Author

Topic: [ask] best practices accepting bitcoin for a website with bitcoind (Read 1302 times)

sr. member
Activity: 406
Merit: 251
http://altoidnerd.com
Just to be clear, is this a discussion of best practices for a website wishing to accept bitcoin payments specifically WITHOUT the use of a payment processing service such as bitpay or coinbase?
legendary
Activity: 1372
Merit: 1008
1davout
you would need to know all addresses you want to monitor

That's a good practice, with unexpiring addresses you monitor a constantly growing set.
full member
Activity: 309
Merit: 100
This post may help you find a way to monitor transactions .. However you would need to know all addresses you want to monitor unlike with bitcoind running your wallet for monitoring:

http://bitcoin.stackexchange.com/questions/4601/how-can-i-read-information-from-the-blockchain


Would be interested in knowing which method you choose and how it goes!


Kosta
newbie
Activity: 59
Merit: 0
how to check incoming transfer then?

You need to monitor the addresses on which you are expecting payments.
This can be achieved in a variety of ways, blockchain has an API, you could plug in to an electrum server, do some polling, it really depends on your use case.
Another suggestion : don't allow addresses to be valid permanently if possible, tell your users the addresses have a finite lifetime, so you can rotate the master public seeds regularly.

blockchain receive payment API  is very slow and ugly.

what is the best way to monitor ton of addresses without hosting the wallet in the same server?

if bitcoind hosted it is very easy to just call rpc request: listtransactions \* 1000

and why electrum server, what are the differences compared to bitcoind?

thanks
member
Activity: 70
Merit: 10
What are the standard packages used for this? I've spend some time with the python-bitcoin RPC and libbitcoin which is somewhat more "user friendly".
legendary
Activity: 1372
Merit: 1008
1davout
how to check incoming transfer then?

You need to monitor the addresses on which you are expecting payments.
This can be achieved in a variety of ways, blockchain has an API, you could plug in to an electrum server, do some polling, it really depends on your use case.
Another suggestion : don't allow addresses to be valid permanently if possible, tell your users the addresses have a finite lifetime, so you can rotate the master public seeds regularly.
newbie
Activity: 59
Merit: 0
What's best for security and performance is to not use bitcoind at all.
Generate your adresses deterministically instead, dem libs are out there.

how to check incoming transfer then?
legendary
Activity: 1372
Merit: 1008
1davout
What's best for security and performance is to not use bitcoind at all.
Generate your adresses deterministically instead, dem libs are out there.
legendary
Activity: 1176
Merit: 1011
1. Do not host your wallet or private keys on your webserver, just addresses.

2. DO NOT HOST YOUR WALLET OR PRIVATE KEYS ON YOUR WEBSERVER, JUST ADDRESSES.

3. Generate your address + private keys offline / remotely, i.e. on a different physical location than your webserver. Thus allowing your webserver to retrieve new addresses as needed, without exposing access to your private keys anywhere.

4. Use a new address for each payment/order. This way you can always check if a specific payment has been made or a specific order has been paid. With one address per account, you cannot clearly distinguish between payments for different orders.

5. Instead of generating private keys + addresses on the fly, you could pregenerate a few thousand addresses / private key pairs, and backup those. Backup again whenever creating (and before using) new keys + addresses and increase volume as needed.

6. On the webserver end, just backup your order/payment/account database just like you would now. Before or after receiving doesn't matter, that is already backed up in the blockchain Smiley And before or after sending fund does not apply here, as per rules 1 and 2.
newbie
Activity: 59
Merit: 0
i want start accepting bitcoin for my website with bitcoind.

my question is, what is the best way to generate new address for receiving btc? should i create a new address and assign to new account for every transaction? or it better to create a new address assigned to main account?

which way is better for security and performance? one account with ton of addresses, or ton of accounts with 1 address per account.

and when do i need to perform a backup? after new address created? after receiving fund? after sending fund?

thanks
Jump to: