decred / insight Goto Github PK

It appears it is related to daily UTC turnover (midnight) something is making it so blocks for that day aren't loaded correctly. Could have to do with back end being UTC but client in another.

As the title indicates, the Block Reward field is only displaying the PoW reward + developer subsidy and is not including the additional rewards going to the PoS voters.

Hello Team,
I have found path traversal attack on your website , so in this way attacker perform many attack to compromise your data. so you need to fix this issue asap.

Steps to Reproduce the issue :-
--->>Open this link

1. https://wallet.decred.org/..%c0%af%7BFILE%7D

Now you see there some directory of your website.

I'm not try to exploit this issue because it's illegal. Before someone do this so please fix this issue.

let me know if you need more info !

I'm working as a Security researcher Individual, so this bug eligible for any bounty ?

looking forward your reply !

Regards
Chand

They are referred to as atoms everywhere else in the software stack, so this should match as well.

Hi, I have a 20 DCR transaction unconfirmed for more than 48 hours
( d7ed6efe96a56e1bfa6b25c74c85b44844a00f267460cb95d7761b17f164bb69 )
There is something I can do to solve this problem?

We are still using the old logo, should update to the new one.

When a tx is not found via RPC request during Address.update it errors out incorrectly.

Appears that getTransaction in app/controllers/transactions.js has incorrect callback return.

Should return err and null txinfo, then above it should catch the err and carry on loading tx

Looking at this block, says Timestamp Apr 21, 2016 7:30:46 AM
https://mainnet.decred.org/block/00000000000027d17eb089a438675baa194bcda21029afa7a8692230f2b36f3d
transactions within it all say mined Apr 21, 2016 7:30:46 AM as well.

Yimp also shows Time 2016-04-21 16:30:46 for the same block
Blockhash: 00000000000027d17eb089a438675baa194bcda21029afa7a8692230f2b36f3d
http://yiimp.ccminer.org/explorer?id=1574&height=21267

But, here is the bug, https://mainnet.decred.org/blocks
going down the list, block 21267 says Apr 21, 2016 7:31:05 AM
and most all the other blocks listed look to have a skewed time as well.

These should parse and display what the actual data, block hashes/heights, and addresses are instead of just the OP_RETURN data.

when displaying a ticket that has an expiration

When viewing by block, such as, https://mainnet.decred.org/block/0000000000000820a74a33218178780b2672ca87cf0d538c951303d3ab178e06

transactions all have the same date so the sorting from #18 just seems to have a random effect. My suggestion for sorting is to order the block view by votes, tickets, then transactions, and with a sub sort by fee or fee rate.

https://mainnet.decred.org/address/DsbkwbFujPTuMEfCgTVpETLpXyZXCRFGeGN

Shows 3 transactions confirmed at the bottom in the transactions list.
Summary at the top shows only 2 confirmed transactions.
Unconfirmed section shows 1 transaction.

The user has reported the funds from the 3rd missing transaction are not showing up in their wallet. User is using the web wallet.

Would be useful for getting market cap info among other things. Coin indexes will want to be able to access the current coin supply.

For instance when a block is invalidated via vote, the coinbase tx is thereby invalidated and cannot be found. If this occurs the other stake transactions in the block should still load and be seen.

https://testnet.decred.org/block/000000000277ab71a267d289cb1e5a4fef769b9e6d3953ddc4b6bdeb06730ac6

example:
https://mainnet.decred.org/address/DshMNsvETDWpVoCe1re9NTAChiJagzsFV7J

You can see at the top it says, No. Transactions: 33019 , but the page only shows 10 transactions. This seems to be related to pagination, and could be connected to what was previously happening with #14

related to decred/dcrticketbuyer#58

https://mainnet.decred.org/tx/5161b980936ee934f0fc0025395bb91fdcd9b5fd89b8a77cc375c51159e7a46c

FEE: 0.07500000 DCR , SIZE: 297 BYTES , FEE RATE:0.25252525 DCR PER KB

0.25252525 * (297/1024) = 0.07324218

or are we suppose to divide by 1000?

0.25252525 * (297/1000) = 0.07499999925

This block is showing several transactions twice. See, 10 stake base transactions.
https://mainnet.decred.org/block/0000000000001c5f88b24da144df4a0626e3a8f592c844db051cc8399f8b1b2a

This block shows 80 subsidy commitments. 4x
https://mainnet.decred.org/block/00000000000002503f65a2143c0e40e0284a65ba46502da054320cfbf42dd139

https://mainnet.decred.org/address/Dcur2mcGjmENx4DhNqDctW5wJCVyT3Qeqkx

Seems that it will overload the server if called multiple times.

Please add a sameorigin to prevent clickjacking attack

https://mainnet.decred.org/address/Dshrg7MxaxqNDDV8DTFxZbNCqggPNdfxMyp

As the title indicates, blocks 0 and 1 in the block explorer sometimes show "value error" for the block reward field.

I imagine this is because of the special nature of the blocks where the genesis block has no subsidy and the block 1 is the block in which all of the initial airdrop and dev coins were created.

Currently there to no clear way of connecting a ticket and the vote or revocation it corresponds with.

Add the feature to now check a ticket for it being spent or not, then add a link to that if so.

from sambiohazard on decred IRC: just a suggestion: can we have 2 collapsing section one for newly generated coins at top which contains coinbase and votes, and second with 0-20 sstx on top and then regular tx after that. i said collapsing section cuz mostly people are interested in seeing sstx IMO so they can collapse newly generated coins section, which should be on top so subsidies are visible easily.
also include dev subsidy in newly generated coins section. one more suggestion: current design is only showing txid, i think people recognize tx by their address generally.

https://mainnet.decred.org/tx/23362693b2a855eb3fd50983ab16c1df59f5c1f645e390a7c439014219ce81d9

Looks like a subsidy commitment for 12.13 DCR

its actually 6.50133864 subsidy commitment and change of 5.62866136
"amountin": 12.2, "value": 6.50133864, sstxchange 5.62866136

Hi,
I'll keep these issues specific to each case. Starting from the top then:

1. The logo and navigation should vertically align with the content. First thing logo to the left, search bar being something trickier can either follow the grid or simply stay in the middle.

2. Search field text:
   Font: Source Sans Pro, Regular
   Color: #5a6d81
   Size: 13 px

• Centered to field
• Hides when clicked upon
• Type text begins aligned to left (next to icon)

3. Page names and dropdown (Blocks, Status, mDCR/DCR)
   Color: #ffffff
   Hover: Can stay as it is
   Selected/Activated: Box background #132f4b

Design documentation for reference: https://www.notion.so/eeter/mainnet-decred-org-29098479211a49b0ae1fa3ec55b83537

The blockchain has information about which transactions / addresses contain locked funds. Currently this information is now shown. It may be going into an addresses Final Balance.

The blocks page shows the block timestamp in normal time,
but the day on the left hand side of the page is in UTC,
and the pagination happens in UTC as well.
https://mainnet.decred.org/blocks

Other issues with the calendar selector are that it allows selecting of dates prior to Feb 8th for which there is no data. Also, when you open the calendar selector it defaults to todays date rather then the current date you are viewing.

Sometimes when going to https://mainnet.decred.org/blocks
It will say, "No blocks yet."
Because it thinks its the beginning of the day,..as measures in UTC.
Other times it will only show a few blocks of data.
Remove pagination by day. Pagination should be for a set number of blocks.

Feature request. Filter by transaction type.

In address view

• Incoming
• Outgoing

In block view,

• Votes
• Tickets
• Transactions

Due to update to blocks.time index.js can't use humanSince(block.time). Going to add unix time as well so it can ber parsed correctly.

Currently we forked a bit ago and would like to update to a more recently commit or dev a new api util instead of insight-api entirely. Either way insight frontend will remain roughly the same.

Many transactions will display Double spent attempt detected. From tx: xyz
But then clicking on the tx hash claimed, it says not found.
Since I am the owner of the input, I know that no double spent attempt was sent, so the alert is false.

When viewing by address, transactions are not ordered by date, and instead appear ordered randomly.

See this on all kinds of transactions that have many confirms, but insight is saying unconfirmed.