About tutorials based on purestake.io services

Hi all!

My and my team’s goal is to store a MD5 of a file as the note of a transaction, to ensure that that file had that MD5 hash at that time(stamp). Fair enough, we can achieve this goal by using the following tutorial: https://developer.algorand.org/tutorials/creating-javascript-transaction-purestake-api/ with NodeJS.

Although we could see the transactions as completed in AlgoExplorer, by its ID, in the testnet, we really have no idea about the following steps (in regards to the tutorial):

  1. Recover Account - How are we supposed to find our mnemonic as simple Purestake Developer Portal user? By now the example works with the mnemonic found in the tutorial. From what I understand, purestake mission is to simplify developers interaction with Algorand, so I guess we don’t have to have a wallet (and our own mnemonic). Obviously purestake has a pricing, which should cover a certain number of transactions.

  2. Create a Transaction - I see here an envelope is built, for registering a transaction. Now:

A) Which is the address to which the transaction should be sent? From where is this sting coming from UUOB7ZC2IEE4A7JO4WY4TXKXWDFNATM43TL73IZRAFIFFOE6ORPKC7Q62E as per the example in the tutorial? What we have after registration to purestake is just an API Key.

B) What to indicate as Amount and Fee? Here the confusion can come to us by considering your price plan. We see that until 5,000 calls per day, there is a free plan.

C) How is a request considered in this case? Is a request considered one, that is only the final call to make the transaction?

Thank you very much for your support!

Fabio -

The API just provides access to the blockchain and is entirely a separate thing from your Algorand accounts. Each example does have a sample account provided, typically with a mnemonic that can be used to re-generate the public key and private (signing) keys using a SDK of choice (or goal or a wallet like AlgoSigner or the mobile wallet).

In the JS SDK creating a new account is as simple as var account = algosdk.generateAccount(); .

So for your first question, generate an account and store the mnemonic safely as it is the only way to recover the account. Russ goes into some detail on this here - https://developer.algorand.org/tutorials/create-account-testnet-javascript/ .

Once the account is setup and funded, you can send Algos around Testnet. The amount is up to you, it’s the amount you want to send, the fee to use is the one from the parameters call (min-fee) and is the cost of using the network for your transaction. The example you cite, https://developer.algorand.org/tutorials/creating-javascript-transaction-purestake-api/, goes through this in detail. If you use TestNet there is no limit on requests, but either way Amount/Fee and the transaction are wholly separate from the API itself (which again is the conduit to the blockchain).

In a typical transaction through the API several calls are made.

  1. Get the current transaction parameters
  2. Post the signed transaction
  3. Get the pending transaction queue looking for completion of the transaction, typically a total of 1-3 times (once per block).

So, 3-6 requests. If you let the code check pending repeatedly per block, it will burn many more requests and not result in any speedup.

Tim, thank you very much for your prompt and kind response. I beg your pardon if these questions may sound silly, but for those who are new to this topic, like we are, was not so clear how to start.
So, thank you again for your time, I’ll review your answer and let you know.


It is a lot to take in, the community is happy help get you up to speed!

Hi @fabiensen,

Welcome to Algorand!

I just wanted to chime in regarding MD5.
MD5 is now considered insecure for almost all applications (this includes timestamping documents) and I would strongly recommend you to switch to SHA2 or SHA3 if you can.
See https://en.wikipedia.org/wiki/MD5#Security

@fabiensen glad you are here building. Here is a link to generating a new account and saving the mnemonic:

That is midway thru the introductory series on sending your first transaction. I can tell you are beyond that already, but should review the information about key pairs, mnemonics, addresses, account generation here:

Thanks guys!

your responses addressed me to the right places where to find proper information.
About SHA-1, we just changed from MD5 to it.

Our scripts are working great now and are now fully integrated in our software. Now, we have just to go live in the main net.

I add this article https://medium.com/algorand/the-algorand-pay-transaction-73f273cd71a to the sources you indicated. I think it gives answers to other questions one may have, in a very clear way.



Unfortunately, SHA-1 is now also considered insecure for almost all applications (this includes timestamping documents) and I would strongly recommend you to switch to SHA-2 (i.e. SHA-256, SHA-384, …) or SHA-3 if you can.
See https://en.wikipedia.org/wiki/SHA-1#Attacks

SHA-256 might be the choice that is the most common.