Author

Topic: How do I create and run my own automated website wallet in php? (Read 2343 times)

newbie
Activity: 25
Merit: 0
Hi, I need to create a small game. People will deposit, i need to verify some conditions and send back some winnings to people meeting the requested conditions.
Can not explain everything because will reveal all the fundamental idea of the website.
thanks
sr. member
Activity: 412
Merit: 287
https://github.com/Bit-Wasp/bitcoin-lib-php is something I am working on. It's pretty solid at this stage, it has raw transactions (regular, and p2sh), bip32, electrum key derivation (although I would suggest using BitCore, JS to generate private keys on the client side based on a password+salt, and to sign in this way - look up how blockchains wallet works. If you enter an identifier, it will download the AES encrypted wallet to your cookie, and then you decrypt it).

I do not suggest using bitcoind to store your keys, since all someone needs is read only access to get your RPC credentials to access your nodes funds. Or, write access, if you have it 'firewalled'.

What specifically do you want to automate? This implies you have access to private keys without the user being signed in.
hero member
Activity: 574
Merit: 500
CoinBooster Rep
For your wallet server start by installing bitcoin core.

Just build it from source https://github.com/bitcoin/bitcoin

Then you can build a PHP script (if you prefer PHP) to interact with bitcoin via the command line.


I have a friend that may be able to do this for you,

contact : ahappymau5

he's here on the forum
legendary
Activity: 1190
Merit: 1001
For your wallet server start by installing bitcoin core.

Just build it from source https://github.com/bitcoin/bitcoin

Then you can build a PHP script (if you prefer PHP) to interact with bitcoin via the command line.
newbie
Activity: 25
Merit: 0
Hi

I need to create a website in php that should have his own wallet for:
-generating  new addresses for each new payment
-sending and receiving payments
-automated and safe
-run on the website server (standard hosting using cpanel)

I am new to this and I don't know where to start but think there are already solutions for this.

Thank you!

If you are sending automated payments direct from a PHP webserver then it's impossible for it to be "safe".

What you need to do it send the payments from a separate server which does nothing but send payments and completely locked down with extremely limited access.

Your webserver has a tons of attack vectors so basically your webserver should not even have the ability to push out a send.

Your wallet server should securely connect to the webserver to retrieve lists of requested sends, then after independent validation of the requests it should send them.

This way even if someone hacks the shit out of your entire website they cannot get to your wallet server and they cannot push out any unauthorized sends.  At most they can put unauthorized sends into the requests, but your wallet server validation should be designed to detect this and shut it down.

Ideally you should have physically access to the wallet server, as opposed to hosting the wallet server online (ie run the wallet server at home or office etc...)

Thank you for your reply.
Please tell me where to start with the documentation about this.
Where can I get a prebuilt wallet which will have already the basics for my pourpose.
Thanks
legendary
Activity: 1190
Merit: 1001
Hi

I need to create a website in php that should have his own wallet for:
-generating  new addresses for each new payment
-sending and receiving payments
-automated and safe
-run on the website server (standard hosting using cpanel)

I am new to this and I don't know where to start but think there are already solutions for this.

Thank you!

If you are sending automated payments direct from a PHP webserver then it's impossible for it to be "safe".

What you need to do it send the payments from a separate server which does nothing but send payments and completely locked down with extremely limited access.

Your webserver has a tons of attack vectors so basically your webserver should not even have the ability to push out a send.

Your wallet server should securely connect to the webserver to retrieve lists of requested sends, then after independent validation of the requests it should send them.

This way even if someone hacks the shit out of your entire website they cannot get to your wallet server and they cannot push out any unauthorized sends.  At most they can put unauthorized sends into the requests, but your wallet server validation should be designed to detect this and shut it down.

Ideally you should have physically access to the wallet server, as opposed to hosting the wallet server online (ie run the wallet server at home or office etc...)
newbie
Activity: 25
Merit: 0
Hi

I need to create a website in php that should have his own wallet for:
-generating  new addresses for each new payment
-sending and receiving payments
-automated and safe
-run on the website server (standard hosting using cpanel)

I am new to this and I don't know where to start but think there are already solutions for this.

Thank you!
Jump to: