coinkite in this recent post.

This python code manages a single-page PDF containing 100 single-use numeric tokens. The tokens are generated using the RFC6238 algorithm with the X/Y coordinate as the interval number. The “secret” seed values used here are base32-encoded strings of length 16.

When deploying this, it’s important to never use the same code twice. It’s probably best to pick randomly from the set of codes you’ve never asked for.

Here are some example files, generated with ‘aaaaaaaaaaaaaaaa’ as the secret.

Example PDF

Code is licenced under the 2-clause BSD licence

image