Author

Topic: Best practices to handle BTC payments in a web based shop properly and secure (Read 125 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Yes, assuming the xpriv(master private key)/private keys are secure. Make sure only authorized people who can access or see your xpub to protect your financial privacy/anonymity.

You also could use your order id as alternative way to generate the address ('m/') so you don't need to store or/and link the number of each derived address.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
Yes, as long as the master key and the derived private keys are kept completely offline (eg. using a hardware wallet or an airgapped machine), this is a fairly sane and secure approach. Be aware that keeping private keys offline does not only include web servers but also any other machine that is connected to the internet including your development hardware and your clients' computers.

Minor heads up: Be aware of gap limits when checking the wallets for balances. HD wallets usually only check for 20-30 unused addresses in advance, after which they assume that no other addresses have been used so far. This may become relevant when multiple consecutive derived addresses have not been used due to eg. a cancelled payment.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Yes I think this is the most recognised way (without using a payment processor or something)...

You'd probably want a different xpub for each coin (and also you might want to think about using port numbers or something as a way to give people a truly unique address - that you haven't alreadly given to someone else)...

If you list the number in the derivation path you're up to and take the starting port to be +1 to the original number (as there should only be one connection per port if your server is set up right).

I'd suggest storing all of the private keys fully offline if you can also.
newbie
Activity: 5
Merit: 2
In a Webshop users should be able to pay with several crypto currencies (for the beginning BTC, LTC, ETH, DASH...)

We won't store any private key on the web server but need to be able to receive funds from the customer while being also able to identify each payment to its particular purchase.

This is how I would do it now, but I'd like to reflect the approach with the community. To make things more easier I'd like to use a symbolic programming language:

1. create locally a MultiSig wallet (2 of 3) with the keys from all 3 shop operators

Code:
wallet = createMultiSigWallet(key1, key2, key3)

2. create the base derivation path for each accepted coin, like this for BTC: "m/44'/0'/0'/0"

Code:
btcNode = wallet.derivePath("m/44'/0'/0'/0")
ethNode = wallet.derivePath("m/44'/60'/0'/0")
...

3. store the xpubkey of each node on the Webserver for further derivation on a per customer bases:

Code:
server['keys']['btc'] = btcNode.xpubkey
server['keys']['eth'] = ethNode.xpubkey
...

4. On the Webserver, when a new payment is requested, the shop system would then create a new address per derivation from the xpubkeys:

Code:
address1 = node(server['keys']['eth']).derive('m/1')
address2 = node(server['keys']['eth']).derive('m/2')
address3 = node(server['keys']['eth']).derive('m/3')
address4 = node(server['keys']['eth']).derive('m/4')
... and so on ...

This way only the xpubkeys of a derived path needs to be stored on the Webserver without the need to hand out the master key.

Will this be a proper, secure way to handle payments?
Jump to: