RubyGems - block_io - Versions diffs - 2.0.0 → 3.0.0 - Mend

block_io 2.0.0 → 3.0.0

Files changed (113) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eb3eee8a4c13ad41febe0e5f07271c0e9d8cab44cfc5540d898aa8802c89e334
-  data.tar.gz: 52c0524074d9ea5da705be0190b613c56e10b1f52f5bdd10bbac163a415ba2e5
+  metadata.gz: c7a878068a7ce224442ab3544657e2fb5de30dc68c43b00fd443c7c8ea35a61a
+  data.tar.gz: '09ad2302125ca6d86427637023439ffac4f8c1e7d6f477d098aeb6955d0f3be2'
 SHA512:
-  metadata.gz: 8b85df794d052257b15add0e7a298b6b3482f04eaa67db0d4fe8b944898fd8a9e00451a2f4f6b351f867a8e33db7694421b2a419102941e41b9543a0a5ba2048
-  data.tar.gz: b58bb5628274ac2609a6103e68ba0fe5b829705231ee4264126521703907b83e46da97b6ebc9a8698c5d3ff39c11685011fcd4aa6e3d287fdb5ead9e0553054d
+  metadata.gz: bb922e78d5c23c2e64b8259a688189eab1c20e654fa63389cc919d28a68030a0650101df2a32aecafbabb6ff639552e2698def07cd405638f0aea6bed32e7995
+  data.tar.gz: 940ff69d78033e939b150af65fc89944a8fd99a4296bab9c8314b5988508e2d093ec1e6c1295df37ebcbac4d31110fc70e3749d02a58da25585039594b872de6

data/{.appveyor.yml → .appveyor.yml-disabled} RENAMED Viewed

@@ -4,8 +4,6 @@ skip_tags: true
 environment:
   matrix:
-    - ruby_version: "23"
-    - ruby_version: "23-x64"
     - ruby_version: "24"
     - ruby_version: "24-x64"
     - ruby_version: "25"
@@ -14,6 +12,8 @@ environment:
     - ruby_version: "26-x64"
     - ruby_version: "27"
     - ruby_version: "27-x64"
+    - ruby_version: "30"
+    - ruby_version: "30-x64"
 install:
   - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%

data/.gitignore CHANGED Viewed

@@ -3,3 +3,4 @@ vendor/
 .bundle/
 *.gem
 *~
+.DS_Store

data/.travis.yml CHANGED Viewed

@@ -2,11 +2,11 @@ language: ruby
 os:
 - linux
 rvm:
-- 2.3
 - 2.4
 - 2.5
 - 2.6
 - 2.7
+- 3.0
 bundler_args: --jobs=2
 script:
 - bundle exec rspec

data/LICENSE CHANGED Viewed

@@ -1,6 +1,6 @@
 The MIT License (MIT)
-Copyright (c) 2014 BlockIo
+Copyright (c) 2021 BlockIo
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
 # BlockIo
-This Ruby Gem is the official reference client for the Block.io payments API. To use this, you will need the Dogecoin, Bitcoin, or Litecoin API key(s) from <a href="https://block.io" target="_blank">Block.io</a>. Go ahead, sign up :)
+This Ruby Gem is the official reference client for the Block.io's infrastructure APIs. To use this, you will need the Dogecoin, Bitcoin, or Litecoin API key(s) from <a href="https://block.io" target="_blank">Block.io</a>. Go ahead, sign up :)
 ## Installation
@@ -14,29 +14,30 @@ And then execute:
 Or install it yourself as:
-    $ gem install block_io -v=2.0.0
+    $ gem install block_io -v=3.0.0
 ## Changelog
+*04/14/21*: BREAKING CHANGES. Version 3.0.0. Remove support for Ruby < 2.4.0, and Windows. Behavior and interfaces have changed. By upgrading you'll need to revise your code and tests.
-*07/02/20*: BREAKING CHANGES. Version 2.0.0. Remove support for Ruby < 2.3.0. Behavior and interfaces have changed. By upgrading you'll need to revise your code and tests.
-*05/10/19*: Prevent inadvertent passing of PINs (user error).
-*06/25/18*: Remove support for Ruby < 1.9.3 (OpenSSL::Cipher::Cipher). Remove connection_pool dependency.
-*01/21/15*: Added ability to sweep coins from one address to another.
-*11/04/14*: Fix issue with nil parameters in an API call.
-*11/03/14*: Reduce dependence on OpenSSL. PBKDF2 function is now Ruby-based. Should work well with Heroku's libraries.
-*10/18/14*: Now using deterministic signatures (RFC6979), and BIP62 to hinder transaction malleability.
+## Important Notes
+* This gem depends on the bitcoinrb gem. By using this gem, your application will load the bitcoinrb gem as well with the Bitcoin namespace. It may conflict with another gem using the same namespace.
+* Transaction endpoints are updated as of v3.0.0.
+* See the examples/ folder for basic examples.
+* Be careful to test thoroughly before production.
+* Use of this software is subject to its LICENSE.
 ## Usage
 It's super easy to get started. In your Ruby shell ($ irb), for example, do this:
     require 'block_io'
-    blockio = BlockIo::Client.new(:api_key => "API KEY", :pin => "SECRET PIN")
+    blockio = BlockIo::Client.new(:api_key => "API KEY", :pin => "SECRET PIN")
-If you do not have your PIN, or just wish to use your private key backup directly, do this:
+If you do not have your PIN, or just wish to use your private key backup(s) directly, do this instead:
-    blockio = BlockIo::Client.new(:api_key => "API KEY", :keys => [BlockIo::Key.from_wif("PRIVATE KEY BACKUP")])
+    blockio = BlockIo::Client.new(:api_key => "API KEY")
+    blockio.get_balance
+    blockio.prepare_transaction(..., :keys => [BlockIo::Key.from_wif("PRIVATE_KEY_BACKUP_IN_WIF").private_key_hex])
 And you're good to go:

