More information here: https://nebl.io
Pull Requests Welcome
sudo apt-get update && sudo apt-get install git python python-pip qt5-default qt5-qmake qtbase5-dev-tools \
qttools5-dev-tools build-essential libssl-dev libdb++-dev libminiupnpc-dev \
libqrencode-dev libcurl4-openssl-dev libldap2-dev libidn11-dev librtmp-dev libsodium-dev -y
pip install requests
git clone https://github.com/NeblioTeam/neblio
cd neblio
python ./build_scripts/CompileOpenSSL-Linux.py
python ./build_scripts/CompileCurl-Linux.py
python ./build_scripts/CompileQREncode-Linux.py
python ./build_scripts/CompileBoost-Linux.py
export PKG_CONFIG_PATH=$PWD/curl_build/lib/pkgconfig/
export OPENSSL_INCLUDE_PATH=$PWD/openssl_build/include/
export OPENSSL_LIB_PATH=$PWD/openssl_build/lib/
export BOOST_INCLUDE_PATH=$PWD/boost_build/include/
export BOOST_LIB_PATH=$PWD/boost_build/lib/
export QRENCODE_INCLUDE_PATH=$PWD/qrencode_build/include/
export QRENCODE_LIB_PATH=$PWD/qrencode_build/lib/
cd wallet
make "STATIC=1" -B -w -f makefile.unix -j4
strip ./nebliod
cd wallet
qmake "USE_UPNP=1" "USE_QRCODE=1" "RELEASE=1" "QRENCODE_INCLUDE_PATH=$QRENCODE_INCLUDE_PATH" "QRENCODE_LIB_PATH=$QRENCODE_LIB_PATH" "BOOST_INCLUDE_PATH=$BOOST_INCLUDE_PATH" "BOOST_LIB_PATH=$BOOST_LIB_PATH" "OPENSSL_INCLUDE_PATH=$OPENSSL_INCLUDE_PATH" "OPENSSL_LIB_PATH=$OPENSSL_LIB_PATH" "PKG_CONFIG_PATH=$PKG_CONFIG_PATH" ../neblio-wallet.pro
make -B -w -j4
We cross compile the windows binary on Linux using MXE (Ubuntu recommended)
https://assets.nebl.io/dependencies/mxe.tar.gz
tar -xf mxe.tar.gz
sudo mv mxe /
export PATH=/mxe/mxe/usr/bin:$PATH
i686-w64-mingw32.static-qmake-qt5 "USE_UPNP=1" "USE_QRCODE=1" "RELEASE=1" neblio-wallet.pro
make -B -w -j4
brew update
brew fetch --retry qt && brew install qt --force
brew fetch --retry berkeley-db@4 && brew install berkeley-db@4 --force
brew fetch --retry boost && brew install boost --force
brew fetch --retry miniupnpc && brew install miniupnpc --force
brew fetch --retry curl && brew install curl --force
brew fetch --retry [email protected] && brew install [email protected] --force
brew fetch --retry qrencode && brew install qrencode --force
brew fetch --retry libsodium && brew install libsodium --force
brew unlink qt && brew link --force --overwrite qt
brew unlink berkeley-db@4 && brew link --force --overwrite berkeley-db@4
brew unlink boost && brew link --force --overwrite boost
brew unlink miniupnpc && brew link --force --overwrite miniupnpc
brew unlink curl && brew link --force --overwrite curl
brew unlink python && brew link --force --overwrite python
brew unlink [email protected] && brew link --force --overwrite [email protected]
brew unlink qrencode && brew link --force --overwrite qrencode
brew unlink libsodium && brew link --force --overwrite libsodium
qmake "USE_UPNP=1" "USE_QRCODE=1" "RELEASE=1" neblio-wallet.pro
make -B -w -j4
./contrib/macdeploy/macdeployqtplus ./neblio-Qt.app -add-qt-tr da,de,es,hu,ru,uk,zh_CN,zh_TW -verbose 1 -rpath /usr/local/opt/qt/lib
appdmg ./contrib/macdeploy/appdmg.json ./neblio-Qt.dmg
These parameters can be passed to nebliod or neblio-Qt at runtime. They can also be hardcoded in a neblio.conf file located in the data directory.
