@Wesleyh
Where can I see how much there is left to forge a block?
Time? I don't think there is such an API. And I think it's better to hide it anyway, since most of the times it's depressing to see how long it would take
Thoughts?
I agree, it provides more confusion than value.
there is the getForging API that requires secretPhrase
That requires keeping secretPhrase in memory and sending it to the server in plain text, not good.. btw did you see my previous post about preparetransaction (directed at you)?
secretPhrase is always in memory anyways when an account is forging. and yes that API should a POST to an HTTPS url. I did get it, not much else to say though except I still say if an ultralight client has to decode the VPSs response anyways in order to verify it before the client signs it and sends it off, then it may as well just do it all to begin with. And yeah I handt considered the mass of other APIs that VPSs will have to serve, which makes it even more desirable IMO to be able to limit some things. For example, if a server starts to get overloaded, it may want to stop serving ultralight clients but still take in signed transactions from light clients
I'm talking about client side in memory (in the user's browser in my case).
As I said, prepareBytes also validates server side. It checks to see if the asset you are placing an order for exists, if you have enough money to pay for that asset etc.. If you try to sell, it checks to see if you have enough if the asset exists, if you have enough of the asset to sell of, etc.. As you can see, prepareBytes takes just 1 API request, whereas another client would have to do multiple (check if asset exists, check if enough of asset to sell, etc). If the client does not do error validation this it will always think it returns successfully (broadcastTransaction does not verify).
So I am dumbfounded as why you would want to disable this, since it may actually result in _less_ api calls. Also I think there should be no made up words like "ultralight" and "light" clients.
