It's Finally Here: SteemAX 1.0 Beta Official Release

Repository

https://github.com/artolabs/steemax

SteemAX 1.0 Beta Now Released!

I'm very proud to announce the first official release of SteemAX 1.0 Beta is here and is now online. It's been at least a 4 month journey coding SteemAX and now that I rest at it's pinnacle and look back I can see the long trail from whence I came.

I want to personally thank Utopian.io and all of the moderators

that have contributed their feedback during the development of SteemAX. Utopian.io has definitely given us the incentive to build this project; they are an indispensable resource. I recommend that all open-source developers discover Utopian.io; it's paving the way towards the future.

I want to especially thank @amosbastian

His reviews of work done for SteemAX have been informative, helpful, but most importantly, contained as much positive feedback as constructive criticism. I speak for all developers when I say we really appreciate that!

Sincerely, Project Owner Michael Betthauser (a.k.a. Mike-A)

hiker_to_logo_cropped.png

Could SteemAX Change The Shape of Steemit?


SteemAX is an auto upvote exchange program that lets Steemians swap votes with each other for an agreed upon length of time.



This is a sorely needed application, especially in the light of the current drop in the price of Steem and the current drop in user participation. A very informative article from just a few days ago laid out very good analysis of the Steemit platform. The author writes:

A potential explanation may be that the drop off in users is connected with the recent downward price movements of STEEM, with users exiting the platform as they witness the value of their stakes diminishing, a possible negative correlation between Steemit usage, and STEEM price.

https://bravenewcoin.com/news/steem-price-analysis-running-out-of-puff/

A lot of newcomers to Steemit do not feel like they have an active way to increase their potential. Without the intervention of a whale or a sizable investment from their own pocket newcomers feel like they have no avenue to pursue gaining the interest of loyal upvoters. If it takes upvotes to get seen, who will get the upvotes to see their content without any upvotes? It's a newcomer paradox.

Other social media platforms solve this need for their users usually by providing a function such as "friending" the other account; an action that sends an invitation and demands authentication by both parties, dissimilar to merely "following" an account. SteemAX now provides a way for Steemit users to actively seek the same kind of reciprical support when they invite another Steemian to an exchange. The initiation of the exchange creates the same two-party authentication, which is psychologically more bonding, and alerts both parties that a human is interested in their blog.

The exchange can be disproportional

allowing accounts with higher influence and more steem power to upvote at a higher value than is possible for a newcomer or minnow. This is a crucial feature as it helps "distribute the wealth" without having to revamp the entire system. It gives a Steemian something constructive they can do and feel like they're not just a passive participant waiting for a handout.

SteemAX Benefits The Whole System

As an account accumulates more Steem Power the problem One may encounter is the inability to distribute their upvote consistently.

Think about how much Steem is not given out and left undistributed when an account with a lot of Steem Power becomes inactive, perhaps while the user goes on vacation. This is the exact problem that led whales to create bid bots in the first place. They saw the ethical/technical/economic need to distribute their upvote far and wide. They also realized it wasn't enough to upvote 100% at 10 times per day (the perfect ratio needed to not deplete One's voting power), because this does not create enough blocks for the witnesses to process in proportion to the amount of Steem leaving the reward pool.

It's the number of blocks the witnesses process that determines the amount of Steem generated into the reward pool.

This is what caused @BernieSanders to initiate the First Great Steemit Flag War against @Haejin, who by self-upvoting (by proxy) 100% at 10 times per day was essentially "raping" the reward pool.

But who has time to upvote that many posts?

Unfortunately, bid bots are blind and will upvote anything and everything for the right price. Bid bot owners have set the ratio between the bot's upvote and their customer's bid so that the returned upvote has the potential to be profitable in and of itself. Although this may help whales distribute their votes, it does nothing for the quality of content on Steemit.

SteemAX solves this problem by automatically distributing upvotes in the same way that bid bots do but by individual, mutual agreement. I believe individual Steemians will only make exchanges with accounts they think will support them, and that they wish to support. By making exchanges a personal, one-on-one "invite" Steemians are unlikely to make exchanges with spammers.

climb_logo_cropped.png

Security

SteemAX employs a number of methods to ensure that spammers are deterred from making exchanges and that Steemian's private keys are kept safe.

ReCaptcha

ReCaptcha is Google's captcha tool and helps prevent spam by making users solve puzzles only humans can solve before submitting a SteemAX invite. Spammers will not be able to use automated software to create invites. SteemAX is also designed so that to start an exchange (and have the invite sent) requires sending SBD to @steem-ax (which is then forwarded to the invitee). This also helps prevent spam as sending just one invite is only 0.001 SBD, but sending hundreds of thousands of invites becomes both financially as well as laboriously cost prohibitive.

ReCaptcha also helps to prevent numerous exploits such as these listed in the OWASP website:

  • enumeration attacks (login, registration or password reset forms are often vulnerable to enumeration attacks - without CAPTCHA the attacker can gain valid usernames, phone numbers or any other sensitive information in a short time)

  • automated sending of many GET/POST requests in a short time where it is undesirable (e.g., SMS/MMS/email flooding), CAPTCHA provides a rate limiting function

  • automated posting to blogs, forums and wikis, whether as a result of commercial promotion, or harassment and vandalism

  • any automated attacks that massively gain or misuse sensitive information from the application

Recaptcha in combination with SteemConnect (see below) is also a practical form of preventing cross site request forgery because:

SteemAX is Session-less and Stateless

SteemAX does not use cookies or a session ID to keep track of login state as only one form is submitted. Users must validate a captcha as well as have a valid SteemConnect token to submit the single form. Users are required to login periodically through Steemconnect in order to keep submitting invites thus constantly refreshing the SteemConnect token.

User Data is Sanitized at Every Level of Data Processing

This is especially necessary for user data to be sanitized in the javascript code in order to prevent cross-site scripting attacks, as well as sanitizing the user data at other levels of data processing to prevent SQL injection attacks.

SteemAX uses as little APIs or frameworks as possible

By writing mostly new, original code, and by avoiding outside APIs such as WordPress, jQuery, Django, Bootstrap, Ruby on Rails, or many others, SteemAX has greatly reduced it's attack surface.

SteemConnect

SteemConnect is a service provided directly by Steemit Inc. that provides authentication to a user's account operations via temporary tokens rather than the user's private keys. Steemit Private WIF Keys are regarded as a high security risk and should not be stored in database driven systems. SteemConnect provides a way for a Steemit user to log in to a third party web application such as SteemAX and grant authority to that web application to execute account operations.

  • This gives SteemAX the authority to have a user's account upvote another account, but without storing their highly secret, private keys.

  • SteemConnect also makes using SteemAX more convenient as a Steemit user simply needs to login to SteemAX using their already existing Steemit password.

steemconnect_login.png

How To Use SteemAX (A Brief Overview)

I plan on creating more complete documentation on how to use SteemAX, as well several video guides, so I won't go into too much detail here. I will, however, give a brief outline of how a Steemian can begin using SteemAX and a hint at a few strategies One might implement as well.

To Begin Simply Visit Https://steemax.trade

The user is asked to log into SteemAX using SteemConnect. They enter their Steemit password or secret posting key and grant steemax.app authority to use their account to upvote.

Once the user has logged in they will be presented with a form for creating an invitation to an exchange. This form contains inputs for the account name of the invitee, the percentage of the inviter's upvote, and the ratio between the inviter and the invitee's upvote, as well as the duration for which the exchange should last.

invite_form.png

Account Name

After entering a Steemit account name the user needs to press enter, click anywhere outside an input box, or tab to or click to a new input box in order to validate the account name and retrieve the vote value for that account. The user's vote value is displayed at the very top pf the page and the invitee's vote value above the account name input box. This will help the user determine the best ratio between upvotes (if other than 1:1).

Percentage

Now the user enters the percentage of their upvote value which they'd like to offer in the invite. Once entered, there will be an error message stating one of the vote values is too large since there is not yet a value for the ratio...

Ratio

The ratio is always presented as X:1, where X is the inviter's upvote, and 1 is the invitee's. When adjusting the ratio, however, the inviter is adjusting the vote value of the invitee. Previously the inviter adjusted their own vote value, now they're adjusting the invitee's vote value. For example, let's say the inviter has a vote value of $0.10 STU, and the invitee has a vote value of $1.00 STU. If the inviter choses 100% of their upvote at a 1:1 ratio the exchange would be $0.10 to $0.10 (inviter vs. invitee, inviter is always on the left). If the ratio is adjusted to 0.5:1 then the exchange will be $0.10 to $0.20. If it's adjusted to 2:1 then the exchange will be $0.10 to $0.05. If values are selected outside of a possible vote value the exchange will show an orange colored error indicating which side is too big.

