- updated package-lock
- include sample .env file for easy reference
- continue to support key-by-key updating from credentials.js for now
- minor code formatting
- reflect status of BTCEXP_NO_RATES in UI when applicable (hide new exchanged-currency items from display dropdown and hide exchange rate on homepage)
- rename _LOGIN to _BASIC_AUTH_PASSWORD for clarity
- tweak README to call out .env-sample
This ensures a unique, hard-to-guess cookie secret for every instance.
Also, renamed from "cookiePassword" to "cookieSecret" to better express
its meaning.
- cleaner support for handling credentials (new app/defaultCredentials.js has the defaults, git-ignored app/credentials.js overwrites)
- update some dependencies
This makes the protocol (either `tcp` or `tls`) for the electrum server
configurable, to allow communicating with an electrum server without tls
encryption.
This commit expands the rpc blacklist to cover all calls that could leak
sensitive information about the wallet of the bitcoin node or that could
cause the operator to lose funds. It also alphabetizes the blacklist.
before this change, searching for a 64-char string that didn't correspond to a block hash would fail due to lack of proper error handling on the RpcError response when running the interpret-string-as-blockhash step
- in tx history, request/display all inputs to get correct gain/loss values
- cross referencing for txid history from electrum
- include genesis coinbase values for genesis coinbase output address (electrum ignores the genesis coinbase TX and +50 value, but for consistency with the rest of this tool they're included)
- banner describing the electrum trust model
- ui tweaks including showing gain/loss for each address tx history item
Dan Janosik
Nadav Ivgi
Daniel McNally
Dan Janosik