i'm new to solana development and working on a personal project using the anchor framework.
I fould some resources like solana escrow example and some youtube videos on solana PDA but not able to understand it completely. What i want to achive is:
Let's sat there are two players A & B, both pay same amount (ex: 0.01 SOL) to the contract, based on a condition or i invoke a function (not sure how it's done) one of the player is paid the amount (winner).
How can i achive this using the solana (Anchor), i would really appreciate some resource.
Thanks 🙂
Couple things going on here -
Think of a PDA, 'Program Derived Address', as an account address derived from the address of your program and whatever you salt it with, instead of a random address. This is useful for storing some data that you'd like to be able to grab later without having to remember the address, and rather just needing to remember what you salt this with. In your case, you'd likely want to create an account with a PDA salted with some kind of GameID or player (for instance, player A creates a game, and you generate a PDA with your program address and player A's pubkey).
PaulX's Escrow Program is a excellent resource, however he is not using Anchor framework and is instead implementing it natively, which sounds out of scope for what you're working on.
I think my dutch token auction program may be of some use for you, as far as PDA's go. Additionally, check out the Solana Cookbook, or more specifically the section on sending SOL, which is a method within the SystemProgram.
Solana/Anchor is awesome, but it's difficult without scouring the docs. The Solana Cookbook and the Anchor Discord Server are your friends!
A common scam in the world of Binance Smart Chain tokens is to launch a new token/contract that to the average person looks enticing, but when buyers purchase the tokens, they soon find that they are unable to sell them, and thus have lost their money.
I have heard it said that the developers of the token accomplish this by “blacklisting” all other wallets except their own from selling, but I am not sure how accurate (or how literal vs euphemistic) that explanation is.
Some people try to avoid this type of scam by making a test purchase/sale of a negligible amount to make sure the tokens is able to be sold.
My question is: are there particular functions/settings in the contract that could be scanned for and checked to identify whether or not a coin is this type of scam, instead of having to make a test purchase to find out?
Yes,
if owner set swapandliquify to false all the swaps could be locked. some people reported that scammers are using uniswapv2pair same way.
compiler version 0.5.17 has a lot of exploits/bugs too.
we at cointutu have an everyday challenge fighting against BSC scams.
we want to do something that's relatively common among mobile games. We want to reset our Facebook scoreboard every week. I am surprised to find that - looking around - there is no automatic way to do this.
Is it in the plans to offer this functionality? A probably easier thing on Facebook's end that would work for us is if when we ask for friends scores, we get the date of each score, so we can then filter out the scores that are too old.
Other than that, it seems that we'd have to write a Windows Service or Cron task to call the Facebook every week and do this (or do it manually from Putty or other tool), neither of which seem accceptable for this small task.
Thank you and let us know!
-Brian Hunsaker
Technical Director # DarkTonic Games
There's no way to tell Facebook to wipe your app's Scores automatically, but you only need to make a single API call to wipe all scores:
https://graph.facebook.com/[APP ID]?access_token=[APP ACCESS TOKEN]&method=delete
This is mentioned here:
https://developers.facebook.com/docs/score/
The call to delete all the scores from your facebook App is as follows (may have changed):
https://graph.facebook.com/[APP ID]/scores?access_token=[APP TOKEN]&method=delete
it should return true.
We were having a beer talk and have something to clear out.
Is the following conclusion correct:
When I put a facebook-like-button-box on my page, does facebook know
every time I'm on that page, even if i'm not logged in.
basically the same as google analytics
if this nis correct, it should be possible to sandbox, the like-button until someone will use it. Then facebook gets only informations when the user actively confirms that.
cheers endo
No, they can't directly track you if you are not logged in and you view an external "like" button. They can, however, set a tracking cookie that identifies you when you sign in, which would allow them to match the tracking data in the current session to you.
One of Facebook's primary revenue streams comes from the analysis and sale of market trend information. They can analyse the likes and comment keywords of certain user clusters (e.g. middle-aged American females, teenagers in college, etc) and use these to produce statistics about market patterns and trends. They can also use keyword analysis to tell a company how many people are talking about something, e.g. "how many people have mentioned my latest blockbuster film?"
You could simply move the image and JavaScript code away from the Facebook servers and host it locally to avoid them from tracking your users.
