|
November 05, 2013, 02:08:35 PM |
|
Suppose I want to run a service on a webserver that not only receives but also sends out BTC, like a gambling or an exchange site. Now suppose I do not trust any external service for sending out transactions, because e.g. recent events make me feel strongly against relying on third parties. How would I go about running by bitcoind securely on my own server(s) without fear of being compromised? All I can think of is separating bitcoind from the webserver and run all transaction orders via a locked down gateway, probably with some kind of queue system, but this just makes attack surface smaller and does not really solve the problem. Something like webserver <--> order DB <--> bitcoind, with the order db only listening to the one port it needs and requiring encryption + authentication. But I'm not really satisfied with this design. What are the best practices for this?
|