Author

Topic: Best practises for making a serious bitcoin web site ? (Read 1279 times)

hero member
Activity: 533
Merit: 501
legendary
Activity: 2506
Merit: 1010
a bunch of addresses from bitaddress.com

You probably meant .org:
  http://www.BitAddress.org
hero member
Activity: 533
Merit: 501
Sounds really good. I'm using the jsonrpcphp libraries to connect to bitcoind. If I need something else in the future, perhaps your solution is something to look closer at, it seems pretty smart. Thansk again for the answer, and good luck with your project!

You are welcome. If you are running a bitcoind wallet on your server and controlling it via php, please be sure to transfer off the funds frequently.
hero member
Activity: 868
Merit: 1000
Sounds really good. I'm using the jsonrpcphp libraries to connect to bitcoind. If I need something else in the future, perhaps your solution is something to look closer at, it seems pretty smart. Thansk again for the answer, and good luck with your project!
hero member
Activity: 533
Merit: 501
Thanks for the answer. I'm not doing webhosting or any other service at the moment. I will announce any service I make in the appropiate sub forum, I only made this post to ask some general questions, to possibly get some tips. Smiley

Well feel free to ask away if you have any other questions.

Here is some more nitty gritty details. I created a fork of pywallet:
https://github.com/RobKohr/pywallet

that imports a list of private keys in a text file (option importprivkeyfile). I open a csv in excel that I created from copying a bunch of addresses from http://www.BitAddress.org. The private addresses column I save to one text file, and import it into my wallet using pywallet. The public addresses I import into a database for the server. I use mongodb, but really any database works. Here is the basic table format for the table address_pool:

|  public_address - varchar
|  used - boolean, default false

When I create an order, I grab a public address where used is false, and update that row to set used = true. I stick that public address in my order table with the users order info, and then show them the public address to pay to.

Nice, simple, and secure, and doesn't require any outside payment processer looking to skim a profit off of my sales.
hero member
Activity: 868
Merit: 1000
Thanks for the answer. I'm not doing webhosting or any other service at the moment. I will announce any service I make in the appropiate sub forum, I only made this post to ask some general questions, to possibly get some tips. Smiley
hero member
Activity: 533
Merit: 501
What are you selling? Web hosting?

It seems rather common that a business owner will post their business one of the child boards of the forums, and then link to that forum from their website. This way people have an avenue to post comments, praise, and grievances. This works as a way to validate the business.

As a tip, I would upload a large collection of public addresses to your server, and go through them for orders. Don't host a bitcoind controlled wallet on your server, as that just creates a reason to attack your server (oooh yummy bitcoins). It also just becomes a potential attack vector if you set it up to respond to api requests.

You can use blockexplorer's api to check the balance on an address and mark it as complete and do whatever you do with your goods for paid orders. Don't recycle public addresses, just make more.
hero member
Activity: 868
Merit: 1000

Hm, this was the most natural sub forum to post in, since I have a question about bitcoin projects.

My question is in regards to developing online bitcoin services (ie. web sites). I value privacy a lot,
but I want your opinion about the following:

- When creating a new service, what are the best things to do to gain trust and confidence from
the very start?

I can think of a few things:

- Having a veteran user on this forum, having a good bitcoin-otc rating etc.

What about the domain ? Does 2 year registration give more confidence than a 1 year registration,
and if so, why ? The difference is not much dollarwise.

And what about the whois information for the site ? As long as the site in question gives contact
information to those asking and are otherwise legit, does it matter if the whois is protected? There
are many reasons to protect the whois.

I guess it would be important to publish a public PGP key from the very beginning, so that future
messages can be pretty sure to come from the right person when signed. Not that I'm an expert
on that, but in these days and times with scammers and fraudsters all around, it don't hurt using
encryption.

Obviously it would be important with good response times and good communication with customers.

Anything else that's a no-go or very positive for an upstart bitcoin business ?
Jump to: