Author

Topic: How do trade sites work? What is coding logic? (Read 1573 times)

hero member
Activity: 882
Merit: 533
February 22, 2017, 06:10:27 AM
#11
you can run a pruned bitcoin core, this way you will have the full functionnalities, and yes the BITCOIN RPC command is made to be used with bitcoin core.
All the exchanges use bitcoin core, and other daemons, yes they usually have the same API documentation, you can have more informations about this doing "./coinnamed help" it will list you all the available RPC commands.
When you use bitcoin core for an exchange or something using payment methods, you should use SSL, fetch the documentations and you will find all what i am talking about. For Altcoins, go to the source file and check the init.cpp in src folder, you will have all the list available.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
the bitcoin RPC API documentation is your best friend, it is easy, just setup a script who will be triggered when a user demands an address, basically it will querry the daemon this way : bitcoin-cli getnewaddress [account]
and for coin management, you will have to rely on bitcoin daemon basic implementation, which is : bitcoin-cli move
It is that easy, what i can advise you to do is not to think of it as beign too much complicated, satoshi and the bitcoin dev team made things easy, just make some scripts and test them, remember that you can always find a way to run a .sh script from webservers if needed, or you can do this using the RPC port instead, but you will have to use SSL ports as the data will be exposed, even if it is running in localhost, i advise you to use SSL.

I want to ask you one last thing.

Do I need to download the bitcoin core wallet when I use the RPC API? So I do not want to be a node. I do not want to download the bitcoin core wallet on the server.
Also do they have RPC APIs in other coins? I do not want to be a node in other coins.

It does not make sense to download core wallets for all coins and keep them on the server. It will take up a lot of space.
How do trade sites do that?

Interesting questions, I also thought about this, but I thought they called a external API to transfer coins to their address and then onto the users. Some of these exchanges should have their own ledger to control the flow of coins between the generated addresses and also for cold storage.

Running a node for every different coin you want to support, will be costly and very complex and time consuming to maintain.
member
Activity: 80
Merit: 10
the bitcoin RPC API documentation is your best friend, it is easy, just setup a script who will be triggered when a user demands an address, basically it will querry the daemon this way : bitcoin-cli getnewaddress [account]
and for coin management, you will have to rely on bitcoin daemon basic implementation, which is : bitcoin-cli move
It is that easy, what i can advise you to do is not to think of it as beign too much complicated, satoshi and the bitcoin dev team made things easy, just make some scripts and test them, remember that you can always find a way to run a .sh script from webservers if needed, or you can do this using the RPC port instead, but you will have to use SSL ports as the data will be exposed, even if it is running in localhost, i advise you to use SSL.

I want to ask you one last thing.

Do I need to download the bitcoin core wallet when I use the RPC API? So I do not want to be a node. I do not want to download the bitcoin core wallet on the server.
Also do they have RPC APIs in other coins? I do not want to be a node in other coins.

It does not make sense to download core wallets for all coins and keep them on the server. It will take up a lot of space.
How do trade sites do that?
member
Activity: 80
Merit: 10
Basically here the global schema for an exchange :

1- Daemons: Each coin traded must be backed by a fully synced daemon as he manages all the coins operations.
2- User interface : A use can ask for an address, this address is provided by the daemon, in an internal request.
3- Trade room: Usually, exchanges use an internal escrow for transactions as an amount of coins is held in exchange of annother coin, so they are escrowed internally, and when the price meets the users demande, funds are released to both parties.
4- Balances: They are managed by the server, there is a synchronisation between the database of the exchange, and the different daemons "accounts" RPC methods.
5- Withdrawals: they are operated at the request of the user, from his own account in the database, and in the daemon. If there are no funds in the daemon, the transaction won't be processed.

This is how an exchange works globally, now you can have several diffrences from an exchange to annother. The main difference is in the security level, Poloniex is known to be not so secure, if you have a look at your console when opening pages in poloniex, you will notice that every information sent or requested by the server, are using the 'GET' method, and this is prohibited especially when handling passwords and forms. They had been advised to revise these mechanisms, and to use 'POST' instead, but i don't think they did it.
The bitfinex hacking had something to do with this, they forgot to add a simple option to input text fields, coinables knows more about this then i, as he made a video explaining how the hacker managed to take the bitcoins.

