PayNoWay
A mobile app for testing payment systems against double-spend attacks.
Double-spending is no longer a theoretical possibility but a practical reality. Most of the end-user applications used widely today leave their users vulnerable to being defrauded via double-spend attacks. PayNoWay is a tool that you can use to test the applications that you, or your business, depend on to accept on-chain cryptocurrency payments. If you would like to learn more about how double-spending works: Double-Spending Made Easy.
Disclaimers
- This project is intended to be used for testing purposes.
- Please do not use this app to double-spend against merchants without their explicit consent.
- A successful double-spend is not guaranteed - use at your own risk.
Requirements
- nodejs - For Linux and Mac install node via nvm.
- make
- For Android development:
- Java Development Kit (JDK) version 8 or higher. Use your system's native package manager to install the JDK (if available).
- Android SDK - On Ubuntu 18.04 or later, it is possible to install Android Studio from Ubuntu Software Sources.
- gradle
- adb - Not required, but is recommended.
Getting Started
Before continuing, be sure you already have the project's requirements.
Download the project files via git:
git clone https://github.com/samotari/pay-no-way.git
Install the project's dependencies:
cd pay-no-way
npm install
Build the application files:
npm run build
Android
Before installing and running the app on Android, you must prepare the Android platform with cordova:
npm run prepare:android
This downloads the cordova plugins which are necessary to build the app for Android devices.
Running on Android (VM)
Run the following command to check to see if there are any available Android virtual devices:
adb devices
Install and run the app on the virtual device with the following command:
npm run android-vm
Running on Android (Device)
To install and run the app on an Android device, you must first:
- Enable developer mode on the device.
- Enable USB debugging
Once developer mode and USB debugging are enabled, connect the device to your computer via USB. Run the following command to check to see if your computer is authorized:
adb devices
Install and run the app on the device: with the following command
npm run android
Create Signed APK
Create your signing key:
npm run android-generate-signing-key
Build a production APK:
npm run build:prod && npm run build:apk
If successful, it should have created a new .apk
file at the following path:
./platforms/android/app/build/outputs/apk/release/app-release.apk
To install the newly created APK onto an Android device:
adb install ./platforms/android/app/build/outputs/apk/release/app-release.apk
- You may need to run
adb devices
before the above command. - And if the app is already installed on the device, you will need to use the
-r
flag to reinstall it.
License
This project is licensed under the GNU Affero General Public License v3 (AGPL-3.0).
The AGPL license differs from the other GNU licenses in that it was built for network software. You can distribute modified versions if you keep track of the changes and the date you made them. As per usual with GNU licenses, you must license derivatives under AGPL. It provides the same restrictions and freedoms as the GPLv3 but with an additional clause which makes it so that source code must be distributed along with web publication. Since web sites and services are never distributed in the traditional sense, the AGPL is the GPL of the web.