In the future I plan for the percentage and ratio inputs to be replaced with sliders

so that adjusting the value and the output to screen are more apparent and fluid. The input feedback will better help the user to find the correct value.

See Your Exchanges By Visiting

Https://steemax.info/@youraccountname

After submitting the form at steemax.trade the user will be taken to steemax.info/@youraccountname where they will see a list of all of their current exchanges. Once they've created thier account this becomes a public page. Each exchange will list the inviter vs. invitee (inviter is always on the left) pair, percentage, ratio and duration along with the following buttons:

Start

An inviter must start an exchange before an invitee is sent the invite.

This is done by clicking the start button which will reveal the unique code that identifies this exchange.

start_code.png

The user then simply sends any amount of SBD (SBD only) to @steem-ax with this entire code in the memo field. (Notice the hyphen in @steem-ax!) The SBD they send is not kept by SteemAX but sent directly to the invitee.

send_start_code.png

After sending an invite (or a barter) the sender will see their exchange is "pending" as they wait for the other party to respond.

pending.png

Accept

When an invite is sent it contains a memo message that explains the invite to the invitee. If the invitee has never been to SteemAX before then the message directs the user to visit steemax.info/@theiraccountname. This will redirect them to log into steemax.trade, thus creating an account. If they already have an account this same URL will simply show them a list of all their exchanges.

receive_invite.png

An invitee can accept an exchange invitation by simply sending any amount of SBD to @steem-ax with the accept code in the memo field. A user can see their accept code either by visiting steemax.info/@theiraccountname or if they already have an account then the invite memo message will contain the same accept code. This makes accepting invites convenient as an experienced user will know that they do not have to visit steemax.info and can simply respond directly from their wallet using the code provided in the invite message.

receive_invite2.png

Barter

Bartering is similar to creating an invite. Clicking the "barter" button will bring up an overlay window where the user can enter in new values for the percentage, ratio and duration of the invite.

barter_form.png

barter_code.png

Once this form is submitted, a unique code is revealed. Like the other actions the user must then send any SBD with this code in the memo to @steem-ax. A barter message is then sent to the other party and they too will have a choice to barter or to accept the terms. Bartering can go on indefinitely until someone accepts.

receive_barter.png

receive_barter2.png

Cancel

At any time either party may cancel the exchange. Simply click the button to reveal the code and send it in the memo field with any SBD to @steem-ax. The SBD is forwarded to the other party to notify them of the cancellation.

Eligibility For Vote Exchange Rules

Once an invitation has been accepted the exchanges will begin to take place between the inviter and invitee for every post they create. To keep the system focused on newly created content the posts must meet the following conditions before votes will be exchanged:

  1. Both posts must be the most recent post.

  2. Both posts must be less than 6 days old.

To ensure that vote values are exchanged at the agreed percentage and ratio, if one of the values falls too far outside the parameters (because of loss of voting power, delegation, powering up or down) the exchange will not take place.

Exchanges can be set to run at any time but I currently have them running every 2 hours.

New Features

The features added to bring SteemAX to version 1.0 include finishing the buttons that reveal the unique memo code, the overlay form that enables the user to barter, as well as additional CSS to mobilize both steemax.trade and steemax.info.

Steps taken

    def expiration_date(self, timestamp, duration):
        end_date = (datetime.strptime(str(timestamp), '%Y-%m-%d %H:%M:%S')
                + timedelta(days=int(duration)))
        return (str(end_date.strftime("%B")) + " " 
                + str(end_date.day) + ", " 
                + str(end_date.year))


    def expire(self):
        self.get_results("SELECT ID, Duration, Time, Account1, Account2 FROM axlist WHERE 1;")
        for row in self.dbresults:
            if (datetime.strptime(str(row[2]), '%Y-%m-%d %H:%M:%S')
                    + timedelta(days=int(row[1])) < datetime.now()):
                self.commit("UPDATE TABLE axlist SET Status = '4' WHERE ID = '%s';", row[0])
                self.msg.message(row[3]+" vs. "+row[4]+" has expired.")



