Forum Replies Created
-
Posts
-
Hello,
I see that in the dynamic market, the link is created correctly but when clicked it does not redirect. Thank you for spotting this. I will investigate and fix it in the next release.
The other issue must be related to your theme because I can’t reproduce it. If so, it can be solved with CSS. Let me know over email if you want me to login and try to figure out a CSS rule that works for you.
thank you
with regardsI understand, this is one of the main reasons I’m not running an exchange myself. The main issue here is not technical. Blocking certain deposits based on the results of an API is trivial, and can be done with a simple hook in your theme.
The issue is that these AML services cost money, since they are targeted at larger exchanges and banks. Have you identified one that you would be willing to pay for? I highly doubt that any of my customers have the kind of money required to pay for the services I’ve seen so far. Additionally, I would also have to have access to such a service myself, in order to implement and test connectivity.
Ideally what we’re looking for is an affordable service that can be realistically used to query people and addresses against its API. I will look, but if you know of any one, please suggest it.
Hello,
No, unfortunately you can only use the Multivendor gateway to transfer funds that have been paid via the WooCommerce crypto payment gateway. If the customer has paid with their fiat balance that they had on a fiat coin adapter, then commissions from this amount can be sent to the vendor. Otherwise the withdrawal to vendor cannot proceed with this gateway.
with regards
Yes, that is correct. Thanks for the link. Unfortunately Exchanges are legally required to check addresses against blacklists. There are a multitude of AML APIs out there and at this time I have not reviewed any of them. From a quick look, AML involves more than just blocking deposits from some known addresses. It also involves looking up peoples’ personal details against international databases. For example: https://docs.complyadvantage.com/api-docs/#concepts So this would have to be tied together to whatever system records the names/addresses of customers. This is definitely not something that I could implement at this time, and it would have to be a separate plugin.
Hello,
To be honest, I don’t know. Ultimately this is a whole different area of expertise that what I’m working on.
What you want is to be able to know who your users are. This involves them uploading documents such as passports and utility bills (proofs of address) to a third party service that can actually verify them. There might be plugins out there that do this on WordPress. If there are any, they should appear here: https://wordpress.org/plugins/tags/identity-verification/
This does not really need to interface with the exchange extension or the plugin. If there is a KYC service for WordPress, then that should be able to add your known customers to some user role or give them some capability. The capabilities you’re interested in are
has_walletsandtrade_funds_in_wallet. These should be given only to verified customers.with regards
Hello,
You are correct that security is a very important concern when you have a hot wallet connected to your site. A wallet can only ultimately protect the funds (hence the CS feature), it cannot do a WordPress security model in general.
If I were to try to roll my own IP filters on top of that of WordPress, it would break the separation of concerns principle: I would probably not do a very good job at it, and it would create many problems in edge cases. (Incidentally, this is also the reason why I don’t add two factor login features, password auditing, or other extra security features in the plugin.)
Instead, if you have decided that admins can only login from specific white-listed IPs, I suggest you use one of the existing WordPress security plugins to do this. For a good overview on all of the attack vectors that you should be worried about, see https://wordpress.org/support/article/hardening-wordpress/. Additionally, your host needs to be secure. If you’re managing the server yourself, you need to look up “hardening debian”, “hardening centos”, “hardening apache”, “hardening nginx”, or whatever software stack you’re using. If your server is managed, then this is partly what you pay your hosting provider for.
with regards
Hello,
I think that an extra layer of security doesn’t make much sense in this case. If someone can see the cold storage wallet, that means that they have the
manage_walletscapability, and thus they can already steal your funds. An extra pin will not stop them.Any cold storage that you setup will be unknown to the installed plugin. Why do you think that this is not possible at the moment? A cold storage is simply another wallet, which could be a hardware wallet, software wallet, or even paper wallet. The only requirement is that you are able to transfer funds between the hot wallet and cold wallet. Otherwise these are not connected in any way.
Please let me know if I did not understand what you’re suggesting.
with regards
Hello,
The proposal you suggest makes sense, however it would need a large number of changes to the code, some of which can introduce problems if not done carefully. I have not yet performed an initial analysis of how hard it would be, so I can’t comment on that yet. I will have to work on it first, to determine what needs to change and how long it will take. I am scheduling this change and I will contact you again here about this.
In any case, you shouldn’t need to keep a significant amount online. Only keep a small fraction of the total sum of user balances.
with regards
Hello,
1. The easiest way to hide the columns you don’t need is to use the provided HTML classes to hide these columns via CSS. For example:
.dashed-slug-wallets-exchange.market.static .min_ask { display: none; } .dashed-slug-wallets-exchange.market.static .max_bid { display: none; }Do this for any columns you want to hide. You can see the classes in your browser’s inspector. These are:
coin_icon,market_name,last_price,min_ask,ask_volume,ask_volume_base,max_bid,bid_volume,bid_volume_base,trade_volume_quote_24,trade_volume_base_24,percent_change_24,market_button.2. If you only leave three columns, the horizontal scrollbar will probably disappear on its own. To force it to not show, you can use:
.dashed-slug-wallets-exchange.market.static table { overflow-x: hidden; }3. To make the font size, larger, you could do this:
.dashed-slug-wallets-exchange.market.static table { font-size: larger; }Try values such as
large,larger, etc, or you can specify the size in terms of pt, px, etc. See https://developer.mozilla.org/en-US/docs/Web/CSS/font-sizeDo not add any CSS to the plugin’s code, because A) the CSS code is minified, and B) any changes get overwritten at any plugin update. Instead, you have a few options:
1. Add your CSS code in the Customizer. This is the easiest way.
2. You can create a child theme to your theme and add the CSS code there. If you already have a child theme to your theme, this is also very easy and a good way to add CSS.