data/block_io.gemspec CHANGED Viewed

@@ -15,15 +15,15 @@ Gem::Specification.new do |spec|
   spec.files         = `git ls-files -z`.split("\x0")
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.required_ruby_version = '>= 2.3.0'
+  spec.required_ruby_version = '>= 2.4.0'
   spec.require_paths = ["lib"]
   spec.add_development_dependency "bundler", ">= 1.16", "< 3.0"
-  spec.add_development_dependency "rake", "~> 12.3", ">= 12.3.3"
+  spec.add_development_dependency "rake", "~> 13.0", ">= 13.0"
   spec.add_development_dependency "rspec", "~> 3.6", ">= 3.6"
-  spec.add_development_dependency "webmock", "~> 3.8", "< 4.0"
-  spec.add_runtime_dependency "ecdsa", "~> 1.2.0", ">= 1.2.0"
+  spec.add_development_dependency "webmock", "~> 3.12", "< 4.0"
+  spec.add_runtime_dependency "bitcoinrb", "~> 0.7.0", "= 0.7.0"
   spec.add_runtime_dependency "http", "~> 4.4.1", ">= 4.4.1"
-  spec.add_runtime_dependency "oj", "~> 3.10.6", ">= 3.10"
-  spec.add_runtime_dependency "connection_pool", "~> 2.2.3", ">= 2.2"
+  spec.add_runtime_dependency "oj", "~> 3.11", ">= 3.11"
+  spec.add_runtime_dependency "connection_pool", "~> 2.2.5", ">= 2.2"
 end

data/examples/basic.rb CHANGED Viewed

@@ -3,18 +3,42 @@
 # basic example: $ API_KEY=TESTNET_API_KEY PIN=YOUR_SECRET_PIN ruby basic.rb
 # bundler example: $ API_KEY=TESTNET_API_KEY PIN=YOUR_SECRET_PIN bundle exec ruby basic.rb
 #
-# adjust amount below if not using the Dogecoin Testnet
+# adjust amount below if not using the Litecoin Testnet
 require 'block_io'
-blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'], :pin => ENV['PIN'], :version => 2)
+blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'], :pin => ENV['PIN'])
 puts blockio.get_balance
 puts blockio.network
 # create the address if it doesn't exist
-puts blockio.get_new_address(:label => 'testDest')
-puts blockio.withdraw_from_labels(:from_labels => 'default', :to_label => 'testDest', :amount => '2.5')
+begin
+  puts blockio.get_new_address(:label => 'testDest')
+rescue BlockIo::APIException => e
+  puts e.to_s
+end
+puts " -- "
+# retrieve unspent outputs and other relevant data to create and sign the transaction
+# you will inspect the prepared transaction for things like network fees being paid, block.io fees being paid, validating what destination addresses receive how much, etc.
+prepared_transaction = blockio.prepare_transaction(:to_label => 'testDest', :amount => '0.012345')
+puts JSON.pretty_generate(prepared_transaction)
+puts " -- "
+# a summary of what's in the prepared transaction
+# for in-depth review of the transaction, look at the prepared_transaction object yourself
+puts JSON.pretty_generate(blockio.summarize_prepared_transaction(prepared_transaction))
+puts " -- "
+# once satisfied with the prepared transaction, create and sign it
+# inspect this again if you wish, it will contain the transaction payload in hexadecimal form you want Block.io to sign and broadcast
+transaction_data = blockio.create_and_sign_transaction(prepared_transaction)
+puts JSON.pretty_generate(transaction_data)
+puts " -- "
+# ask Block.io to sign and broadcast the transaction
+puts JSON.pretty_generate(blockio.submit_transaction(:transaction_data => transaction_data))
+puts " -- "
 puts blockio.get_address_balance(:labels => 'default,testDest')

