No Branch/Tag Specified
chat
custom_themes
danger
dev
duke
importviewkey
master
no_mining_until_synced
old_duke
onryo
recurring
0.4.0
0.4.1
0.4.2
0.4.3
0.5.0
0.5.1
0.5.10
0.5.11
0.5.3
0.5.4
0.5.5
0.6.0
0.6.1
0.6.10
0.6.11
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.9
1.4.2
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v0.2.9
v0.3.0
v0.3.1
v0.3.2
v0.5.2
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.9.0
v0.9.1
v0.9.2
v1.0.0
v1.1.0
v1.2.0
v1.3.0
v1.3.1
v1.4.0
v1.4.1
v1.4.2
Labels
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it tor
related to tor translation
translation update windows
related to windows wontfix
this won't be fixed
Apply labels
Clear labels
0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it tor
related to tor translation
translation update windows
related to windows wontfix
this won't be fixed
No Label
0-500 bounty
2001-5000 bounty
501-2000 bounty
arm
beginners
bug
build
documentation
feature
high priority
i2p
low priority
medium priority
question
release
tor
translation
windows
wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.
No due date set.
Dependencies
This issue currently doesn't have any dependencies.
Reference in new issue
There is no content yet.
Delete Branch '%!s(MISSING)'
Deleting a branch is permanent. It CANNOT be undone. Continue?
No
Yes
It's safer for all users for SD to not get price data by default. We cannot avoid the fact that even though we are using TLS, the server name is leaked by SNI during the beginning of the TLS handshake and so a network spy (such as a user ISP) knows that a computer is talking to coingecko.com (but not which page is requested).
Users that want price feed data can enable it explicitly via settings.
As an additional way to educate users who want to enable this, I want there to be a popup OK/Cancel modal when a user tries to enable the price feed. It should say something like "Enabling the price feed leaks metadata to your ISP and other network spies that your computer is accessing coingecko.com, but not which exact page or which currency you are choosing. Do you still want to enable the price feed?" If they hit OK, we write the price feed option to their config file to be ON, change the value of that variable in memory, and update the GUI. If Cancel, do nothing.
Latest commit on dev does the basics of this, needs to be tested. Currently it only affects this run of SD, it does not write anything to the config file yet. The popup when enabling prices has not been implemented yet. It seems that disabling the price feed never worked correctly.
@duke I will try testing tonight and can help with the popup if needed.
For reference and others testing, those config options are stored in
~/.config/Hush/SilentDragon.conf
Location will differ on other OSes. Change works correctly for me and defaults to off as long as I delete that config file first. Fresh installs with no history should default to off as intended.I do see
get_price
still being called somewhere regularly, but likely for updating UI only. Probably still a good idea to only call it if setting is enabled though. I see this output regularly:Could not find price of "btc" !!!
@fekt I agree, we shouldn't be calling any
get_price
functions if price is turned off.