Topic: SPV wallet for accepting BTC on a website (Read 299 times)

English. This system is implemented in the network for payment verification and executes this process without the need to download all the blockchain. For this reason, in this article we will analyze those wallets that implement this innovative system. We will study their concept, how they work, what their main characteristics are and how we can make use of them.

What are SPV Wallets?
The implementation of the SPV system, It allows verification of a particular transaction within the blockchain without having to download it completely. Rather, it is based on proof of merkle tree where the hash of a transaction and the hash of a specific block. This system only needs a small part of a block to confirm that the operation has been included.

Thus, SPV wallets are those purses that They do not own and do not need a complete copy of the blockchain. If not rather they connect users directly to the cryptocurrency network from the app. In order to carry out the verification process of your own transactions. In some cases, SPV wallets rely on full nodes connected to the network. Being part of the cryptographic verification process to avoid showing the user false information.

It is important to note that an SPV wallet is not based solely on the verification of other nodes in the network, but it also analyzes the best header hash. A valid block has the most cumulative proof of work. The implementation of the SPV ensures that this proof of work has the appropriate level of hashing difficulty. Likewise, SPV wallets have no impact on the security of your private keys.

As a curious fact, light wallets also implement the SPV system allowing a faster synchronization and configuration speed. They require less availability of disk storage

Actually there are many API besides bitcoind to manage bitcoin transaction. Aside from API offered by centralized service (such as Blockchain.com API), there are few lightweight bitcoin client such as BitcoinJ.


Initial download cost him about $100, so it's still not good option for OP.

If you don't allow incoming connections, it's closer to 1 GB per week (after the initial 400 GB download).

This is too simplified to the point that it is ignoring all the things in between.
For example if you use a custodial wallet/payment processor or even a web wallet like blockchain.info you are trusting another node to verify everything, when you use Electrum you are also doing the same thing but the difference is massive! There are also server dependent wallets that run on your own computer and are in full control of the keys but they can only connect to a single centralized server and nothing else.

You see not running a full node doesn't mean there isn't anything to verify, that is why SPV stands for "simplified verification".
For example in SPV design you can verify proof of work, connect to multiple nodes to check for chain splits/stale blocks, ask for bloom filters to make sure a certain transaction is found in that block, validate scripts and signatures of transactions that you want,...

You can always install BTCPay server from scratch (without using the Docker container since that'll just run bitcoind locally), but then pass command-line arguments to the NBXplorer software that comes with it that to tell it to connect to someone else's full node:
--btcnodeendpoint=123.45.67.89:12345.

You can get a list of bitcoin nodes sorted by uptime from BitNodes. Just choose the one that's been up for at least several weeks.

This is not going to send your received funds to the other node's wallet though, because BTCPay uses an xpub that you provide to generate all its receiving addresses. The xpub can come from anywhere, including your own cold storage.

Suddenly, you don't have to pay for hosting a bitcoind node anymore or worry about bandwidth problems.

There are two ways of accessing the block chain.

• Verifying the blocks from your computer.
• Trusting others from verifying the blocks from their computer.

There isn't any other choice obviously; the first one provides you better security and privacy while the second one is much cheaper. May I ask why you don't run a pruned node?

That they have a completely different set of methods available through the external API is the whole problem, why would I assume that a software developer would CHOOSE to implement a new API instead of using the pre-existing API?


I live in the USA, free internet is unheard of in my area, with the exception of low bandwidth library/cafe hotspots.  I can not possibly get internet access without a limit of a "few" gigabytes per month.  Since bitcoind currently requires about 130GB per month, for me bitcoind would currently cost 26 USD/month on internet bandwidth, in addition to electricity and air conditioning bills spent on block chain mining.

26 USD per month is far from "free".


It is not an online "service" it is "software" which integrates with the bitcoind API for transaction automation.


Why not?

Anyone who needs to automate bitcoin transactions MUST use the bitcoind API or redevelop bitcoind from scratch... your assertions are implausible.

I ended up just wasting my time implementing both APIs, and have not worked on it since.  Good riddance.

