BitcoinJS Webtuesday Presentation

www.bitcoinjs.org Creative Commons 3.0 Attribution

A divorce and new beginnings

Stefan Thomas • WeUseCoins.com

BitcoinJS

- Web developer 13 years

- Bitcoin evangelist

- Bitcoin evangelist 6 months

- What’s Bitcoin? (1 slide version) - Things that are... sub-optimal - Node.js to the rescue!

man bitcoin

- Limited set of tokens

man bitcoin

- Limited set of tokens - Decentralized

man bitcoin

- Limited set of tokens - Decentralized - Open-Source

man bitcoin

- Limited set of tokens - Decentralized - Open-Source

= Internet Money

wget blk*.dat

140000 x

wget blk*.dat

140000 x

= 620 MB

wget blk*.dat

140000 x

= 620 MB => 6-24 hours

wget blk*.dat

140000 x

= 620 MB => 6-24 hours

rm wallet.dat

VirtualBox Dropbox Ironkey +

Truecrypt

rm wallet.dat

Truecrypt

rm wallet.dat

Truecrypt

rm wallet.dat

Truecrypt

rm wallet.dat

Truecrypt

rm wallet.dat

scp wallet.dat

These additions include nine new SCADA exploits, improved 64-

bit Linux payloads, exploits for Firefox and Internet Explorer,

full-HTTPS and HTTP Meterpreter stagers, and post-exploitation

modules for dumping passwords from Outlook, WSFTP,

CoreFTP, SmartFTP, TotalCommander, BitCoin and many other

applications.

Metasploit 4.0

scp wallet.dat

These additions include nine new SCADA exploits, improved 64-

bit Linux payloads, exploits for Firefox and Internet Explorer,

full-HTTPS and HTTP Meterpreter stagers, and post-exploitation

modules for dumping passwords from Outlook, WSFTP,

CoreFTP, SmartFTP, TotalCommander, BitCoin and many other

applications.

Metasploit 4.0

scp wallet.dat

Metasploit 4.0 blah new post exploitation modules

scp wallet.dat

Metasploit 4.0 blah new post exploitation modules

blah blah for dumping passwords blah

scp wallet.dat

Metasploit 4.0

Blah, BitCoin, Blah, …

blah new post exploitation modules

scp wallet.dat

Metasploit 4.0

Blah, BitCoin, Blah, …

blah new post exploitation modules

cat cmn_sense.txt

Block chain

uml blockchain

cat cmn_sense.txt

Block chain

cat cmn_sense.txt

Block chain UI

cat cmn_sense.txt

Block chain UI Wallet

cat cmn_sense.txt

• HUGE!! • Global • Public

cat cmn_sense.txt

-> Server

cat cmn_sense.txt

• Complex • Personal • Private

-> Server

cat cmn_sense.txt

-> Server -> Client

cat cmn_sense.txt

• Simple • Personal • Secret!!

-> Server -> Client

cat cmn_sense.txt

• Simple • Personal • Secret!!

-> Server -> Client -> Hardware (ideally)

find platform

Block chain server • Peer-to-peer node

find platform

Block chain server • Peer-to-peer node • Realtime

find platform

Block chain server • Peer-to-peer node • Realtime • JSON-RPC

find platform

Block chain server • Peer-to-peer node • Realtime • JSON-RPC • Lots of concurrent users

find platform

d8 server.js

Memory leaks! Example: MongooseJS

d8 server.js

Memory leaks! Collection.prototype.addQueue = function (name, args) { this.queue.push([name, args]); return this; }; Collection.prototype.doQueue = function () { for (var i = 0, l = this.queue.length; i < l; i++){ this[this.queue[i][0]].apply(this, this.queue[i][1]); } return this; };

Example: MongooseJS

d8 server.js

Memory leaks! Collection.prototype.addQueue = function (name, args) { this.queue.push([name, args]); return this; }; Collection.prototype.doQueue = function () { for (var i = 0, l = this.queue.length; i < l; i++){ this[this.queue[i][0]].apply(this, this.queue[i][1]); } this.queue = []; return this; };

Example: MongooseJS

d8 server.js

Memory leaks! saw.chain = function () { var ch = Traverse(saw.handlers).map(function (node) { // ... if (typeof node === 'function') { this.update(function () { saw.actions.push({ path : ps, args : [].slice.call(arguments) }); return ch; }); }

Example: node-binary

d8 server.js

Lesson

d8 server.js

Lesson Node.js libraries can be strange

d8 server.js

But overall it’s not that bad!

d8 server.js

But overall it’s not that bad!

Also: V8’s GC is very good!

d8 server.js

Debugging Tip: “LiveObjectList”

# Compile V8 with LiveObjectList support scons liveobjectlist=on ... # Run your program with debugging node --debug my_leaky_program.js # Connect to your program with D8 d8 --remote_debugger

Getting set up

d8 server.js

Debugging Tip: “LiveObjectList”

lol c Capture a heap snapshot lol Show heap snapshots lol list List objects in a snapshot lol diff [s1] [s2] Show differences between snapshots lol path [obj_id] Show retaining paths for an object

d8 server.js moon@clymene:~/opt/node$ deps/v8/d8 --remote_debugger > Type: connect V8-Version: 3.1.8.26 Protocol-Version: 1 Embedding-Host: node v0.4.10 stopped dbg> lol c Captured live object list 1: count 156079 size 8129300 dbg> c (running) > stopped dbg> lol c Captured live object list 2: count 173343 size 8374416 dbg>

d8 server.js dbg> gc GC 7809868 => 6710536 (7.4M => 6.4M) dbg> lol diff 1 2 v t Array 1000 objects: [ 1] @222138: size 16, 0xb39bd329 <JSArray> len 0 [ 2] @222139: size 16, 0xb39bd339 <JSArray> len 0 [ 3] @222143: size 16, 0xb39bd3a1 <JSArray> len 0 [ 4] @222144: size 16, 0xb39bd3b1 <JSArray> len 0 [ 5] @222145: size 16, 0xb39bd3c1 <JSArray> len 0 [ 6] @222365: size 16, 0xb39bede5 <JSArray> len 0 [ 7] @222498: size 16, 0xb39bfea5 <JSArray> len 0 [ 8] @222615: size 16, 0xb39c0d55 <JSArray> len 3 ... dbg> lol path @222138

d8 server.js | | V [274] @79332 0xb4422699: size 20 : HeapObject DescriptorArray FixedArray 0xb4422699: [FixedArray] - length: 3 [0]: 0xb77b3efd <FixedArray[53]> [1]: 0xb577404d <undefined> [2]: 0xb41eddd9 <JS array[0]> | | V [275] @215108 0xb41eddd9: size 16 : HeapObject JSObject JSArray 0xb41eddd9: [JSObject] - map = 0xb5754861 - prototype = 0xb77b4f49 { #length: 0xb577e581 <Proxy> (callback) #_cast: (null descriptor) } =====================================

uname -a

Another thing… 32 bit 64 bit

uname -a

Another thing…

- V8 heap limit

32 bit 64 bit

1 GB 1.9 GB

uname -a

Another thing…

- V8 heap limit

- MongoDB database

32 bit 64 bit

2.5 GB

1 GB 1.9 GB

bitcoinjs run

Now STOP!

bitcoinjs run

Demo time! Now STOP!

forecast

Lots more to be done!

- Wallet

- Shopping Cart Interface

git clone bitcoinjs-gui

A matching client!

- JS-based crypto (fun stuff!)

A matching client!

- HTML5 LocalStorage

A matching client!

- HTML5 LocalStorage

- Socket.IO

A matching client!

- Beta August 2011

- Screencast: http://www.youtube.com/watch?v=KTmFwnIRG9c

wallet 2.0

Ideas for a more secure wallet

wallet 2.0

- Deterministic Wallet

wallet 2.0

- Distributed Key Generation

wallet 2.0

- Distributed Key Generation

- Hardware Device

Thank you And good night!

tail -f

Meetup this Saturday! Oliver Twist Pub 16:30

@bitcoinjs

github.com/bitcoinjs

BitcoinJS Webtuesday Presentation

Technology

Presentation presentation

Summit Presentation Main Presentation

PRESENTATION TITLE PRESENTATION TITLE PRESENTATION …

Presentation Title Presentation Subtitle

Presentation 2501 AB2501 Presentation

Presentation (my class presentation)

Presentation skills - Zen presentation

Mi presentation presentation

CVA Accenture Presentation Presentation

Presentation skills- presentation March2018

Unit 21 Formula Presentation 1Using Formula Presentation 2Constructing Formulae Presentation 3Negative Numbers Presentation 4Temperature Differences Presentation

Synchro Presentation Presentation

Presentation Tools Presentation

Presentation Effective Presentation Skills

Presentation about presentation

PBS Presentation - Final Presentation

RHoK presentation Zurich webtuesday

Imeem Presentation Buscomp Presentation

Presentation Zen Presentation

Deepavali Presentation Diwali Presentation