Hope this helps.
with regards
Hello,
If there are not enough funds, then the user withdrawal will fail and the user will receive an error message (that you can configure under “Wallets” -> “Notifications” -> “Notification settings for FAILED withdrawals”
You should probably hold more funds in the hot wallet than the largest balance on your site, because any user might decide to withdraw all of their funds at any time. The Cold Storage feature will tell you how much of each coin you should have online, so that you have a given percentage of the total user balances online.
If you have selected the option “Wallets” -> “Notifications” -> “Notification settings for ALL events” -> “Forward errors to admins” then you will know if a user has not been able to withdraw their funds.
with regards
Hello,
Generally you could connect multiple sites to the same wallet. By this I mean that it is technically possible to do so. It is true that you can specify rpcauth multiple times. I am not so sure about walletnotify / blocknotify, probably you would have to chain the two curl commands in the same line, like so:
walletnotify=curl -s https://example1.com/wallets/api3/notify/BTC/wallet/%s >/dev/null ; curl -s https://example2.com/wallets/api3/notify/BTC/wallet/%s >/dev/nullOr better yet:
walletnotify=/bin/bash /path/to/walletnotify.shand then add all of your curl commands in the shell script file. Do the same for blocknotify.
The main issue with this approach is that you are introducing a centralized point of failure for all of your sites. In case any one is hacked, al the funds from all the sites can be lost.
Instead, I recommend that you go the opposite direction: Instead of having multiple sites per wallet, have less than an entire full wallet for each site.
Set up one wallet for each site, and hold only a fraction of the user balances in the hot wallet. Hold the rest of the funds in a cold wallet, using the Cold Storage feature, and replenish the hot wallets as needed. This is much safer in case of a hack. Generally WordPress can be made very secure, but this is hard, and because of it’s popularity, WordPress as a platform gets targeted a lot, so it’s always possible that your security can be breached. It’s best to be prepared.
with regards
Hello,
Perhaps I did not explain myself very well. At the moment you can only
1. give a fixed amount to each user
2. give an amount that is proportional to a current user balanceThis does not say anything about how much the total to distribute is. The plugin will only tell you after the airdrop, how much more money you should deposit to the hot wallet, so that all the users can withdraw their balance.
IF you know that you have 10,000 users, then by giving each 10 doge, you know that you have distributed 10*10,000 = 100,000.
If, on the other hand, you want to distribute proportionally to the existing Litecoin balances, do this:
1. Deposit the doge using the address shown at “Wallets” -> “Cold storage” -> Doge -> Deposit (see the address at the bottom of the screen). By sending the 100,000 doge to this address you are adding it to the hot wallet of your site, but none of it is yet assigned to user balances (this is done when you actually perform your airdrop).
2. Go to the adapters list (“Wallets” -> “Adapters”), and see what the “Sum of user balances” is for Litecoin. Let’s say for example that there is 200 Litecoin in total that all of your users have.
3. You want to distribute 100,000 Doge to these Litecoin holders. Since there are 200 Litecoin in total, you would need to use a proportional ratio of 100,000 / 200 = 500.
4. Go to “Tools” -> “Airdrop” and set the following:
Coin to distribute: Dogecoin
Distribute to users with role: any
Deposit tag: (leave as is)
Comment: (A notification text that describes your airdrop. Users will see this as a comment on their deposit transaction.)
Amount: 0
Parent coin for airdrop: Litecoin
Factor: 500To be clear, users who have 1 Litecoin will receive 500 Dogecoin, users who have 10 Litecoin will receive 5000 Dogecoin, etc.
5. After you have performed the airdrop, go to “Wallets” -> “Adapters” again and check the new “Sum of user balances” for Dogecoin. This should not be higher than the “Hot Wallet Balance”, or your users will not be able to actually withdraw their new Doge.
If for some reason you believe that you made a mistake with your airdrop, you can go to your MySQL console (or phpMyAdmin SQL console) and use the deposit tag to delete only the transactions that correspond to this airdrop. For example, let’s say that your airdrop had tags:
airdrop ad-run-5dcbc3edc12bc. You would run a command such as the following:DELETE FROM wp_wallets_txs WHERE tags LIKE '%ad-run-5dcbc3edc12bc%';and that would wipe out all of the deposit transactions created on step #4. You can now try again.I hope this is somewhat more clear, but please let me know if you have any more questions.
with regards
Hello,
You start off with an amount that you have and you wish to distribute. Unfortunately there is no such function in the plugin at the moment. As it is right now, you can only specify the amounts in terms of what the users already have, not what you have.
If I can implement a solution for your use case, I will post again here. But at the moment you cannot do this with this plugin.
On the other hand, if you want to give Dogecoin equal to 10 times what all your users have in Litecoin, this is straightforward. Simply perform an airdrop with a ratio of 10, then check again your hot wallet balance and your sum of user balances, to see how much dogecoin you’d need to deposit via the cold storage feature to cover the increased balances.
Hope this helps. Let me know if you have any other questions.
with regards
