Topic: How can I use multisig future in my new bitcoin online exchange (Read 86 times)

I did not understand the idea of your project, but creating a CEX type exchange will be completely different from your idea, as you will create the exchange and have an independent data management system with a separate server for all withdrawals. Transactions will be sent in the form of Comma-separated values (CSV), which contains the address, value, and then Bitcoin Core can handle it.

In this case, multisig principles will not help, but rather BIP39 Passphrases, where the private key is one and each account has a unique password through which it can generate addresses.

https://medium.com/@alephium/bip39-passphrase-implementation-f87adecd6f59

I think this is not the right place to post this thread since your project is still under development it should be moved to Project Development.
I don't get your point on what do you plan about your Bitcoin online exchange.

I think you don't understand how exactly Multisig works I suggest read this link below it includes some samples to easily understand how it works.

- https://en.bitcoin.it/wiki/Multi-signature

You may also need this guide Bitcoin core Multisig guide.

About your 2nd question, it seems it's not safe it might expose your private key, the program/website that you developing should be separated from the Bitcoin core. If you want your software/website to interact with your Bitcoin node you will need to enable RPC and to secure the data sent/received you need to enable SSL encryption for your RPC API.

About all Bitcoin development, guides and tools please check this link below.

- https://github.com/igorbarinov/awesome-bitcoin
- https://github.com/openblockchains/awesome-blockchains

I created a tiny Bitcoin Core-based online exchange. This programme has the following features:

1. A new address with a specified password is generated by Bitcoin Core upon receipt of a request from the user.
2. The user's address can be used to receive Bitcoin.
3. The user can send Bitcoin from your own address; to do this, I've unlocked my account using wallet Passphrase and utilized send to address.

In this such situation, all accounts can be unlocked with a single, complex passphrase. But after studying about the multisig feature, I considered including a scenario in my programme that would address this. However, I have a few queries in mind:

1. When sending transactions, I included a set passphrase in my codes. In terms of multisig principles, I can't unlock that account with a passphrase; but, I need to sign data using distinct private keys. Am I correct?
2. Since an exchange should operate automatically, I believe the last step of my codes must use all necessary private keys. Given that everything is close to one another in this instance, I don't believe I added any more security measures to my project. Can I get any information on the security that will be of great use to include multisig accounts in my project?
I'm hoping you can assist me in mentally resolving these problems.