Bitcoin Forum
June 20, 2018, 08:03:25 PM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
   Home   Help Search Donate Login Register  
Pages: [1]
Author Topic: Address generation for web services  (Read 731 times)
Offline Offline

Activity: 76
Merit: 10

View Profile
June 16, 2011, 06:12:39 PM

As we build some bitcoin based web services I'm curious to get some input on the best way to generate payment addresses securely for a web service.

For obvious reasons I will not keep a wallet on the web servers, for receiving payments it's hardly necessary.  However, assuming a successful web service we will need to generate new payment addresses for at least every customer if not every transaction. (The database will record the intent to pay, the block chain will show the payment is received).

Should I procedurally generate a million keys from the client using our secure wallet machine, and put them in an address cache in the DB?
Is there another way to generate valid key pairs with tools like GNUPG/PGP?
Maybe I should just cycle through a smaller set of addresses, that have time limits on payment? (i.e. pay this address in the next 24 hours, a la mtgox)
Do I need to run the client on the web server, or are there server side tools for evaluating the block chain?

Any other ideas or issues?

Now what about the reverse?  If we create a sight that involves paying people out in bitcoins.  What's the most secure way to process these transactions?  

Thanks in advance for your input.


The value of bitcoins is not a theory, predictions of it's failure are what is theoretical.
The World's Betting Exchange

Bet with play money. Win real Bitcoin. 5BTC Prize Fund for World Cup 2018.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Hero Member
Offline Offline

Posts: 1529525005

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Hero Member
Offline Offline

Activity: 588
Merit: 500

View Profile
June 17, 2011, 12:07:16 AM

It's fine to run a wallet on your web server or a nearby sergver, so long as the server itself is reasonably secured and you set rpcallowip in bitcoin.conf. One thing you might want to do is to sweep received payments off to another wallet which is located on another server, or offline.

Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!