Usage:
nebliod [options]
nebliod [options] <command> [params] Send command to -server or nebliod
nebliod [options] help List commands
nebliod [options] help <command> Get help for a command
Options:
-? This help message
-conf=<file> Specify configuration file (default: neblio.conf)
-pid=<file> Specify pid file (default: nebliod.pid)
-datadir=<dir> Specify data directory
-wallet=<dir> Specify wallet file (within data directory)
-dbcache=<n> Set database cache size in megabytes (default: 25)
-dblogsize=<n> Set database disk log size in megabytes (default: 100)
-timeout=<n> Specify connection timeout in milliseconds (default: 5000)
-proxy=<ip:port> Connect through socks proxy
-socks=<n> Select the version of socks proxy to use (4-5, default: 5)
-tor=<ip:port> Use proxy to reach tor hidden services (default: same as -proxy)
-dns Allow DNS lookups for -addnode, -seednode and -connect
-port=<port> Listen for connections on <port> (default: 6325 or testnet: 16325)
-maxconnections=<n> Maintain at most <n> connections to peers (default: 125)
-addnode=<ip> Add a node to connect to and attempt to keep the connection open
-connect=<ip> Connect only to the specified node(s)
-seednode=<ip> Connect to a node to retrieve peer addresses, and disconnect
-externalip=<ip> Specify your own public address
-onlynet=<net> Only connect to nodes in network <net> (IPv4, IPv6 or Tor)
-discover Discover own IP address (default: 1 when listening and no -externalip)
-listen Accept connections from outside (default: 1 if no -proxy or -connect)
-bind=<addr> Bind to given address. Use [host]:port notation for IPv6
-dnsseed Find peers using DNS lookup (default: 1)
-staking Stake your coins to support network and gain reward (default: 1)
-coldstaking Enable cold-staking for this node (default: 1)
-synctime Sync time with other nodes. Disable if time on your system is precise e.g. syncing with Network Time Protocol (default: 1)
-cppolicy Sync checkpoints policy (default: strict)
-banscore=<n> Threshold for disconnecting misbehaving peers (default: 100)
-bantime=<n> Number of seconds to keep misbehaving peers from reconnecting (default: 86400)
-maxreceivebuffer=<n> Maximum per-connection receive buffer, <n>*1000 bytes (default: 5000)
-maxsendbuffer=<n> Maximum per-connection send buffer, <n>*1000 bytes (default: 1000)
-upnp Use UPnP to map the listening port (default: 1 when listening)
-paytxfee=<amt> Fee per KB to add to transactions you send
-mininput=<amt> When creating transactions, ignore inputs with value less than this (default: 0.01)
-daemon Run in the background as a daemon and accept commands
-testnet Use the test network
-debug Output extra debugging information. Implies all other -debug* options
-debugnet Output extra network debugging information
-noquicksync If enabled, do not use quicksync, instead use regular sync
-logtimestamps Prepend debug output with timestamp
-shrinkdebugfile Shrink debug.log file on client startup (default: 1 when no -debug)
-printtoconsole Send trace/debug info to console instead of debug.log file
-rpcuser=<user> Username for JSON-RPC connections
-rpcpassword=<pw> Password for JSON-RPC connections
-rpcport=<port> Listen for JSON-RPC connections on <port> (default: 6326 or testnet: 16326)
-rpcallowip=<ip> Allow JSON-RPC connections from specified IP address
-rpcconnect=<ip> Send commands to node running on <ip> (default: 127.0.0.1)
-blocknotify=<cmd> Execute command when the best block changes (%s in cmd is replaced by block hash)
-walletnotify=<cmd> Execute command when a wallet transaction changes (%s in cmd is replaced by TxID)
-confchange Require a confirmations for change (default: 0)
-enforcecanonical Enforce transaction scripts to use canonical PUSH operators (default: 1)
-alertnotify=<cmd> Execute command when a relevant alert is received (%s in cmd is replaced by message)
-upgradewallet Upgrade wallet to latest format
