|
January 04, 2014, 06:17:42 AM |
|
I'm developing a web application that would not only accept, but also send payments to web users. For now, I'm using the official client (bitcoind), but I suddenly became worried about this issue:
The wallet is encrypted. So to send a payment, I need to run walletpassphrase. However, as far as I understand from the documentation, when I unlock the wallet, it becomes unlocked not just for one connection or one transaction, but for all connections / transactions. This means that if I do "walletpassphrase", "send", "walletlock", there is a small window of time when the wallet is unlocked. If someone then has access to the machine, they might be able to send a malicious transaction in that window of time without knowing the passphrase.
It would make much more sense if I provided the wallet password per-transaction. I.e. "send <wallet password> <normal send parameters>". Then, the malicious user would have to have the wallet password in order to perform the attack.
Is something like this possible with the official client? If not, can anybody recommend a client for this purpose? Or would I have to modify the source code? Has anybody come up with solutions for this that don't involve using an external service? I see that quite a few people run gambling services with bitcoin... maybe one of them could chime in to tell us how they do it?
|