Bitcoin Forum
November 12, 2019, 01:56:45 PM *
News: Help collect the most notable posts made over the last 10 years.
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Secure architecture for using bitcoin core  (Read 109 times)
vikoheftjeri
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile WWW
February 06, 2019, 04:43:06 PM
 #1

I'm trying to build a good security for my online bitcoin based application. Is something like this possible?

Quote
send_bitcoin(address)
create_address()
sweep_balances()
       +
       |
       |
       v                New transactions
+-------------+   <-----------------    +--------------+
|                   |                               |                    |
| Wallet keys +--------------------->+ Bitcoin core  |
|                   |                               |                    |
+-------------+   Submit signed tx    +--------------+


The "Wallet keys" will be my hot wallet. There will be another wallet store which would be used for cold storage. The "bitcoin core" will be some trusted public node that I don't control.

Does using this architecture have any disadvantages over running a full bitcoin core to keep addresses?

I need to get callbacks for new transactions on the list of addresses in my store, that is not managed by bitcoin core. Is it possible using this method?

My reason is that running a full "bitcoin core" takes up too much computing resources & disk which is expensive on cloud and by doing this I can avoid having to run and maintain a bitcoin node. I can submit a signed transaction to any trusted node.

Reposted from here: https://bitcoin.stackexchange.com/questions/84278/keeping-wallet-addresses-outside-bitcoin-core/84280#84280
Thanks.
1573567005
Hero Member
*
Offline Offline

Posts: 1573567005

View Profile Personal Message (Offline)

Ignore
1573567005
Reply with quote  #2

1573567005
Report to moderator
The Bitcoin Forum is turning 10 years old! Join the community in sharing and exploring the notable posts made over the years.
1573567005
Hero Member
*
Offline Offline

Posts: 1573567005

View Profile Personal Message (Offline)

Ignore
1573567005
Reply with quote  #2

1573567005
Report to moderator
1573567005
Hero Member
*
Offline Offline

Posts: 1573567005

View Profile Personal Message (Offline)

Ignore
1573567005
Reply with quote  #2

1573567005
Report to moderator
1573567005
Hero Member
*
Offline Offline

Posts: 1573567005

View Profile Personal Message (Offline)

Ignore
1573567005
Reply with quote  #2

1573567005
Report to moderator
darosior
Full Member
***
Offline Offline

Activity: 196
Merit: 222



View Profile WWW
February 06, 2019, 06:17:08 PM
 #2

Hi,

I'm trying to build a good security for my online bitcoin based application. Is something like this possible?
followed by
The "Wallet keys" will be my hot wallet. There will be another wallet store which would be used for cold storage. The "bitcoin core" will be some trusted public node that I don't control.

seems inappropriate, to say the least. You could just use a pruned bitcoin-core node (for disk space) and adjust configuration options (for resources usage).
Some links :
- https://bitcoin.org/en/full-node#reduce-storage
- https://bitcoin.org/en/full-node#reduce-traffic

odolvlobo
Legendary
*
Offline Offline

Activity: 2674
Merit: 1435



View Profile
February 08, 2019, 02:15:17 AM
 #3

I'm trying to build a good security for my online bitcoin based application. Is something like this possible?

Quote
send_bitcoin(address)
create_address()
sweep_balances()
       +
       |
       |
       v                New transactions
+-------------+   <-----------------    +--------------+
|                   |                               |                    |
| Wallet keys +--------------------->+ Bitcoin core  |
|                   |                               |                    |
+-------------+   Submit signed tx    +--------------+


The "Wallet keys" will be my hot wallet. There will be another wallet store which would be used for cold storage. The "bitcoin core" will be some trusted public node that I don't control.

Does using this architecture have any disadvantages over running a full bitcoin core to keep addresses?

I need to get callbacks for new transactions on the list of addresses in my store, that is not managed by bitcoin core. Is it possible using this method?

My reason is that running a full "bitcoin core" takes up too much computing resources & disk which is expensive on cloud and by doing this I can avoid having to run and maintain a bitcoin node. I can submit a signed transaction to any trusted node.

Reposted from here: https://bitcoin.stackexchange.com/questions/84278/keeping-wallet-addresses-outside-bitcoin-core/84280#84280
Thanks.

You are basically describing an SPV wallet.

Buy stuff on Amazon at a discount with bitcoins or convert Amazon points to bitcoins: Purse.io
Join an anti-signature campaign: Click ignore on the members of signature campaigns.
KingZee
Sr. Member
****
Offline Offline

Activity: 602
Merit: 424


Check your coin privilege


View Profile
February 08, 2019, 08:54:35 AM
Merited by suchmoon (4), ETFbitcoin (1)
 #4

Imo you should focus more on proofing your API(Rest)/RPC rather than issues like these.

How is your application going to communicate with the wallet? It won't matter if it's a hot wallet or a cold one, if there are vulnerabilities or attack vectors that others can exploit to take control of it, it won't matter if it's a bitcore node or a trezor.

What you could do to mitigate damage would be to simply not keep all your funds accessible to your business at all times. Every once in a while, send out from your business wallet to your cold storage, or vice versa depending on how much you expect to spend. Manually.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!