Author

Topic: Copying Bitcoin vs using bitcoind to send (Read 754 times)

member
Activity: 104
Merit: 11
August 13, 2012, 09:01:48 PM
#3
Thanks! I'll probably make a script on my site that accepts a PGP signed set of public keys to be added.
hero member
Activity: 728
Merit: 500
165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
August 13, 2012, 08:37:44 PM
#2
If you're just accepting payments, you don't need the private keys to be online at all.  Just generate a bunch of keypairs then copy ONLY the public keys / Bitcoin addresses to the server.  When people send you payments you can watch for them by address.  You can then transfer the funds later using a secure PC, IE one that isn't connected to the web site at all.

Edit: Here's a useful tool to create bulk addresses: https://www.bitaddress.org/bitaddress.org-v1.6-SHA1-162d1ff4fd1e09222cbaca6c282672ee6c195e1b.html
member
Activity: 104
Merit: 11
August 13, 2012, 08:16:41 PM
#1
I'm working on a website that accepts Bitcoin payments. I've got the site separated from another user on the system that runs bitcoind and communicates via RPC. I generate new addresses and save a list of them in my own database and at sometime regularly (like daily or hourly) I want to transfer all the coins off that server onto a machine with cold storage. I run the site (and probably always will in some fashion) from a VM.

Should I be doing any direct file deletions? My goal is to minimize the amount of coins available to an attack at any given moment, much like a corner-shop does a cash drop into the safe to limit how much a common robber can take.

Cheers & Thanks for advice
Jump to: