Bitcoin Forum
December 09, 2016, 08:00:00 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Address generation for web services  (Read 659 times)
MrJoshua
Member
**
Offline Offline

Activity: 76


View Profile
June 16, 2011, 06:12:39 PM
 #1

As we build some bitcoin based web services I'm curious to get some input on the best way to generate payment addresses securely for a web service.

For obvious reasons I will not keep a wallet on the web servers, for receiving payments it's hardly necessary.  However, assuming a successful web service we will need to generate new payment addresses for at least every customer if not every transaction. (The database will record the intent to pay, the block chain will show the payment is received).

Should I procedurally generate a million keys from the client using our secure wallet machine, and put them in an address cache in the DB?
Is there another way to generate valid key pairs with tools like GNUPG/PGP?
Maybe I should just cycle through a smaller set of addresses, that have time limits on payment? (i.e. pay this address in the next 24 hours, a la mtgox)
Do I need to run the client on the web server, or are there server side tools for evaluating the block chain?

Any other ideas or issues?

Now what about the reverse?  If we create a sight that involves paying people out in bitcoins.  What's the most secure way to process these transactions?  

Thanks in advance for your input.

MrJ

The value of bitcoins is not a theory, predictions of it's failure are what is theoretical.
1481270400
Hero Member
*
Offline Offline

Posts: 1481270400

View Profile Personal Message (Offline)

Ignore
1481270400
Reply with quote  #2

1481270400
Report to moderator
1481270400
Hero Member
*
Offline Offline

Posts: 1481270400

View Profile Personal Message (Offline)

Ignore
1481270400
Reply with quote  #2

1481270400
Report to moderator
1481270400
Hero Member
*
Offline Offline

Posts: 1481270400

View Profile Personal Message (Offline)

Ignore
1481270400
Reply with quote  #2

1481270400
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481270400
Hero Member
*
Offline Offline

Posts: 1481270400

View Profile Personal Message (Offline)

Ignore
1481270400
Reply with quote  #2

1481270400
Report to moderator
error
Hero Member
*****
Offline Offline

Activity: 574



View Profile
June 17, 2011, 12:07:16 AM
 #2

It's fine to run a wallet on your web server or a nearby sergver, so long as the server itself is reasonably secured and you set rpcallowip in bitcoin.conf. One thing you might want to do is to sweep received payments off to another wallet which is located on another server, or offline.

15UFyv6kfWgq83Pp3yhXPr8rknv9m6581W
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!