Bitcoin Forum
October 06, 2024, 02:24:43 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > do I need walletpassphrase in web script?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: do I need walletpassphrase in web script?  (Read 807 times)
vinboy (OP)
Member
**
Offline Offline

Activity: 77
Merit: 10


View Profile
April 11, 2014, 11:59:40 AM
 #1
hi
I'm running a bitcoin website.
I have a security concern here. Whenever someone withdraw bitcoin. My script will auto execute the withdrawal request.
Hence I use the function walletpassphrase in my script.

Is there any better and more secure way to execute the withdrawal task?
If hacker can hack the script, he will get my password and all the BTC in the wallet.


What are other proven secure way of doing this?
thank you
hardshot
Sr. Member
****
Offline Offline

Activity: 457
Merit: 251


View Profile
April 11, 2014, 12:11:02 PM
 #2
Wallet on another server, with RPC Connection only allowed from your websites' address.

And: Do not store 100% in your hot wallet.
vinboy (OP)
Member
**
Offline Offline

Activity: 77
Merit: 10


View Profile
April 11, 2014, 01:32:50 PM
 #3
ok that's a way.. thanks
BitCoinDream
Legendary
*
Offline Offline

Activity: 2380
Merit: 1209

The revolution will be digital


View Profile
April 11, 2014, 02:11:35 PM
 #4
How about using blockchain.info api ?
hardshot
Sr. Member
****
Offline Offline

Activity: 457
Merit: 251


View Profile
April 11, 2014, 03:10:46 PM
 #5
Quote from: BitCoinDream on April 11, 2014, 02:11:35 PM
How about using blockchain.info api ?
Has been unreliable in the past.. All those downtimes Wink
vinboy (OP)
Member
**
Offline Offline

Activity: 77
Merit: 10


View Profile
April 12, 2014, 01:14:12 AM
 #6
even if use blockchain.info, the password still needs to go into the script somewhere. That's where i find it high risk.
byt411
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
April 12, 2014, 01:15:55 AM
 #7
Quote from: vinboy on April 11, 2014, 11:59:40 AM
hi
I'm running a bitcoin website.
I have a security concern here. Whenever someone withdraw bitcoin. My script will auto execute the withdrawal request.
Hence I use the function walletpassphrase in my script.

Is there any better and more secure way to execute the withdrawal task?
If hacker can hack the script, he will get my password and all the BTC in the wallet.


What are other proven secure way of doing this?
thank you

LOL, so you want to repeat gox?

Even with the transaction malleability fixes, you can get bombarded by fake txes and you will be doomed.
vinboy (OP)
Member
**
Offline Offline

Activity: 77
Merit: 10


View Profile
April 12, 2014, 02:56:52 AM
 #8
Quote from: gweedo on April 12, 2014, 01:21:05 AM
Quote from: vinboy on April 11, 2014, 11:59:40 AM
hi
I'm running a bitcoin website.
I have a security concern here. Whenever someone withdraw bitcoin. My script will auto execute the withdrawal request.
Hence I use the function walletpassphrase in my script.

Is there any better and more secure way to execute the withdrawal task?
If hacker can hack the script, he will get my password and all the BTC in the wallet.


What are other proven secure way of doing this?
thank you

I would be glad to help you work on using my api and a cold storage wallet. Then you could do withdraws on your own computer without it being linked to your server.

thanks... does your api work with blockchain.info or bitcoind?
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > do I need walletpassphrase in web script?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!