data/examples/dtrust.rb CHANGED Viewed

@@ -1,25 +1,31 @@
-# creates a new destination address, withdraws from the default label to it, gets sent transactions, and the current price
+# creates a new dTrust destination address, sends coins to it, withdraws coins from it, gets sent transactions, and the current price
 require 'block_io'
 require 'json'
 # please use the Litecoin Testnet API key here
 puts "*** Initialize BlockIo library: "
-blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'], :pin => ENV['PIN'], :version => 2)
+blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'], :pin => ENV['PIN'])
 puts blockio.get_dtrust_balance
 puts blockio.network
 raise "Please use the LTCTEST network API Key here or modify this script for another network." unless blockio.network == "LTCTEST"
 # create 4 keys
-# you will generate your own private keys, for instance: key = BlockIo::Key.new. Just note down key.public_key and key.private_key somewhere safe before you use your keys to generate dTrust addresses.
-# if you already have hex private keys, load the keys with BlockIo::Key.new(private_key_hex). Ensure the key's .public_key matches what you expect.
+# you will generate your own private keys, for instance: key = BlockIo::Key.generate.
+# you will need to record key.to_wif (private key in Wallet Import Format (WIF)) somewhere safe before you use your keys to generate dTrust addresses.
+# if you already have hex private keys, load the keys (see below). Ensure the key's public_key (key.public_key_hex) matches what you expect.
 # WARNING: The keys below are just for demonstration, DO NOT use them on mainnets, DO NOT use insecurely generated keys
+# WARNING: You must ALWAYS use compressed public keys. Use of uncompressed public keys can lead to lost coins when using SegWit addresses.
+# these keys will use the appropriate coin's parameters. The library will know what network you're interacting with once you make a successful API call first, like blockio.get_dtrust_balance above
 keys = [
-  BlockIo::Key.new("b515fd806a662e061b488e78e5d0c2ff46df80083a79818e166300666385c0a2"), # alpha1alpha2alpha3alpha4
-  BlockIo::Key.new("1584b821c62ecdc554e185222591720d6fe651ed1b820d83f92cdc45c5e21f"), # alpha2alpha3alpha4alpha1
-  BlockIo::Key.new("2f9090b8aa4ddb32c3b0b8371db1b50e19084c720c30db1d6bb9fcd3a0f78e61"), # alpha3alpha4alpha1alpha2
-  BlockIo::Key.new("6c1cefdfd9187b36b36c3698c1362642083dcc1941dc76d751481d3aa29ca65") # alpha4alpha1alpha2alpha3
+  "b515fd806a662e061b488e78e5d0c2ff46df80083a79818e166300666385c0a2", # alpha1alpha2alpha3alpha4
+  "1584b821c62ecdc554e185222591720d6fe651ed1b820d83f92cdc45c5e21f", # alpha2alpha3alpha4alpha1
+  "2f9090b8aa4ddb32c3b0b8371db1b50e19084c720c30db1d6bb9fcd3a0f78e61", # alpha3alpha4alpha1alpha2
+  "6c1cefdfd9187b36b36c3698c1362642083dcc1941dc76d751481d3aa29ca65" # alpha4alpha1alpha2alpha3
 ].freeze
 dtrust_address = nil
@@ -29,15 +35,13 @@ begin
   # let's create a new address with all 4 keys as signers, but only 3 signers required (i.e., 4 of 5 multisig, with 1 signature being Block.io)
   # you will need all 4 of your keys to use your address without interacting with Block.io
-  signers = keys.map{|k| k.public_key}.join(',')
+  signers = keys.map{|x| BlockIo::Key.from_private_key_hex(x)}.map(&:public_key_hex).join(',')
   response = blockio.get_new_dtrust_address(:label => dtrust_address_label, :public_keys => signers, :required_signatures => 3, :address_type => "witness_v0")