-keypool=<n> Set key pool size to <n> (default: 100)
-rescan Rescan the block chain for missing wallet transactions
-salvagewallet Attempt to recover private keys from a corrupt wallet.dat
-checkblocks=<n> How many blocks to check at startup (default: 2500, 0 = all)
-checklevel=<n> How thorough the block verification is (0-6, default: 1)
-loadblock=<file> Imports blocks from external blk000?.dat file
-maxlogfilesize=<n> Max size in bytes for 1 log file (default: 1073741824 (1GB))
-maxlogfiles=<n> Max number of log files to keep (default: 10 in debug mode, else 2)
Block creation options:
-blockminsize=<n> Set minimum block size in bytes (default: 0)
-blockmaxsize=<n> Set maximum block size in bytes (default: 8000000)
-blockprioritysize=<n> Set maximum size of high-priority/low-fee transactions in bytes (default: 27000)
SSL options:
-rpcssl Use OpenSSL (https) for JSON-RPC connections
-rpcsslcertificatechainfile=<file.cert> Server certificate file (default: server.cert)
-rpcsslprivatekeyfile=<file.pem> Server private key (default: server.pem)
-rpcsslciphers=<ciphers> Acceptable ciphers (default: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH)
RPC commands are used to interact with a running instance of nebliod or neblio-Qt. They are used via the command line with nebliod, or via the neblio-Qt Debug Console.
abandontransaction <txid>
addmultisigaddress <nrequired> <'["key","key"]'> [account]
addnode "node" "add|remove|onetry"
addredeemscript <redeemScript> [account]
backupwallet <destination>
cancelallvotesofproposal <proposal-id>
castvote <start-block-height> <last-block-height> <proposal-id> <vote-value>
createrawntp1transaction [{"txid":txid,"vout":n},...] {address:{tokenid/tokenName:tokenAmount},address:neblAmount,...} '{"userData":{"meta":[{"K1":"V1"},{},...]}}' [encrypt-metadata=false]
createrawtransaction [{"txid":txid,"vout":n},...] {address:amount,...}
decoderawtransaction <hex string> [ignoreNTP1=false]
decodescript <hex string>
decodentp1script <hex-script>
delegatestake "stakingAddress" amount ("ownerAddress" ExternalOwner=false UseDelegated=false ForceNoEnabled=false)
delegatoradd "Address" (addressLabel)
delegatorremove "Address"
disconnectnode "node"
dumpprivkey <neblioaddress>
dumppubkey <neblioaddress>
dumpwallet <filename>
encryptwallet <passphrase>
exportblockchain <path-dir>
getaccount <neblioaddress>
getaccountaddress <account>
getaddressesbyaccount <account>
getbalance [account] [minconf=1]
getbestblockhash
getblock <hash> [verbose=true] [showtxns=false] [ignoreNTP1=false]
getblockbynumber <number> [txinfo] [ignoreNTP1=false]
getblockcount
getblockhash <index>
getblockheader <hash>
getblocktemplate [params]
getcoldstakingbalance
getconnectioncount
getdelegatedbalance
getdifficulty
getinfo
getmininginfo
getnewaddress [account]
getnewpubkey [account]
getntp1balance <tokenId/name> [minconf=1]
getntp1balances [minconf=1]
getpeerinfo
getrawchangeaddress
getrawmempool
getrawtransaction <txid> [verbose=0] [ignoreNTP1=false]
getreceivedbyaccount <account> [minconf=1]
getreceivedbyaddress <neblioaddress> [minconf=1]
getscriptpubkeyforp2cs <stakerAddress> <ownerAddress>
getscriptpubkeyfromaddress <address>
getstakinginfo
getsubsidy [nTarget]
gettransaction <txid> [ignoreNTP1=false]
gettxout "txid" n ( include_mempool )
getunconfirmedbalance
getwalletinfo
getwork [data]
getworkex [data, coinbase]
help [command]
importprivkey <neblioprivkey> [label]
importwallet <filename>
keypoolrefill [new-size]
listaccounts [minconf=1]
listaddressgroupings
listcoldutxos (blacklistOnly=false)
listdelegators (showBlacklist=false)
listreceivedbyaccount [minconf=1] [includeempty=false]
listreceivedbyaddress [minconf=1] [includeempty=false]
listsinceblock [blockhash] [target-confirmations]
liststakingaddresses
listtransactions [account] [count=10] [from=0]
listunspent [minconf=1] [maxconf=9999999] ["address",...]
