Title: Securing remote wallet communication Post by: opahopa333 on September 12, 2017, 01:56:00 PM Hi everyone!
Not sure where to post it, so here. Here is an abstract project structure: - hardware (Raspberri Pi) device with the "wallet" controller by python. - API (Ruby + Rails / Django / Spring / whatever). - Angular 2 (web/mobile) API clients. No one really have a security expertise, but we can get into it, if the concept is known. Wallet is a secondary function. We can use almost any language / tool - simply depends on the objective effectiveness. Thought to control the wallet by using web-sockets (thats just a guess). Seeking for the professional advice on how to securely organize a remote control of the wallet by using "device(wallet)<=>API<=>client(Angular 2)" scheme. Can give a reward for a good detailed advice(PM) Thank you! Title: Re: Securing remote wallet communication Post by: Intensity on September 12, 2017, 10:13:30 PM Using a VPS can be one way to secure a remote wallet. Plenty of settings can be set to secure the wallet.
For example... Needing a putty key to remote in. Non-static IP address that can be resetted after restarting the server. Only you would know the current IP. Password to log on to a session. Wallet Password for opening/sending funds. And finally, backing up your private key. Electrum wallet can be used in watch-only mode to keep track of your wallet. Title: Re: Securing remote wallet communication Post by: opahopa333 on September 13, 2017, 02:32:24 AM Thanks for reply!
But thats solely a hardware device security. About the device itself - sure we will do such things :) More interested in "device<=>API" communication security. especially using websockets - is it a right solution? Basiaclly it is an IoT project. |