   dtrust_address = response['data']['address']
-  raise response["data"]["error_message"] unless response["status"].eql?("success")
-rescue Exception => e
+rescue BlockIo::APIException => e
   # if this failed, we probably created the same label before. let's fetch the address then.
   puts e.to_s
@@ -49,7 +53,21 @@ end
 puts "*** Our dTrust Address: #{dtrust_address}"
 # let's deposit some coins into this new address
-response = blockio.withdraw_from_labels(:from_labels => 'default', :to_address => dtrust_address, :amount => '0.001')
+# blockio.prepare_transaction gets the appropriate data you need to create and sign your transaction. You will need to inspect it to ensure things are as expected yourself.
+prepared_transaction = blockio.prepare_transaction(:to_address => dtrust_address, :amount => '0.001')
+puts JSON.pretty_generate(prepared_transaction)
+puts " -- "
+puts JSON.pretty_generate(blockio.summarize_prepared_transaction(prepared_transaction))
+puts " -- "
+# blockio.create_and_sign_transaction creates the transaction client-side, and appends your signatures (if any)
+transaction_data = blockio.create_and_sign_transaction(prepared_transaction)
+# blockio.submit_transaction sends the signatures and transaction payload to Block.io so Block.io can add its signatures and broadcast the transaction to the network
+response = blockio.submit_transaction(:transaction_data => transaction_data)
 puts "*** Withdrawal response:"
 puts JSON.pretty_generate(response)
@@ -64,25 +82,26 @@ normal_address = blockio.get_address_by_label(:label => 'default')['data']['addr
 puts "*** Withdrawing from dtrust_address_label to the 'default' label in normal multisig"
-response = blockio.withdraw_from_dtrust_address(:from_labels => dtrust_address_label, :to_addresses => normal_address, :amounts => '0.0009')
-puts JSON.pretty_generate(response)
+# note use of prepare_dtrust_transaction instead of prepare_transaction, since this is a dTrust transaction
+# we're not doing any inspection here, but you will in your own code
+prepared_transaction = blockio.prepare_dtrust_transaction(:from_labels => dtrust_address_label, :to_addresses => normal_address, :amounts => '0.0009')
-# let's sign for the public keys specified
-signatures_added = BlockIo::Helper.signData(response["data"]["inputs"], keys)
+# create the transaction and sign it with the keys we've provided
+# we're signing the transaction partially by supplying only 3 of our 4 keys
+transaction_data = blockio.create_and_sign_transaction(prepared_transaction, keys.first(3))
-puts "*** Signatures added? #{signatures_added}"
+puts "*** Submitting transaction data:"
+puts JSON.pretty_generate(transaction_data)
-puts "*** Our (signed) request:"
-puts JSON.pretty_generate(response['data'])
+# if successful, you will get a transaction ID when you submit_transaction.
+response = blockio.submit_transaction(:transaction_data => transaction_data)
 # let's final the withdrawal
-puts "*** Finalize withdrawal: "
-puts JSON.pretty_generate(blockio.sign_and_finalize_withdrawal({:signature_data => response["data"]}))
+puts "*** Submit the transaction: "
+puts JSON.pretty_generate(response)
 # get the sent transactions for this dTrust address
 puts "*** Get transactions sent by our dtrust_address_label address: "
 puts JSON.pretty_generate(blockio.get_dtrust_transactions(:type => 'sent', :labels => dtrust_address_label))