In pre-emption of the "FACEBOOK = EVIL" arguments:
In the end, though, is it really a big issue? Some people see Facebook as this massive life-infringing uncaring supercorporation, but in reality they're just making a buck through completely anonymous statistics. No human being (or sentient robot) views your preferences, browser tracking data, or personal information. Everything is anonymised and turned into a bunch of numbers relating to a group. Sure, they could screw everyone over and be evil, but why bother when you already make that much money legitimately?
Problem
At work we have a department wiki (running Mediawiki). Unfortunately several
persons edit without logging in, and that makes it very difficult to track
down editors to ask questions about the content.
There are two strategies to improve this
encourage logged in editing
discourage anonymous editing.
Encouraging
For this part, any tips are welcome. But of course there is always risks involved
in rewarding behaviours.
Discourage
I know that this must be kept low or else it will discourage any editing.
But something just slightly annoying would be nice to have.
[update]
I know it is possible to just disallow anonymous editing, but that will put a high barrier to any first time contribution (especially for people outside our department!), so I do not think that is an option.
[/update]
[update2]
Using LDAP or Active Directory does not solve the problem since the wiki is also accessible and used by external contractors.
[/update2]
[update3]
I am no longer working for this company. That does not mean that I completely have lost interest in this question, but from my current interest point the most valuable part is the "Did you forget to log in?" part below, and I will accept answers based on this part of the question.
[/update3]
Confirmation
One thought was to have an additional confirmation step for anonymous users -
"Are you really sure you want to submit this anonymously?", although with
such a question there is a risk that people will give up or resist editing. However,
if that question is re-phrased in a more diplomatic way as "Did you forget
to log in?" I think it will appear as much more acceptable. And besides that
will also capture those situations where the author did in fact forget to
log in, but actually would want to have his/her contributions credited
his/her user. This last point is by itself a good enough reason for wanting it.
Is this possible?
Delay
Another thought for something to be slightly annoying is to add an extra
forced delay after "save page" displaying something like "If you had logged
in you would not have to wait x seconds". Selecting a right x is difficult
because if it is to high it will be a barrier and if it too low might not
make any difference. But then I started thinking, what about starting at
zero and then add one second delay for each anonymous edit by a given IP
address in a given time frame? That way there will be no barrier for
starting to use the wiki, and by the time the delay is getting significant
the user has already contributed a lot so I think the outcome is much
more likely to be that the editor eventually creates a user rather than
giving up. This assumes IP addresses are rather static, but that is very
typically is the case in a business network.
Is this possible?
You can Turn off Anonymous Editing in Mediawiki like so:
Edit LocalSettings.php and add the following setting:
$wgDisableAnonEdit = true;
Edit includes/SkinTemplate.php, find $fname-edit and change the code to look like this (i.e., basically wrap the following code between the wfProfileIn() and wfProfileOut() functions):
wfProfileIn( "$fname-edit" );
global $wgDisableAnonEdit;
if ( $wgUser->mId || !$wgDisableAnonEdit) {
// Leave this as is
}
wfProfileOut( "$fname-edit" );
Next, you may want to disable the [Edit] links on sections. To do this, open includes/Skin.php and search for editsection. You will see something like:
if (!$wgUser->getOption( 'editsection' ) ) {
Change that to:
global $wgDisableAnonEdit;
if (!$wgUser->getOption( 'editsection' ) || !$wgDisableAnonEdit ) {
Section editing is now blocked for anonymous users.
Forbid anonymous editing and let people log in using their domain logins (LDAP). Often the threshold is the registering of a new user and making up username and password and such.
I think you should discourage anonymous edits by forbidding them - it's an internal wiki, after all.
The flipside is you must make the login process as easy as possible. Hopefully you can configure the login cookie to have a decent length (like 1 month) so they only need to login once per month.
Play to the people's egos, and add a rep system kind of like here. Just make a widget for the home page that shows the number of edits made by the top 5 users or something. Give the top 1 or 2 users a MVP reward at regular (monthly?) intervals.
Well, I doubt that this solution will be valuable for hlovdal, given that this question is now two months old, but maybe somebody else will find it useful:
The optimum solution to this problem is to enable automatic logins. This requires two steps. First, you need to add automatic authentication to your web service. Right now, we're using Apache with the Debian usn-libapache2-authenntlm-perl package on our internal application server*. (Our network is Active Directory and, obviously, the server runs on Debian Linux.) Second, you need a MediaWiki extension that makes MediaWiki aware of the web service's authentication. I've used the Automatic REMOTE_USER Authentication module successfully on an Apache web server that was tied into our network via an NTLM authentication module, but I do recall that it required a bit of massaging the code to make it work:
I had to follow the "horrid hacks" given on the extension's page, changing the setPassword() and addUser() functions to always return true instead of always returning false.