I have knowledge of application security. I have an interest in the topics on OWASP. I can code the business processes of the project. But I do not know much about address generation and coin transfer.

https://bitcointalksearch.org/topic/m.17921284

the bitcoin RPC API documentation is your best friend, it is easy, just setup a script who will be triggered when a user demands an address, basically it will querry the daemon this way : bitcoin-cli getnewaddress [account]
and for coin management, you will have to rely on bitcoin daemon basic implementation, which is : bitcoin-cli move
It is that easy, what i can advise you to do is not to think of it as beign too much complicated, satoshi and the bitcoin dev team made things easy, just make some scripts and test them, remember that you can always find a way to run a .sh script from webservers if needed, or you can do this using the RPC port instead, but you will have to use SSL ports as the data will be exposed, even if it is running in localhost, i advise you to use SSL.

Thanks for the answer. I will review the Bitcoin RPC API documentation.
Yes it is always necessary to think simple. Things do not have to be complicated.
hero member
Activity: 882
Merit: 533
Basically here the global schema for an exchange :

1- Daemons: Each coin traded must be backed by a fully synced daemon as he manages all the coins operations.
2- User interface : A use can ask for an address, this address is provided by the daemon, in an internal request.
3- Trade room: Usually, exchanges use an internal escrow for transactions as an amount of coins is held in exchange of annother coin, so they are escrowed internally, and when the price meets the users demande, funds are released to both parties.
4- Balances: They are managed by the server, there is a synchronisation between the database of the exchange, and the different daemons "accounts" RPC methods.
5- Withdrawals: they are operated at the request of the user, from his own account in the database, and in the daemon. If there are no funds in the daemon, the transaction won't be processed.

This is how an exchange works globally, now you can have several diffrences from an exchange to annother. The main difference is in the security level, Poloniex is known to be not so secure, if you have a look at your console when opening pages in poloniex, you will notice that every information sent or requested by the server, are using the 'GET' method, and this is prohibited especially when handling passwords and forms. They had been advised to revise these mechanisms, and to use 'POST' instead, but i don't think they did it.
The bitfinex hacking had something to do with this, they forgot to add a simple option to input text fields, coinables knows more about this then i, as he made a video explaining how the hacker managed to take the bitcoins.

I have knowledge of application security. I have an interest in the topics on OWASP. I can code the business processes of the project. But I do not know much about address generation and coin transfer.

https://bitcointalksearch.org/topic/m.17921284

the bitcoin RPC API documentation is your best friend, it is easy, just setup a script who will be triggered when a user demands an address, basically it will querry the daemon this way : bitcoin-cli getnewaddress [account]
and for coin management, you will have to rely on bitcoin daemon basic implementation, which is : bitcoin-cli move
It is that easy, what i can advise you to do is not to think of it as beign too much complicated, satoshi and the bitcoin dev team made things easy, just make some scripts and test them, remember that you can always find a way to run a .sh script from webservers if needed, or you can do this using the RPC port instead, but you will have to use SSL ports as the data will be exposed, even if it is running in localhost, i advise you to use SSL.
member
Activity: 80
Merit: 10
Basically here the global schema for an exchange :

1- Daemons: Each coin traded must be backed by a fully synced daemon as he manages all the coins operations.
2- User interface : A use can ask for an address, this address is provided by the daemon, in an internal request.
3- Trade room: Usually, exchanges use an internal escrow for transactions as an amount of coins is held in exchange of annother coin, so they are escrowed internally, and when the price meets the users demande, funds are released to both parties.
4- Balances: They are managed by the server, there is a synchronisation between the database of the exchange, and the different daemons "accounts" RPC methods.
5- Withdrawals: they are operated at the request of the user, from his own account in the database, and in the daemon. If there are no funds in the daemon, the transaction won't be processed.

