TypeError: Cannot read property 'pendingTxps' of undefined
at /Users/matiaspando/bws/lib/client/api.js:346:24
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)
at Socket.socketErrorListener (http.js:1547:9)
at Socket.emit (events.js:95:17)
at net.js:440:14
at process._tickCallback (node.js:419:13)

should hash pubkeys for off channel cofirmation

It should be possible to:

• Specify a flag to get balance by address
• Specify an address (or a list of addresses) to get balance information

client.generateKey(network, function(err) {
^
TypeError: Cannot call method 'generateKey' of undefined
at Object. (/Users/matiaspando/bws/bit-wallet/bit-genkey:18:8)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:906:3

There could be a CRUD API for valid index keys:

m/xxxx/Index
m/yyyy/Index
for readonly and readwrite keys. Request can be signed by an other branch
like m/zzz/0.

This way, a copayer could allow access to multiple agents, each with different credentials and also could remove access very easily.

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getTxHistory (/Users/matiaspando/bws/lib/client/api.js:552:5)
at /Users/matiaspando/bws/bit-wallet/bit-history:16:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

TypeError: Cannot read property 'pendingTxps' of undefined
at /Users/matiaspando/bws/lib/client/api.js:346:24
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)
at Socket.socketErrorListener (http.js:1547:9)
at Socket.emit (events.js:95:17)
at net.js:440:14
at process._tickCallback (node.js:419:13)

In a 2-of-2 wallet, a proposal is rejected by 1 copayer. It is still being listed in #getPendingTxs(). If another copayer tries to sign/reject it says "proposal is not pending".

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getMainAddresses (/Users/matiaspando/bws/lib/client/api.js:401:5)
at /Users/matiaspando/bws/bit-wallet/bit-addresses:15:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

node app.js

> [email protected] start /Users/gustavo/Documents/github/bitcore-wallet-service
> node app.js

Copay service running on port 3001

events.js:72
        throw er; // Unhandled 'error' event
              ^
OpenError: IO error: ./db/copay.db/LOCK: No such file or directory
    at /Users/gustavo/Documents/github/bitcore-wallet-service/node_modules/levelup/lib/levelup.js:118:34

npm ERR! [email protected] start: `node app.js`
npm ERR! Exit status 8

ask for password confirmation on creation: emit to different events: needCreationPassword, needUnlockingPassword

Events already exists on server.js. A Websocket layer should be build to route them to the connected copayer, so the can be notified at realtime.

A compromised server could generate addresses using a random path. Copayers will be unsuspecting as the address in fact belongs to the wallet. Once funds are sent to these addresses they will not show in the balance and could potentially be really hard to recover.

to recreate a wallet from an import

1. Why xpubs are unencrypted?

2. Is BWS production ready?

If there are sign actions performed by other copayers, it should verify the signatures are valid.

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.createAddress (/Users/matiaspando/bws/lib/client/api.js:382:5)
at /Users/matiaspando/bws/bit-wallet/bit-address:13:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

> [email protected] start /root/src/node_modules/bitcore-wallet-service
> node app.js

Bitcore Wallet Service running on port 3001

events.js:72
        throw er; // Unhandled 'error' event
              ^
OpenError: IO error: ./db/bws.db/LOCK: No such file or directory
    at /root/src/node_modules/bitcore-wallet-service/node_modules/levelup/lib/levelup.js:118:34

npm ERR! [email protected] start: `node app.js`
npm ERR! Exit status 8
npm ERR!
npm ERR! Failed at the [email protected] start script.
npm ERR! This is most likely a problem with the bitcore-wallet-service package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR!     node app.js
npm ERR! You can get their info via:
npm ERR!     npm owner ls bitcore-wallet-service
npm ERR! There is likely additional logging output above.
npm ERR! System Linux 3.16.0-23-generic
npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "start"
npm ERR! cwd /root/src/node_modules/bitcore-wallet-service
npm ERR! node -v v0.10.25
npm ERR! npm -v 1.4.21
npm ERR! code ELIFECYCLE
npm WARN This failure might be due to the use of legacy binary "node"
npm WARN For further explanations, please read
/usr/share/doc/nodejs/README.Debian

npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR!     /root/src/node_modules/bitcore-wallet-service/npm-debug.log
npm ERR! not ok code 0

I followed instructions on http://stackoverflow.com/questions/21168141/can-not-install-packages-using-node-package-manager-in-ubuntu and installed legacy using sudo apt-get install nodejs-legacy

Still does not fix the problem...

Any tips?

For security measures.
Proposal: refactor the GET /wallets/ call to check a flag for each piece of information (txProposals, balance, pkr)

In particular, try to avoid exceeding max transaction size.

• During wallet creation BWS will help copayers to set the PKR (extended Public Key Ring) by collection encrypted xpubs in different slots, one per copayer, among with its signature.
• The server will not be able to create new addresses. Clients will need to ask the server the current indexes, and then post the new address to the server. The server will reject if it already exists. The server will add the address to the wallet (but it wont be able to verified).
• To address the above comment, getBalance will return the balance by address (only for addresses where balance >0). The copayers will be able to derive the address to check that them belong to the wallet.
• In createTx the copayer will need to add the change address and the path. Yhe other copayers already check the address derivation.

This could be an options per wallet, or per BWS instance config, or fixed.

client.export({
^
TypeError: Cannot call method 'export' of undefined
at Object. (/Users/matiaspando/bws/bit-wallet/bit-export:38:14)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:906:3

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getTxProposals (/Users/matiaspando/bws/lib/client/api.js:435:5)
at /Users/matiaspando/bws/bit-wallet/bit-txproposals:16:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

I finally got it running on my VPS.

From my node cli I type in: (obviously not my ip)

wallet -h http://123.456.78.9:3001 -f bar.dat create myWallet 2-2 Foobar -t

I get the following errors on client side:

info Generating new keys
ERR! [object Object]
{ code: 'ERROR', error: 'Cannot POST /v1/wallets/\n' }

On the server side I get this little descriptive one-liner.

POST /v1/wallets/ 404 19.154 ms - 25

Any advice would be appreciated, thanks.

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getTxProposals (/Users/matiaspando/bws/lib/client/api.js:435:5)
at /Users/matiaspando/bws/bit-wallet/bit-rm:18:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17

• check derive address
• check change address
• remove storage from clientlib
• check prposal signature
• check xpriv keys correspond to wallet's network
• check secret format in join
• test raw tx have signatures
• add broadcast API to server
• enhance 'no network (internet)' error
• /Users/ematiu/devel/bitcore-wallet-service/node_modules/bitcore/lib/transaction/transaction.js:137
  throw new errors.Transaction.DustOutputs();
  and others TX errores now appear at broadcast time.

Scan BIP32 branches looking for wallet's funds

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getTxProposals (/Users/matiaspando/bws/lib/client/api.js:435:5)
at /Users/matiaspando/bws/bit-wallet/bit-broadcast:17:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

We are showing this:

{ [Error: connect ECONNREFUSED]
  code: 'ECONNREFUSED',
  errno: 'ECONNREFUSED',
  syscall: 'connect' }

Otherwise the message comes up more than once.

-service -client -wallet

BWS Access Control

There are 3 tiers of access control

1. Access is controlled at the server

All requests to an existing wallet must be signed by a private key and are verified by the server. All copayers have a always valid private key, m/1/1, and can generate more with restricted access thru the grantAccess removeAccess API.

Extra access keys pairs are generated by copayers. Priv keys given to the agents and public keys registered at BWS.

2. Tx Proposals and rejections are verified by copayers.

In order to generate a (unsigned) tx proposals and tx proposal rejections, copayers must sign them with the m/2/1 key.

This prevent the server for tampering or generating txs proposals.

Currently this key never changes, although in the future a mechanism
for revoking m/2/1 in favor of m/2/x could be possible. This would need to be safely communicated to all copayers by BWS.

3. TX Signatures are verified by the bitcoin network

Finally in order to generate valid outgoing transaction, the inputs signatures are needed. This are produced by keys derived from m/42/* according to BIP45.

Revoking m/42/* is not currently possible but there could be a mechanism to inform the server that certain branch
is obsolete and wallet output should be created using a new one. This would be outside BIP45 scope.

Information Needed to Access a BWS Wallet

In other access any wallet functionality a copayer or agent needs:

A valid wallet's access key pair, with the appropriate access level that grant access to the function he is trying to execute

• (optional) the private key m/2/1 to sign tx proposals
• (optional) the xpriv key to sign transactions

Granting Access

If a copayer wants to grant access to an agent, he need to:

1. Generate a new access key pair, and register it at BWS by using the grantAccess
2. Give the resulting priv key to the agent and also:

• priv key m/2/1 (if the agent will be allowed to propose / reject txs)
• and xpriv key (m/42) (if it will be allowed to sign transactions).

All this info should be packed in a single string for convenience: bws-agent-access:XXXXXXX

Revoking access

Currently revoking access is only possible at tier 1), buy using the revokeAccess API key. Note that migrating to a new BWS instance would revoke all outstanding extra accesses.

API

reqSigningKey = `m/1/1`; // Can't be revoked.

// extraAccesses: `m/2/x/y`;

grantAccess (pubkey, permissionTable, name, function(err) {
});

revokeAccess (pubkey, function(err) {
});

// Revoke all
revokeAllAccesses (function(err) {
});

// List access permission
listAccesses(function(err, accesses) {
});

// List log of access
[...]

Permission Table

 readBalance: true,
 readHistory: true,
 proposeTransactions: true,
 rejectTransactions: true,
 createAddresses: true,

or API fn names directly.

Request header

x-identity: f(pubkey)
x-signature: f(privkey, request)

Should work as -p password or -p and the the passwor is entered interactively.

See #129

$ ./bit import nofile.dat

fs.js:438
  return binding.open(pathModule._makeLong(path), stringToFlags(flags), mode);
                 ^
Error: ENOENT, no such file or directory 'nofile.dat'

• wallet name
• m-of-n
• list of copayers already in

Trying to create a proposal should send different errors if the funds are locked or you don't have enough funds

Error: Illegal State.
at Object.validatorFunctions.checkState (/Users/matiaspando/bws/node_modules/preconditions/src/validatorFunctions.js:198:13)
at API.getTxProposals (/Users/matiaspando/bws/lib/client/api.js:435:5)
at /Users/matiaspando/bws/bit-wallet/bit-reject:18:10
at /Users/matiaspando/bws/bit-wallet/cli-utils.js:64:16
at /Users/matiaspando/bws/lib/client/api.js:254:21
at Request._callback (/Users/matiaspando/bws/lib/client/api.js:201:21)
at self.callback (/Users/matiaspando/bws/node_modules/request/request.js:344:22)
at Request.emit (events.js:95:17)
at Request.onRequestError (/Users/matiaspando/bws/node_modules/request/request.js:961:8)
at ClientRequest.emit (events.js:95:17)

For example:

./bit mywalletname 2-2 myusername 

Missing "create".