Yeah, it's not like you'd want to trust a third party to figure whether the few hundred dollar payments have gone through or not. But for small payments it's fine to do so.

when talking about this you should not only consider one aspect (storage) you should consider all the factors. for instance in this case it is not about storage alone, it is about the benefits of running a full node. as it was mentioned earlier this benefit is about security and the fact that you won't rely on anybody else (a third party) to be honest and give you good information.
for instance an exchange service can not rely on a third party! there is too much money at stake and there will be a lot of attack vectors that way.

so the first thing to consider is how much security is important to you based on how much money you are receiving. for example if the site OP creates is selling items that are worth less than $10 and does not have that many customers per day then using a third party or running an SPV node is fine.

Sorry to break it to you, but bitcoin core requires more than 200GB (221,39GB at the time of writing according to https://bitinfocharts.com/bitcoin/).
But agreed. Storage is currently very cheap so an extra 20GB will not matter at all.

Of course the API is not 'compatible'.

You are talking about 2 completely different softwares. Electrum has a completely different set of methods available (which can be checked in their documentation).




The testnet blockchain is at about 14 GB currently. That's about 1 hour downloading with moderate internet speed. Should definitely be doable if you want to develop something..

Most countries don't have any 'bandwith bills' anymore. At least in my country (and all surrounding ones), you get as much download volume as you want with a moderate speed for a few dollar per month.

Also, why should your customer need to use a lot of bandwith to use your service? This doesn't make sense.


You can be sure that there won't be any 'bitcoind compatible' lightweight client 'by then'. Noone needs that. It is not being developed currently.

Yeah it turns out that I had to use daemon mode on electrum and that would only work on linux, but even then the API is not compatible with bitcoind.  It sucks for me having to download the full testnet blockchain, but those who use my software will be the ones to truly suffer a bad bandwidth bill, assuming a bitcoind compatible lite client is not developed by then.

Both, core/bitcoind and electrum are the best solutions to accept BTC on your website.

Core needs less than 200GB. In the current times where storage is cheap as hell, this shouldn't be any problem at all.
Even if you don't have this spare storage, you still have the ability to use a pruned node. This will limit the size according to your requirements (e.g. 1 GB).

Electrum should perfectly work too if you build a bit around it. If you see 'method xyz not available', you entered something invalid. Check the documentation.


Since you seem to exclude the best options, why not simply going for a 3rd party service provider ?
There are multiple available which handle everything for your (addresses, payment requests, your BTC, ... ).

using a block explorer is not as safe as using an SPV wallet and it is nowhere near as safe as using a full node. you lose a lot of security as you move away from a full node to an SPV node and then you lose it all when you rely on a third party centralized website called a block explorer.

an example problem that you can face is the recent vulnerability that was found in bitcoin core. if you run a full node you will be aware of it and will act accordingly, if you use an SPV node you still can connect to nodes that have the  correct version and avoid the old vulnerable ones and be safer but when you use a block explorer you can not do anything. in this case you can obviously see that blockchain.info, blockcypher, and a lot of others are still vulnerable as they have not yet upgraded their system and the exploit was tested on the testnet which they accepted as valid!!!

Haha, all electrum versions between 2.8.x and 3.0.5 have a working rpc (don't use them though) .

Why can't you use the client's machine to run calls to a block explorer and leave your public key on the server with your addresses generated with it (you can then move these funds on a separate server to a cold storage wallet or leave them there if the private keys won't touch the internet)...

As far as I know, most people don't actually use the rpc calls on their wallets directly and instead use watching only clients and block explorers (or bitcoin core with a limit to the size of the blockchain that's downloaded however I have forgotton the name of them)....

So, I'm building a website, but I don't want to use full bitcoin core. Is there any SPV wallet with RPC interface, so I can accept payments using it?
Through use of the RPC I must be able to generate new addresses, and monitor the balance of funds received at each address.

The following wallets are not acceptable:

• bitcoind - downloads the full block chain which is not acceptable in a testing/development environment
• electrum - does not have a working rpc, all rpc calls result in "Method xyz not available"
• https://github.com/coinspark/sparkbit - mvn install reports that its dependencies no longer exist
• https://github.com/bcoin-org/bcoin - after compiling, nodejs reports a syntax error when first starting bcoin