listvotes
makekeypair [prefix]
move <fromaccount> <toaccount> <amount> [minconf=1] [comment]
rawdelegatestake "stakingAddress" amount ("ownerAddress" externalOwner=false useDelegated=false)
resendtx
reservebalance [<reserve> [amount]]
sendalert <message> <privatekey> <minver> <maxver> <priority> <id> [cancelupto]
sendfrom <fromaccount> <toneblioaddress> <amount> [minconf=1] [comment] [comment-to]
sendmany <fromaccount (must be empty, unsupported)> {address:amount,...} [comment]
sendntp1toaddress <neblioaddress> <amount> <tokenId/tokenName> '{"userData":{"meta":[{"K1":"V1"},{},...]}}' [encrypt-metadata=false] [comment] [comment-to]
sendrawtransaction <hex string>
sendtoaddress <neblioaddress> <amount> [comment] [comment-to]
setaccount <neblioaddress> <account>
setmocktime <timestamp>
settxfee <amount>
signmessage <neblioaddress> <message>
signrawtransaction <hex string> [{"txid":txid,"vout":n,"scriptPubKey":hex},...] [<privatekey1>,...] [sighashtype="ALL"]
stop
submitblock <hex data> [optional-params-obj]
udtoneblioaddress <unstoppable domain address>
uptime
validateaddress <neblioaddress>
validatepubkey <nebliopubkey>
verifymessage <neblioaddress> <signature> <message>
waitforblockheight (timeout)
If you believe you've found a security issue in our product or service, we encourage you to notify us. We welcome working with skilled security researchers across the globe to resolve any issues promptly.
This Bug Bounty program is an open offer to external individuals to receive compensation for reporting Neblio bugs, specifically related to security of the core functionality of the network.
Submissions should be made through the following contact page
Include following in your report:
- Severity - Your opinion on the severity of the issue (e.g. high, moderate, low)
- Summary - Add summary of the vulnerability
- Description - Any additional details about this vulnerability
- Steps - Steps to reproduce
- Supporting Material/References - Source code to replicate, list any additional material (e.g. screenshots, logs, etc.)
- Impact - What security impact could an attacker achieve?
- Your name and country.
Please be available to cooperate with the Neblio Team to provide further information on the bug if needed.
Rewards are at the discretion of Neblio, and we will not be awarding significant bounties for low severity bugs.
- bugs which can take full control of Neblio nodes.
- bugs which can lead to private key leakage.
- bugs which can lead to unauthorised transfer or generation of coins/NTP1 tokens.
- bugs which can incur Denial of Service (DoS) in the Neblio network through P2P network.
- bugs which can incur Denial of Service (DoS) in the Neblio network through the RPC-API.
- bugs allowing unauthorized operations on user accounts.
- Vulnerabilities relating to this repository, the core software running the Neblio Network, are eligible for this program. Out-of-scope vulnerabilities impacting other software we release may be considered under this program at Neblio's discretion.
- As this is a private program, please do not discuss this program or any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.
- Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.
- Submit vulnerabilities only for the latest release, vulnerabilities submitted for older versions are not eligible for a reward.
Not following these rules will disqualify you from receiving any rewards.