def exchange():
    ''' This method actualizes the exchange between Steemians.
    ID          row[0]
    Inviter     row[1]
    Invitee     row[2]
    Percentage  row[3]
    Ratio       row[4]
    Duration    row[5]
    MemoID      row[6]
    Status      row[7]
    Timestamp   row[8]
    '''
    db = axdb.AXdb(default.dbuser, 
                        default.dbpass, 
                        default.dbname)
    verify = axverify.AXverify()
    axlist = db.get_axlist()
    for row in axlist:
        print("Comparing "+str(row[1])+" vs. "+str(row[2]))
        if verify.eligible_posts(row[1], row[2]):
            print("Posts are eligible.")
            if verify.eligible_votes(row[1], 
                                row[2], 
                                row[3], 
                                row[4], 
                                2):
                print("Votes are eligible")
                accesstoken = db.get_user_token(row[1])
                verify.steem.connect.steemconnect(
                                accesstoken)
                result = verify.steem.connect.vote(
                                row[1], 
                                row[2], 
                                verify.post_two, 
                                int(row[3]))
                try:
                    result['error']
                except:
                    print(str(row[1])+" has voted on "
                                    +str(verify.post_two)+" "
                                    +str(row[3])+"%")                    
                else:
                    verify.msg.error_message(result)
                accesstoken2 = db.get_user_token(row[2])
                verify.steem.connect.sc = None
                verify.steem.connect.steemconnect(
                                accesstoken2)
                result = verify.steem.connect.vote(
                                row[2], 
                                row[1], 
                                verify.post_one, 
                                int(verify.vote_cut))
                try:
                    result['error']
                except:
                    print(str(row[2])+" has voted on "
                                    +str(verify.post_one)+" "
                                    +str(verify.vote_cut)+"%")
                else:
                    verify.msg.error_message(result)


  • Refactored the Javascript to make the callback functions flow more smoothly. Steem.js' asynchronous functions require that the SteemAX code wait for Steem.js to respond before performing vote calculations. The Javascript code now handles these callbacks more efficiently and with less code.

  • Expanded CSS into separate files, each containing the need values for the media queries made as the screen size adjusts between below 380, between 380 and 600, and 600 and above.

(This is just a small sample of all the code created for this submission to Utopian.io. Please see all commits made August 9, 2018 for complete details pertaining to the rest of the code.)

Technology Stack

SteemAX is written to use Python 3.5 and MySQL. The web interface for https://steemax.trade and https://steemax.info has been written in HTML, CSS and Javascript.

Roadmap

In the future more contributors will be brought into the fold
via Task Requests to help improve the functionality of the site and most especially the look and feel. After all, projects always benefit from the synergistic action of teamwork.

Contact

Please contact Mike (Mike-A) on Discord
https://discord.gg/97GKVFC

GitHub Account

https://github.com/artolabs

  • Images created from free, royalty free sources.
Sort:  

Thank you for your contribution. A great milestone I must say, though will it have any effect once HF20 comes live?

Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, click here.


Need help? Write a ticket on https://support.utopian.io/.
Chat with us on Discord.
[utopian-moderator]

Of course it will. STEEM is not going away. A new token will be introduced. However, this new token has no real value yet, 1 account = 1 token could still mean just $0.001 per upvote. And I assume these tokens will be exchanged in the same way STEEM is, with an upvote. so I imagine SteemAX will help people benefit from exchanging both STEEM and the GPT.

Thank you for your review, @codingdefined!

So far this week you've reviewed 7 contributions. Keep up the good work!

Congratulations! Your post has been selected as a daily Steemit truffle! It is listed on rank 11 of all contributions awarded today. You can find the TOP DAILY TRUFFLE PICKS HERE.

I upvoted your contribution because to my mind your post is at least 17 SBD worth and should receive 121 votes. It's now up to the lovely Steemit community to make this come true.

I am TrufflePig, an Artificial Intelligence Bot that helps minnows and content curators using Machine Learning. If you are curious how I select content, you can find an explanation here!

Have a nice day and sincerely yours,
trufflepig
TrufflePig

Hey @learnelectronics
Thanks for contributing on Utopian.
We’re already looking forward to your next contribution!

Want to chat? Join us on Discord https://discord.gg/h52nFrV.

Vote for Utopian Witness!

Congratulations @learnelectronics! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Congratulations! Links to your post and repository were included in the Steem.center wiki page Steem Ecosystem: S-Steemis. Thanks and good luck again!

Chic article. I learned a lot of new things. I signed up and voted. I will be glad to mutual subscription))))