This is how an exchange works globally, now you can have several diffrences from an exchange to annother. The main difference is in the security level, Poloniex is known to be not so secure, if you have a look at your console when opening pages in poloniex, you will notice that every information sent or requested by the server, are using the 'GET' method, and this is prohibited especially when handling passwords and forms. They had been advised to revise these mechanisms, and to use 'POST' instead, but i don't think they did it.
The bitfinex hacking had something to do with this, they forgot to add a simple option to input text fields, coinables knows more about this then i, as he made a video explaining how the hacker managed to take the bitcoins.

I have knowledge of application security. I have an interest in the topics on OWASP. I can code the business processes of the project. But I do not know much about address generation and coin transfer.

https://bitcointalksearch.org/topic/m.17921284
member
Activity: 80
Merit: 10
Basically you run full node for every currency like bitcoin core for bitcoin. Full node download entire blockchain and keep you up to date with transactions, they also allow you to do all sort of operation like get new address, send money and etc using json-rpc api. You can read more about full node api here https://bitcoin.org/en/developer-reference#bitcoin-core-apis

I want to do without a full node. So I do not think of downloading core wallets for all currencies.
That's the point I usually hang out. I can design and code the whole business logic of the system. But I do not know how to create a private address for users and transfer between addresses.

For example, an address is created for all coins in poloniex site. Then you can do this address coin transfer. If you wish, you can transfer coins to another address in this address.

1. How can I create coin addresses without downloading the core wallet on the server (I want to create addresses for all coins like BTC, ETH, LTC)
2. How can I check the balance amounts of addresses? So where should I check the payment information from an address? Also how do I do another address transfer from any coin address (The user must be able to transfer from the BTC address on trade site to the BTC address on his/her own desktop wallet)
hero member
Activity: 882
Merit: 533
Basically here the global schema for an exchange :

1- Daemons: Each coin traded must be backed by a fully synced daemon as he manages all the coins operations.
2- User interface : A use can ask for an address, this address is provided by the daemon, in an internal request.
3- Trade room: Usually, exchanges use an internal escrow for transactions as an amount of coins is held in exchange of annother coin, so they are escrowed internally, and when the price meets the users demande, funds are released to both parties.
4- Balances: They are managed by the server, there is a synchronisation between the database of the exchange, and the different daemons "accounts" RPC methods.
5- Withdrawals: they are operated at the request of the user, from his own account in the database, and in the daemon. If there are no funds in the daemon, the transaction won't be processed.

This is how an exchange works globally, now you can have several diffrences from an exchange to annother. The main difference is in the security level, Poloniex is known to be not so secure, if you have a look at your console when opening pages in poloniex, you will notice that every information sent or requested by the server, are using the 'GET' method, and this is prohibited especially when handling passwords and forms. They had been advised to revise these mechanisms, and to use 'POST' instead, but i don't think they did it.
The bitfinex hacking had something to do with this, they forgot to add a simple option to input text fields, coinables knows more about this then i, as he made a video explaining how the hacker managed to take the bitcoins.
newbie
Activity: 52
Merit: 0
Basically you run full node for every currency like bitcoin core for bitcoin. Full node download entire blockchain and keep you up to date with transactions, they also allow you to do all sort of operation like get new address, send money and etc using json-rpc api. You can read more about full node api here https://bitcoin.org/en/developer-reference#bitcoin-core-apis
member
Activity: 118
Merit: 11
first you use and understand how all interfaces for users are working.Any exchanger when add a new coin they install source code of that coin in their system , so like bitcond its easy to generate address

There are many sites offering the opportunity to trade with bitcoin.
For example, https://poloniex.com/ is used for altcoin trade. For bitcoin trade, https://btc-e.com/ is being used. Apart from these, there are other trading sites.

I am curious about the business logic of these trade sites. What do you need to know to code a trade site?
How are bitcoin and altcoin addresses automatically generated? How do I transfer between coin addresses?
member
Activity: 80
Merit: 10
There are many sites offering the opportunity to trade with bitcoin.
For example, https://poloniex.com/ is used for altcoin trade. For bitcoin trade, https://btc-e.com/ is being used. Apart from these, there are other trading sites.

I am curious about the business logic of these trade sites. What do you need to know to code a trade site?
How are bitcoin and altcoin addresses automatically generated? How do I transfer between coin addresses?
Jump to: