Bitcoin Forum
May 23, 2019, 06:24:59 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
   Home   Help Search Login Register More  
Pages: [1]
Author Topic: Best practices to handle BTC payments in a web based shop properly and secure  (Read 91 times)
Offline Offline

Activity: 5
Merit: 2

View Profile
September 15, 2018, 10:11:16 AM
Merited by ETFbitcoin (1), HeRetiK (1)

In a Webshop users should be able to pay with several crypto currencies (for the beginning BTC, LTC, ETH, DASH...)

We won't store any private key on the web server but need to be able to receive funds from the customer while being also able to identify each payment to its particular purchase.

This is how I would do it now, but I'd like to reflect the approach with the community. To make things more easier I'd like to use a symbolic programming language:

1. create locally a MultiSig wallet (2 of 3) with the keys from all 3 shop operators

wallet = createMultiSigWallet(key1, key2, key3)

2. create the base derivation path for each accepted coin, like this for BTC: "m/44'/0'/0'/0"

btcNode = wallet.derivePath("m/44'/0'/0'/0")
ethNode = wallet.derivePath("m/44'/60'/0'/0")

3. store the xpubkey of each node on the Webserver for further derivation on a per customer bases:

server['keys']['btc'] = btcNode.xpubkey
server['keys']['eth'] = ethNode.xpubkey

4. On the Webserver, when a new payment is requested, the shop system would then create a new address per derivation from the xpubkeys:

address1 = node(server['keys']['eth']).derive('m/1')
address2 = node(server['keys']['eth']).derive('m/2')
address3 = node(server['keys']['eth']).derive('m/3')
address4 = node(server['keys']['eth']).derive('m/4')
... and so on ...

This way only the xpubkeys of a derived path needs to be stored on the Webserver without the need to hand out the master key.

Will this be a proper, secure way to handle payments?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Copper Member
Offline Offline

Activity: 1386
Merit: 1244 - free python tutorials

View Profile
September 15, 2018, 12:22:07 PM

Yes I think this is the most recognised way (without using a payment processor or something)...

You'd probably want a different xpub for each coin (and also you might want to think about using port numbers or something as a way to give people a truly unique address - that you haven't alreadly given to someone else)...

If you list the number in the derivation path you're up to and take the starting port to be +1 to the original number (as there should only be one connection per port if your server is set up right).

I'd suggest storing all of the private keys fully offline if you can also.

Offline Offline

Activity: 1120
Merit: 1049

the forkings will continue until morale improves

View Profile
September 15, 2018, 02:18:17 PM
Merited by suchmoon (4)

Yes, as long as the master key and the derived private keys are kept completely offline (eg. using a hardware wallet or an airgapped machine), this is a fairly sane and secure approach. Be aware that keeping private keys offline does not only include web servers but also any other machine that is connected to the internet including your development hardware and your clients' computers.

Minor heads up: Be aware of gap limits when checking the wallets for balances. HD wallets usually only check for 20-30 unused addresses in advance, after which they assume that no other addresses have been used so far. This may become relevant when multiple consecutive derived addresses have not been used due to eg. a cancelled payment.

Online Online

Activity: 1652
Merit: 1767

Use SegWit and enjoy lower fees.

View Profile WWW
September 15, 2018, 06:01:50 PM

Yes, assuming the xpriv(master private key)/private keys are secure. Make sure only authorized people who can access or see your xpub to protect your financial privacy/anonymity.

You also could use your order id as alternative way to generate the address ('m/<order ID>') so you don't need to store or/and link the number of each derived address.

Pages: [1]
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!