Since Active Directory is case-insensitive and MediaWiki isn't, I replaced both instances of the statement $username = $_SERVER['REMOTE_USER'] with $username = getCanonicalName($_SERVER['REMOTE_USER']).
Since I wanted to only allow certain people within the company to use our wiki, I set autoCreate() to always return false. It doesn't sound as if you need to worry about this, so you should leave autoCreate() at always returning true, which means that anybody on your company network will be able to access the wiki.
The nifty thing about this solution is that nobody has to log in into the wiki, ever; they simply go to a wiki page and they are logged in under their network ID.
* We just switched to this from a Red Hat server that was using mod_ntlm. Unfortunately, mod_ntlm hasn't been updated in a while and it's been starting to sporadically fail. I mention this because I've started to stumble on a performance issue with our current MediaWiki configuration that may require further code massaging....
Make sure users don't get logged out if they look away from the screen or sneeze or scratch their head. You want long, persistent, sessions. Once logged in, stay logged in.
That's the problem with the MediaWiki our company is using internally - you log in, do stuff, then come back later and it logged you out, but the notification of not being logged in anymore is so insignificant on the screen that the user never notices.
If this runs within an internal network, you could pull Active Directory information so that no one has to log in, ever. That's how I do it at work. That is, if they are logged into their windows machine, then my webapps can pick up their username and associate that (or their userid) with their edits.
I don't know if this would be easy to add to MediaWiki, though.
I'd recommend checking out wikipatterns.org - a great site about the social aspects of wikis
Explicitly using some form of directory service (LDAP) would probably be a good idea, so that your users are always fully identified. On the other hand, wikis are subject to their own dynamics, in fact some wikis are so successful because they can be anonymously edited, so that's another thing to keep in mind.
Apart from that, personally I'd try to create some sort of incentive for users to contribute openly and identifiable: this could be based on a point/score system so that there are stats shown for all users who have contributed to the wiki each day, this could possibly even create some sort of competition.
Likewise, the wiki could by default not show any anonymously contributed contents without them being reviewed first, which would be another incentive for users to contribute openly.
SO has an extremely low barrier for posting. You could allow people to specify their name when making an edit. When they are ready, they can finally log in to avoid having to type their name all the time.
You said this is in a departmental situation. Can't you add a feature to the wiki where it makes an educated guess as to who is editing based on the IP address, and annotates the edit accordingly?
I agree absolutely with everyone who recommends carefully researching the effects of anonymity in your application before you start "forbidding" it. In a great many cases people prefer anonymous editing because they DO NOT WANT TO BE ASKED ABOUT IT, IDENTIFIED WITH IT, OR SUFFER SOME PROBLEM FOR POINTING IT OUT. You need to be VERY sure these factors are not driving users to prefer anonymous edits, and frankly you should continue to allow anonymized edits with a generic credential login like "anonymous_employee" or "anonymous_contractor", in case someone wants to point out an issue without becoming identified with it.
Re the "thought... to have an additional confirmation step for anonymous users- "Are you really sure you want to submit this anonymously?", it's a good idea, but do not "re-phrase" in a way that suggests it is wrong to not be logged in as yourself, i.e. don't say "Did you forget to log in?" I'd instead note it this way:
"Your edit will appear as an IP number - it may be attributed to 'anonymous_employee' or 'anonymous_contractor' or 'anonymous_contributor' for your privacy protection. You will not be notified of any answer or response to it. If you prefer to have this contribution credited, then [log in right now]."
That leaves it absolutely clear what will happen, doesn't pressure anyone to do it either way, and does not bias what is being contributed with some "rewards".
You can also, alternately, force a login via LDAP / cookies, and then ask them if they prefer this edit to be anonymous. That is the approach taken on some blog platforms. In an intranet the abuse potential for this is basically zero, so you would presumably only have situations where someone didn't want 'how they knew' or 'why they raised this' to be the question rather than the data itself... IBM has shown in some careful research that anonymized feedback is very much more useful than attributed in correcting groupthink & management blind sides.