Version, 3.0.0 of Bitcoin and Altcoin Wallets for WordPress brings improvements to the front-end performance of the plugin, and much better developer APIs.
The next major version, 3.0.0 of the Bitcoin and Altcoin Wallets free WordPress plugin is released today.
If you are upgrading from an earlier version of Bitcoin and Altcoin Wallets, please take the time to read this article. Depending on your use of the plugin, you MAY need to perform some additional actions, besides updating to the latest version. Important changes are marked in boldface in this text, so please pay close attention to those.
Purpose of this major upgrade
As previously discussed, this update brings a number of improvements to the front-end performance of the plugin, as well as a much better designed set of developer APIs.
With these performance improvements it should be possible to use the plugin with larger sites and with more users.
The improved APIs and associated documentation is there to enable developers to interoperate with the plugin in new ways. Additionally, these changes pave the way for the upcoming exchange extension which is currently under development.
Performing internal transfers is achieved via the move UI. This was previously presenting a dropdown of user names. A number of users have pointed out problems with this, including the following:
- It is not good from a security perspective to reveal the entire list of usernames to other users.
- There was an additional AJAX call that transfers a bunch of data and slows down the frontend if there are multiple users.
- A dropdown is not a convenient method of picking a username if there are hundreds or even thousands of users.
To that end, the
[wallets_move] shortcode now lets the user specify a destination user in a simple text input. A recipient user can now be specified via their email or username. If the user is not found, the internal transfer request fails and is not submitted.
There is no autocomplete feature implemented in this field so as to not leak user info any more. A number of users reported that they care about the plugin not leaking usernames.
The JSON APIs
Versioning and legacy versions
The above change required changes to the JSON API. JSON APIs are now versioned. If you have written code that uses the API directly, know that the current JSON API version is
2. See the attached documentation for details. Whereas the endpoint for version
1 was at
/wallets/ACTION, the new endpoint is at
/wallets/api2/ACTION, where ACTION is a verb of the API. When calling the API via HTTP GET parameters, append the following argument:
&__wallets_apiversion=2. API version
2 does not include the
If you need to enable the previous version 1 of the JSON API, check the following box: Admin → Wallets → Frontend settings → JSON API Settings → Enable legacy JSON APIs and hit Save Changes.
Full node coin adapters (RPC adapters) partially rely on the notification part of the JSON API to get notified about new transactions and blocks. If you have edited the
.conf file of Bitcoin core or a similar full node wallet, you were previously advised to add lines like the following:
walletnotify=curl -s http://www.example.com/wallets/notify/BTC/wallet/%s >/dev/null blocknotify=curl -s http://www.example.com/wallets/notify/BTC/block/%s >/dev/null
example.com would be the domain name of your site and
BTC would be any coin symbol. With version 3.0.0 you should append
api2 to your URIs, like so:
walletnotify=curl -s http://www.example.com/wallets/api2/notify/BTC/wallet/%s >/dev/null blocknotify=curl -s http://www.example.com/wallets/api2/notify/BTC/block/%s >/dev/null
The PHP API
Previously to perform wallet tasks via PHP code you had to get an instance of the
Dashed_Slug_Wallets singleton and then call a cumbersome set of functions. This API is still available but is now marked as “deprecated”. Calling the old API will now produce a warning in your logs, if you have logging enabled. Instead, use the new improved PHP API that is based on WordPress actions and filters.
The PHP API is now more flexible. It allows the code to perform wallet actions on users other than the current user. You can specify transaction fees manually to override the default fees. Most arguments can be easily omitted wherever defaults are OK.
The PHPdocumentor pages for this new PHP API provides examples on how to use the API. The PHPdoc pages are available in the bundle download as before, as well as on the microsite. The microsite previously had some misconfiguration issues, but these are now fixed.
Interoperability with existing extensions
To perform these improvements a number of drastic architectural changes had to be done. This is why these requests could not occur earlier.
If you are a premium member, please upgrade the following two extensions to their latest versions. Earlier versions of these extensions will not work with Bitcoin and Altcoin Wallets 3.0.0. You have been warned.
Please upgrade to version
0.2.1-beta. The extension homepage is here.
Tip the Author extension
Please upgrade to version
1.2.3. The extension homepage is here.
The plugin has undergone a lot of testing both on its own and in integration tests with its extensions. If you have spotted an issue please report it via the usual channels: Either the wordpress.org support forum, if you suspect this to be an issue with the main plugin, or via the support forums on this site if it is an issue with one of the extensions.
That is all for now! Thank you all for your continued support and for sending in feedback!
Bitcoin and Altcoin Wallets version 3.0.0 changelog:
- Add: New improved PHP API for working with wallets, based on WordPress actions and filters. See documentation for details.
- Change: The previous PHP API is still functional but is now marked as deprecated.
- Add: The JSON APIs are now versioned, to allow for stable improvements.
- Add: New version 2 of the JSON API does not include the
get_users_infocall which divulged user login names. Accepts usernames or emails as destination user in
- Change: Previous version 1 of the JSON API is available only if “legacy APIs” option is enabled in the frontend settings screen.
- Improve: Frontend no longer performs synchronous AJAX requests on the main thread. This fixes the issue where the UI would temporarily “freeze”.
- Improve: The
[wallets_move]shortcode now accepts the recipient user as a username or email. This was previously a dropdown and was causing scaling problems.
- Fix: Nonces provided with the
get_noncesJSON API call are no longer cached. Caching would sometimes cause stale nonces to be used, resulting in request forgery errors.
rateLimitextender in favor of the deprecated