🔂 Major upgrade to wallets plugin performance and APIs

Version, 3.0.0 of Bitcoin and Altcoin Wallets for WordPress brings improvements to the front-end performance of the plugin, and much better developer APIs.

The next major version, 3.0.0 of the Bitcoin and Altcoin Wallets free WordPress plugin is released today.

If you are upgrading from an earlier version of Bitcoin and Altcoin Wallets, please take the time to read this article. Depending on your use of the plugin, you MAY need to perform some additional actions, besides updating to the latest version. Important changes are marked in boldface in this text, so please pay close attention to those.

Bitcoin and Altcoin Wallets version 3.0.0

Purpose of this major upgrade

As previously discussed, this update brings a number of improvements to the front-end performance of the plugin, as well as a much better designed set of developer APIs.

With these performance improvements it should be possible to use the plugin with larger sites and with more users.

The improved APIs and associated documentation is there to enable developers to interoperate with the plugin in new ways. Additionally, these changes pave the way for the upcoming exchange extension which is currently under development.

The [wallets_move] shortcode

Performing internal transfers is achieved via the move UI. This was previously presenting a dropdown of user names. A number of users have pointed out problems with this, including the following:

  • It is not good from a security perspective to reveal the entire list of usernames to other users.
  • There was an additional AJAX call that transfers a bunch of data and slows down the frontend if there are multiple users.
  • A dropdown is not a convenient method of picking a username if there are hundreds or even thousands of users.

To that end, the [wallets_move] shortcode now lets the user specify a destination user in a simple text input. A recipient user can now be specified via their email or username. If the user is not found, the internal transfer request fails and is not submitted.

There is no autocomplete feature implemented in this field so as to not leak user info any more. A number of users reported that they care about the plugin not leaking usernames.

The JSON APIs

Versioning and legacy versions

The above change required changes to the JSON API. JSON APIs are now versioned. If you have written code that uses the API directly, know that the current JSON API version is 2. See the attached documentation for details. Whereas the endpoint for version 1 was at /wallets/ACTION, the new endpoint is at /wallets/api2/ACTION, where ACTION is a verb of the API. When calling the API via HTTP GET parameters, append the following argument: &__wallets_apiversion=2. API version 2 does not include the get_users_info call.

If you need to enable the previous version 1 of the JSON API, check the following box: AdminWalletsFrontend settingsJSON API SettingsEnable legacy JSON APIs and hit Save Changes.

Notification API

Full node coin adapters (RPC adapters) partially rely on the notification part of the JSON API to get notified about new transactions and blocks. If you have edited the .conf file of Bitcoin core or a similar full node wallet, you were previously advised to add lines like the following:

walletnotify=curl -s http://www.example.com/wallets/notify/BTC/wallet/%s >/dev/null
blocknotify=curl -s http://www.example.com/wallets/notify/BTC/block/%s >/dev/null

Where example.com would be the domain name of your site and BTC would be any coin symbol. With version 3.0.0 you should append api2 to your URIs, like so:

walletnotify=curl -s http://www.example.com/wallets/api2/notify/BTC/wallet/%s >/dev/null
blocknotify=curl -s http://www.example.com/wallets/api2/notify/BTC/block/%s >/dev/null

The PHP API

Previously to perform wallet tasks via PHP code you had to get an instance of the Dashed_Slug_Wallets singleton and then call a cumbersome set of functions. This API is still available but is now marked as “deprecated”. Calling the old API will now produce a warning in your logs, if you have logging enabled. Instead, use the new improved PHP API that is based on WordPress actions and filters.

The PHP API is now more flexible. It allows the code to perform wallet actions on users other than the current user. You can specify transaction fees manually to override the default fees. Most arguments can be easily omitted wherever defaults are OK.

The PHPdocumentor pages for this new PHP API provides examples on how to use the API. The PHPdoc pages are available in the bundle download as before, as well as on the microsite. The microsite previously had some misconfiguration issues, but these are now fixed.

Interoperability with existing extensions

To perform these improvements a number of drastic architectural changes had to be done. This is why these requests could not occur earlier.

If you are a premium member, please upgrade the following two extensions to their latest versions. Earlier versions of these extensions will not work with Bitcoin and Altcoin Wallets 3.0.0. You have been warned.

ShapeShift extension

Please upgrade to version 0.2.1-beta. The extension homepage is here.

Tip the Author extension

Please upgrade to version 1.2.3. The extension homepage is here.

Reporting issues

The plugin has undergone a lot of testing both on its own and in integration tests with its extensions. If you have spotted an issue please report it via the usual channels: Either the wordpress.org support forum, if you suspect this to be an issue with the main plugin, or via the support forums on this site if it is an issue with one of the extensions.

That is all for now! Thank you all for your continued support and for sending in feedback!

Bitcoin and Altcoin Wallets version 3.0.0 changelog:

  • Add: New improved PHP API for working with wallets, based on WordPress actions and filters. See documentation for details.
  • Change: The previous PHP API is still functional but is now marked as deprecated.
  • Add: The JSON APIs are now versioned, to allow for stable improvements.
  • Add: New version 2 of the JSON API does not include the get_users_info call which divulged user login names. Accepts usernames or emails as destination user in do_move action.
  • Change: Previous version 1 of the JSON API is available only if “legacy APIs” option is enabled in the frontend settings screen.
  • Improve: Frontend no longer performs synchronous AJAX requests on the main thread. This fixes the issue where the UI would temporarily “freeze”.
  • Improve: The [wallets_move] shortcode now accepts the recipient user as a username or email. This was previously a dropdown and was causing scaling problems.
  • Improve: The coins data structure in the wallets frontend is now indexed, resulting in better JavaScript performance throughout the frontend code.
  • Fix: Nonces provided with the get_nonces JSON API call are no longer cached. Caching would sometimes cause stale nonces to be used, resulting in request forgery errors.
  • Improve: The knockout JavaScript code now uses the rateLimit extender in favor of the deprecated throttle extender.

Comments:8

  1. I am delighted with the 3.0.0 versions I have been waiting for and
    I appreciate the efforts of the dashed-slug team.

  2. I must say, I am most grateful for this new release. I once reported about usernames of my users been leaked in a click of button, and the hassle of strolling down to fine that just one user in a pool of hundreds to thousands of users.
    I also look forward for the release of the exchange plugin. I have been waiting for it patiently, though you did not give a specific time, just as you told me in one of my support question. But what ever, am on the waiting list for that.
    Thanks again, this release is really a bomb!

  3. Great project. I will be waiting for the exchange extension and to buy it as soon as it arrives. Please keep me posted on the progress.

Leave a Reply

Your email address will not be published. Required fields are marked *