The Witnet Foundation is creating one of the most important building blocks of the new decentralized economy: an oracle network that connects smart contracts to any external data source.

If you want to learn more about Witnet check this post for a quick overview.

We want you!

We are looking for the best talent to help us build Witnet. Remote work is OK with us, but we’d love to have you in our offices, in the very center of Madrid. We have a beautiful terrace and flexible working hours.

Open positions:

  • Back-end / Rust developer
  • Javascript developer
  • Community lead
  • UI designer

If you love the crypto space and you want to change the world for the better with open source software don’t hesitate to drop us a line at and join our revolution!

Due to many requests from both the public and our partners Stampery is adding Ethereum to its blockchain anchoring API. All data certified via Stampery is now anchored simultaneously to three blockchains: Bitcoin, Ethereum Classic and Ethereum.

About Stampery:

Stampery is the leading startup in blockchain anchoring. Backed by Draper&Associates, Stampery leverages blockchain technology to ensure the existence, integrity and attribution of any file, document or communication. Once a file is anchored to the blockchain through Stampery anyone can independently verify its integrity — at zero cost and from anywhere in the world.

An automated pentesting tool that lets you know if your MongoDB instances are properly secured

Companies of all sizes use MongoDB, Stampery included. Why? It’s schema-less, fast, scalable. We all love its deep query-ability.

But it’s no secret that MongoDB pays more attention to scalability, performance and ease of use than to security. There are quite a few holes in its default configuration settings.


Learn how to reduce attack surface and mitigate possible security breaches being sensible at the time of creating user credentials and assigning them roles and permissions

When creating new users and assigning them roles:

  • Never share a single user across several applications, even though they only make queries to the same one database.
  • Remind this. We can’t help but emphasize the previous point: one application, one user.
  • In the same manner, one user should only be…

Learn how to protect yourMongoDB server from NoSQL injection attacks by disabling server-side Javascript features

All of the following MongoDB operations permit you to run arbitrary JavaScript expressions directly on the server:

These methods can be really convenient, but they pose a huge security risk to your database integrity if your application does not sanitize and escape user-provided values properly, as proven…

Learn how to encrypt connections to your Mlab MongoDB deployment by enabling TLS/SSL

Mlab (formerly Mongolab) is one of the most popular “MongoDB as a service” cloud providers.

IP whitelisting is available in Mlab for dedicated plans only, starting at $180. Sadly enough, this option is not available to sandbox or shared cluster plans.

Whether creating a new deployment or upgrading an existing…

Learn how to encrypt connections to your Compose MongoDB deployment by enabling TLS/SSL

Compose by IBM is one of the most popular “MongoDB as a service” cloud providers.

TLS/SSL encryption is available in Compose for deployments created with the default New MongoDB Deployment option, which will create a new MongoDB 3.2 server.

Sadly enough, this option is not available to deployments created before…

Learn how to properly configure the most important and fundamental security feature that comes with MongoDB

Never run a production server without authentication on.

Really, never do so. No authentication means inviting everyone out there to enter your databases, seize everything and potentially ransom you for your data.

Running a testing server? Enable authentication either way, just in case you move it into production one day…

Learn how to improve your server security by using the new SCRAM-SHA1 authentication mechanism instead of the old MONGODB-CR

(Scram Image Licensed through Create Commons via Michael Pereckas)

SCRAM-SHA-1 is the default authentication mechanism for versions of MongoDB newer than 3.0. SCRAM-SHA-1 is an IETF standard (RFC 5802), and verifies the user’s name, password and authentication database.

SCRAM-SHA-1 is more secure than the previously-used MONGODB-CR, given that it provides a tunable work factor, per-user random salts, stronger hashes…

Learn how use TLS/SSL in-flight encryption to authenticate and encrypt connections between your MongoDB server and apps.

These instructions assume that you have already installed a build of MongoDB that includes TLS support and that your client driver supports TLS. Please read this guide for instructions on how to upgrade to a TLS-enabled MongoDB version.

About certificate Authorities

Your production MongoDB deployments should always use valid certificates generated by a…

Stampery Inc.

Leaders in blockchain-based timestamping and security solutions.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store