data/examples/sweeper.rb CHANGED Viewed

@@ -4,26 +4,31 @@
 #
 # Contact support@block.io if you have any issues
-require "block_io"
+require 'block_io'
-blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'], :version => 2)
-puts blockio.get_balance
-puts blockio.network
+blockio = BlockIo::Client.new(:api_key => ENV['API_KEY'])
 to_address = ENV['TO_ADDRESS'] # sweep coins into this address
+private_key = ENV['PRIVATE_KEY'] # private key for the address from which you wish to sweep coins (WIF)
-from_address = ENV['FROM_ADDRESS'] # sweep coins from this address
-private_key = ENV['PRIVATE_KEY'] # private key for from_address
+# prepare the sweep transaction
+# you will inspect this data to ensure things are in order (the network fees you pay, the amount being swept, etc.)
+# the private key is used to determine the public key by prepare_sweep_transaction client-side
+# the private key never travels to Block.io
+prepared_transaction = blockio.prepare_sweep_transaction(:to_address => to_address, :private_key => private_key)
+puts JSON.pretty_generate(prepared_transaction)
+puts " -- "
-begin
-  response = blockio.sweep_from_address(:to_address => to_address, :private_key => private_key, :from_address => from_address)
+# create and sign the transaction
+# the signature is from the key you provided to prepare_sweep_transaction above
+transaction_data = blockio.create_and_sign_transaction(prepared_transaction)
+puts JSON.pretty_generate(transaction_data)
+puts " -- "
-  raise response["data"]["error_message"] unless response["status"].eql?("success")
+# submit the final transaction to Block.io for broadcast to the network, or
+# submit the transaction payload youself elsewhere (like using sendrawtransaction RPC calls with bitcoind, dogecoind, litecoind, etc.)
+response = blockio.submit_transaction(:transaction_data => transaction_data)
+puts JSON.pretty_generate(response)
+puts " -- "
-  puts "Sweep Complete: #{response['data']['amount_sent']} #{response['data']['network']} swept from #{from_address} to #{to_address}."
-  puts "Transaction ID: #{response['data']['txid']}"
-  puts "Network Fee Incurred: #{response['data']['network_fee']} #{response['data']['network']}"
-rescue Exception => e
-  puts "Sweep failed: #{e}"
-end
+puts "Transaction ID: #{response['data']['txid']}"

data/lib/block_io.rb CHANGED Viewed

@@ -1,15 +1,16 @@
 require "http"
 require "oj"
-require "ecdsa"
+require "bitcoin"
 require "openssl"
 require "securerandom"
 require "connection_pool"
 require_relative "block_io/version"
-require_relative "block_io/constants"
 require_relative "block_io/helper"
 require_relative "block_io/key"
 require_relative "block_io/client"
+require_relative "block_io/api_exception"
+require_relative "block_io/extended_bitcoinrb"
 module BlockIo

data/lib/block_io/api_exception.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module BlockIo
+  class APIException < Exception
+    attr_reader :raw_data
+    def set_raw_data(data)
+      @raw_data = data
+    end
+  end
+end

data/lib/block_io/chainparams/BTC.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "BTC"
+address_version: "00"
+p2sh_version: "05"
+bech32_hrp: 'bc'
+privkey_version: "80"
+extended_privkey_version: "0488ade4"
+extended_pubkey_version: "0488b21e"

data/lib/block_io/chainparams/BTCTEST.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "BTCTEST"
+address_version: "6f"
+p2sh_version: "c4"
+bech32_hrp: 'tb'
+privkey_version: "ef"
+extended_privkey_version: "04358394"
+extended_pubkey_version: "043587cf"

data/lib/block_io/chainparams/DOGE.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "DOGE"
+address_version: "1e"
+p2sh_version: "16"
+bech32_hrp: "doge"
+privkey_version: "9e"
+extended_privkey_version: "02fac398"
+extended_pubkey_version: "02facafd"

data/lib/block_io/chainparams/DOGETEST.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "DOGETEST"
+address_version: "71"
+p2sh_version: "c4"
+bech32_hrp: "tdge"
+privkey_version: "f1"
+extended_privkey_version: "0432a243"
+extended_pubkey_version: "0432a9a8"

data/lib/block_io/chainparams/LTC.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "LTC"
+address_version: "30"
+p2sh_version: "05"
+bech32_hrp: 'ltc'
+privkey_version: "b0"
+extended_privkey_version: "019d9cfe"
+extended_pubkey_version: "019da462"

data/lib/block_io/chainparams/LTCTEST.yml ADDED Viewed

@@ -0,0 +1,8 @@
+--- !ruby/object:Bitcoin::ChainParams
+network: "LTCTEST"
+address_version: "6f"
+p2sh_version: "3a"
+bech32_hrp: 'tltc'
+privkey_version: "ef"
+extended_privkey_version: "0436f6e1"
+extended_pubkey_version: "0436ef7d"

