Topic: Need advice: How to code site for deposit and withdraws using bitcoin + altcoins (Read 593 times)

If you're not running a Bitcoin client of some sort, or referencing a 3rd party (rely on an external service) then your usability will suffer.

For example you can create private keys and address pairs for receiving funds using a library, so you can accept payments just fine without a node or a 3rd party. The draw back is you don't have a way to monitor the blockchain, check for UTXOs, or push transactions.

If you're looking to do those things as well with as little 3rd party as possible, I'd suggest use a library to create addresses, and build transactions, and then line up a series of open API's that allow you to check the UTXO set, and push a signed transaction. If one fails, then hit the next one, and if that fails hit the next, etc. It's a little extra work, but you won't have to sign up with a service, you don't have to run a node, and you don't have to feel like you're relying on an API service since you'll have fall backs.

Here are some push tx endpoints:
https://api.blockcypher.com/v1/btc/main/txs/push
https://chain.so/api/v2/send_tx/BTC/
https://btc.blockr.io/api/v1/tx/push

Here are some APIs to get the UTXO of an address
https://blockchain.info/unspent?active=1bitcoineateraddressdontsendf59kue
https://chain.api.btc.com/v3/address/1bitcoineateraddressdontsendf59kue/unspent
https://api.smartbit.com.au/v1/blockchain/address/1bitcoineateraddressdontsendf59kue/unspent

What I had done was used multiple 3rd party explorers, for redundancy.

Creating your own nodes becomes as expensive as paying blockcypher(in btw covers the currencies you are looking for) over time.

Another very important thing as you grow is to take care of who you hire. Insider jobs are the worst.

That said good luck. PM me if you want more info.

Cheers
Good Luck

Well, I really don't know why I should bother to help you since you've insulted me already and you clearly have no understanding about this industry. But on the off-chance this information helps your future customers then it might be worth it:

Coin daemons weren't designed to be used as a deposit and withdrawal system for a website. It was assumed that wallets would be run by users who managed their own private keys. The reason why its such a moronic idea to use a coin daemon for a website is multi-faceted but in brief:

1. Anyone who hacks the server has full access to all the funds and there's nothing you can do about it.
2. The RPC server that full node software provides is buggy and doesn't scale. This means that calls you make will mysteriously timeout under load / randomly.

What you are proposing to do hasn't been recommended since 2012 (or ever really) and the exact design has already lead to the theft of money worth over a billion dollars. Since then a lot of security best practices have become standard for storing and managing cryptocurrencies.

Hardware wallets help to stop coins from leaking from web servers and allow for sane withdrawal limits. While multi-signature allows for N-factor authentication and helps to give the user more control over their money. Coin daemons aren’t designed to support any of that because they already assume a single user is using the software in a secure environment they control (and not under the assumption of a system supporting assets on behalf of multiple users on an Internet-facing website.)


So you're a complete amateur. You have no clue at all how to solve a basic problem in blockchain engineering and you're already looking for ways to cut corners. If you're writing another crapcoin exchange (and I have a feeling you are) - a person like you really has no business writing any code that will touch other people's money until you at least understand the basics of how security is done in this industry and wtf you are doing.

If you ignore my advice I can see you very quickly becoming taught this lesson by someone far less forgiving. But by that point it will be too late - both for your customers and your reputation. Believe me, this industry is lined by the corpses of countless drive-by wantrapeneurs who thought they could get rich by hacking together a few shitty scripts and cutting corners.

https://bitcointalksearch.org/topic/list-of-major-bitcoin-heists-thefts-hacks-scams-and-losses-576337 … and this is one history lesson you can’t afford to avoid.
 

Thank you.. That was a very useful reply.

With proper OOP you should be able to forgo a lot of code reuse between coins. All you'd need are an implementation of a coin backend handler interface that communicates to each coin's RPC endpoint. Because many alts based on Bitcoin share the same RPC commands/protocol you would not need much code for each coin; you'd obviously need a separate implementation for Ethereum's (geth or eth) RPC endpoint.

That's for the most useless post I've seen in a while.

It doesn't sound like you have the skills to implement a secure deposit mechanism yourself and an established company would at least be using the latest techniques. I'd recommend just using a payment processor's APIs for these currencies.

I don't want to use a third party service b/c it may go down.

I want to build a site that accepts bitcoin as payment as well as bitcoin related altcoins like litecoin and dogecoin.

What I have concluded so far:
I need to run a bitcoin node + each altcoin node that I want to accept payment from. That is alot of work but acceptable.

However writing in nodejs a completely separate deposit, wallet management, and withdraw code for each coin seems overkill. I know bitcoinjs-lib supports litecoin and dogecoin but the documentation is sparse and it seems unreasonably complex. However I keep going back to that as the only solution.

Any advice? I am a professional coder I am just trying to find the best solution.

Thanks