data/lib/block_io/client.rb CHANGED Viewed

@@ -20,16 +20,8 @@ module BlockIo
       @version = args[:version] || 2
       @hostname = args[:hostname] || "block.io"
       @proxy = args[:proxy] || {}
-      @keys = args[:keys] || []
-      @use_low_r = args[:use_low_r]
-      @raise_exception_on_error = args[:raise_exception_on_error] || false
+      @keys = {}
-      raise Exception.new("Keys must be provided as an array.") unless @keys.is_a?(Array)
-      raise Exception.new("Keys must be BlockIo::Key objects.") unless @keys.all?{|key| key.is_a?(BlockIo::Key)}
-      # make a hash of the keys we've been given
-      @keys = @keys.inject({}){|h,v| h[v.public_key] = v; h}
       raise Exception.new("Must specify hostname, port, username, password if using a proxy.") if @proxy.keys.size > 0 and [:hostname, :port, :username, :password].any?{|x| !@proxy.key?(x)}
       @conn = ConnectionPool.new(:size => args[:pool_size] || 5) { http = HTTP.headers(:accept => "application/json", :user_agent => "gem:block_io:#{VERSION}");
@@ -50,109 +42,175 @@ module BlockIo
       raise Exception.new("Parameter keys must be symbols. For instance: :label => 'default' instead of 'label' => 'default'") unless args[0].nil? or args[0].keys.all?{|x| x.is_a?(Symbol)}
       raise Exception.new("Cannot pass PINs to any calls. PINs can only be set when initiating this library.") if !args[0].nil? and args[0].key?(:pin)
       raise Exception.new("Do not specify API Keys here. Initiate a new BlockIo object instead if you need to use another API Key.") if !args[0].nil? and args[0].key?(:api_key)
-      if BlockIo::WITHDRAW_METHODS.key?(method_name) then
-        # it's a withdrawal call
-        withdraw(args[0], method_name)
-      elsif BlockIo::SWEEP_METHODS.key?(method_name) then
+      if method_name.eql?("prepare_sweep_transaction") then
+        # we need to ensure @network is set before we allow this
+        # we need to send only the public key, not the given private key
         # we're sweeping from an address
-        sweep(args[0], method_name)
-      elsif BlockIo::FINALIZE_SIGNATURE_METHODS.key?(method_name) then
-        # we're finalize the transaction signatures
-        finalize_signature(args[0], method_name)
+        internal_prepare_sweep_transaction(args[0], method_name)
       else
         api_call({:method_name => method_name, :params => args[0] || {}})
       end
     end
-    private
-    def withdraw(args = {}, method_name = "withdraw")
+    def summarize_prepared_transaction(data)
+      # takes the response from prepare_transaction/prepare_dtrust_transaction/prepare_sweep_transaction
+      # returns the network fee being paid, the blockio fee being paid, amounts being sent
-      response = api_call({:method_name => method_name, :params => args})
+      input_sum = data['data']['inputs'].map{|input| BigDecimal(input['input_value'])}.inject(:+)
-      if response["data"].key?("reference_id") then
-        # Block.io's asking us to provide client-side signatures
+      output_values = [BigDecimal(0)]
+      blockio_fees = [BigDecimal(0)]
+      change_amounts = [BigDecimal(0)]
-        encrypted_passphrase = response["data"]["encrypted_passphrase"]
-        if !encrypted_passphrase.nil? and !@keys.key?(encrypted_passphrase["signer_public_key"]) then
-          # encrypted passphrase was provided, and we do not have the signer's key, so let's extract it first
+      data['data']['outputs'].each do |output|
+        if output['output_category'] == 'blockio-fee' then
+          blockio_fees << BigDecimal(output['output_value'])
+        elsif output['output_category'] == 'change' then
+          change_amounts << BigDecimal(output['output_value'])
+        else
+          # user-specified
+          output_values << BigDecimal(output['output_value'])
+        end
+      end
+      output_sum = output_values.inject(:+)
+      blockio_fee = blockio_fees.inject(:+)
+      change_amount = change_amounts.inject(:+)
+      network_fee = input_sum - output_sum - blockio_fee - change_amount
+      {
+        'network' => data['data']['network'],
+        'network_fee' => '%0.8f' % network_fee,
+        "blockio_fee" => '%0.8f' % blockio_fee,
+        "total_amount_to_send" => '%0.8f' % output_sum
+      }
+    end
+    def create_and_sign_transaction(data, keys = [])
+      # takes data from prepare_transaction, prepare_dtrust_transaction, prepare_sweep_transaction
+      # creates the transaction given the inputs and outputs from data
+      # signs the transaction using keys (if not provided, decrypts the key using the PIN)
+      set_network(data['data']['network']) if data['data'].key?('network')
-          raise Exception.new("PIN not set and no keys provided. Cannot execute withdrawal requests.") unless @encryption_key or @keys.size > 0
+      raise "Data must be contain one or more inputs" unless data['data']['inputs'].size > 0
+      raise "Data must contain one or more outputs" unless data['data']['outputs'].size > 0
+      raise "Data must contain information about addresses" unless data['data']['input_address_data'].size > 0 # TODO make stricter
-          key = Helper.extractKey(encrypted_passphrase["passphrase"], @encryption_key, @use_low_r)
-          raise Exception.new("Public key mismatch for requested signer and ourselves. Invalid Secret PIN detected.") unless key.public_key.eql?(encrypted_passphrase["signer_public_key"])
+      private_keys = keys.map{|x| Key.from_private_key_hex(x)}
-          # store this key for later use
-          @keys[key.public_key] = key
+      # TODO debug all of this
+      inputs = data['data']['inputs']
+      outputs = data['data']['outputs']
-        end
+      tx = Bitcoin::Tx.new
-        if @keys.size > 0 then
-          # if we have at least one key available, try to send signatures back
-          # if a dtrust withdrawal is used without any keys stored in the BlockIo::Client object, the output of this call will be the previous response from Block.io
-          # we just need reference_id and inputs
-          response["data"] = {"reference_id" => response["data"]["reference_id"], "inputs" => response["data"]["inputs"]}
-          # let's sign all the inputs we can
-          signatures_added = (@keys.size == 0 ? false : Helper.signData(response["data"]["inputs"], @keys))
-          # the response object is now signed, let's stringify it and finalize this withdrawal
-          response = finalize_signature({:signature_data => response["data"]}, "sign_and_finalize_withdrawal") if signatures_added
-          # if we provided all the required signatures, this transaction went through
-          # otherwise Block.io responded with data asking for more signatures and recorded the signature we provided above
-          # the latter will be the case for dTrust addresses
-        end
+      # populate the inputs
+      inputs.each do |input|
+        tx.in << Bitcoin::TxIn.new(:out_point => Bitcoin::OutPoint.from_txid(input['previous_txid'], input['previous_output_index']))
       end
-      response
+      # populate the outputs
+      outputs.each do |output|
+        tx.out << Bitcoin::TxOut.new(:value => (BigDecimal(output['output_value']) * BigDecimal(100000000)).to_i, :script_pubkey => Bitcoin::Script.parse_from_addr(output['receiving_address']))
+      end
-    end
-    def sweep(args = {}, method_name = "sweep_from_address")
-      # sweep coins from a given address and key
+      # some protection against misbehaving machines and/or code
+      raise Exception.new("Expected unsigned transaction ID mismatch. Please report this error to support@block.io.") unless (data['data']['expected_unsigned_txid'].nil? or
+                                                                                                                        data['data']['expected_unsigned_txid'] == tx.txid)
-      raise Exception.new("No private_key provided.") unless args.key?(:private_key) and (args[:private_key] || "").size > 0
+      # extract key
+      encrypted_key = data['data']['user_key']
-      key = Key.from_wif(args[:private_key], @use_low_r)
-      sanitized_args = args.merge({:public_key => key.public_key})
-      sanitized_args.delete(:private_key)
-      response = api_call({:method_name => method_name, :params => sanitized_args})
-      if response["data"].key?("reference_id") then
-        # Block.io's asking us to provide client-side signatures
+      if !encrypted_key.nil? and !@keys.key?(encrypted_key['public_key']) then
+        # decrypt the key with PIN
-        # we just need the reference_id and inputs
-        response["data"] = {"reference_id" => response["data"]["reference_id"], "inputs" => response["data"]["inputs"]}
+        raise Exception.new("PIN not set and no keys provided. Cannot sign transaction.") unless @encryption_key or @keys.size > 0
-        # let's sign all the inputs we can
-        signatures_added = Helper.signData(response["data"]["inputs"], [key])
+        key = Helper.extractKey(encrypted_key['encrypted_passphrase'], @encryption_key)
+        raise Exception.new("Public key mismatch for requested signer and ourselves. Invalid Secret PIN detected.") unless key.public_key_hex.eql?(encrypted_key["public_key"])
-        # the response object is now signed, let's stringify it and finalize this transaction
-        response = finalize_signature({:signature_data => response["data"]}, "sign_and_finalize_sweep") if signatures_added
+        # store this key for later use
+        @keys[key.public_key_hex] = key
+      end
-        # if we provided all the required signatures, this transaction went through
+      # store the provided keys, if any, for later use
+      private_keys.each{|key| @keys[key.public_key_hex] = key}
+      signatures = []
+      if @keys.size > 0 then
+        # try to sign whatever we can here and give the user the data back
+        # Block.io will check to see if all signatures are present, or return an error otherwise saying insufficient signatures provided
+        i = 0
+        while i < inputs.size do
+          input = inputs[i]
+          input_address_data = data['data']['input_address_data'].detect{|d| d['address'] == input['spending_address']}
+          sighash_for_input = Helper.getSigHashForInput(tx, i, input, input_address_data) # in bytes
+          input_address_data['public_keys'].each do |signer_public_key|
+            # sign what we can and append signatures to the signatures object
+            next unless @keys.key?(signer_public_key)
+            signature = @keys[signer_public_key].sign(sighash_for_input).unpack("H*")[0] # in hex
+            signatures << {"input_index" => i, "public_key" => signer_public_key, "signature" => signature}
+          end
+          i += 1 # go to next input
+        end
       end
-      response
+      # if we have everything we need for this transaction, just finalize the transaction
+      if Helper.allSignaturesPresent?(tx, inputs, signatures, data['data']['input_address_data']) then
+        Helper.finalizeTransaction(tx, inputs, signatures, data['data']['input_address_data'])
+        signatures = [] # no signatures left to append
+      end
+      # reset keys
+      @keys = {}
+      # the response for submitting the transaction
+      {"tx_type" => data['data']['tx_type'], "tx_hex" => tx.to_hex, "signatures" => (signatures.size == 0 ? nil : signatures)}
     end
-    def finalize_signature(args = {}, method_name = "sign_and_finalize_withdrawal")
+    private
+    def internal_prepare_sweep_transaction(args = {}, method_name = "prepare_sweep_transaction")
-      raise Exception.new("Object must have reference_id and inputs keys.") unless args.key?(:signature_data) and args[:signature_data].key?("inputs") and args[:signature_data].key?("reference_id")
+      # set the network first if not already known
+      api_call({:method_name => "get_balance", :params => {}}) if @network.nil?
-      signatures = {"reference_id" => args[:signature_data]["reference_id"], "inputs" => args[:signature_data]["inputs"]}
+      raise Exception.new("No private_key provided.") unless args.key?(:private_key) and (args[:private_key] || "").size > 0
-      response = api_call({:method_name => method_name, :params => {:signature_data => Oj.dump(signatures)}})
+      # ensure the private key never goes to Block.io
+      key = Key.from_wif(args[:private_key])
+      sanitized_args = args.merge({:public_key => key.public_key_hex})
+      sanitized_args.delete(:private_key)
+      @keys[key.public_key_hex] = key # store this in our set of keys for later use
+      api_call({:method_name => method_name, :params => sanitized_args})
     end
+    def set_network(network)
+      # load the chain_params for this network
+      @network ||= network
+      Bitcoin.chain_params = @network unless @network.to_s.size == 0
+    end
     def api_call(args)
@@ -166,9 +224,15 @@ module BlockIo
         body = {"status" => "fail", "data" => {"error_message" => "Unknown error occurred. Please report this to support@block.io. Status #{response.code}."}}
       end
-      raise Exception.new("#{body["data"]["error_message"]}") if !body["status"].eql?("success") and @raise_exception_on_error
+      if !body["status"].eql?("success") then
+        # raise an exception on error for easy handling
+        # user can extract raw response using e.raw_data
+        e = APIException.new("#{body["data"]["error_message"]}")
+        e.set_raw_data(body)
+        raise e
+      end
-      @network ||= body["data"]["network"] if body["data"].key?("network")
+      set_network(body['data']['network']) if body['data'].key?('network')
       body