hamdi (OP)
|
|
May 13, 2012, 06:27:43 PM |
|
what´s the easiest way to generate a priv-key + recv-addr in php?
so i can make sites which accept bitcoin without running a daemon...
i want to do what bitaddress.org does in js, but in php.
don´t tell me to not keep private key on server... i will care about that... i really want to do this in php, so please don´t give any arguments against my plan.
|
|
|
|
lulzplzkthx
|
|
May 13, 2012, 06:31:29 PM |
|
Are you putting out a bounty for this?
|
|
|
|
|
hamdi (OP)
|
|
May 13, 2012, 06:48:01 PM |
|
"generate priv-key and recv-addr in pure php without a btc-daemon or any other external requirements"
bounty is 1 BTC to the first poster who posts a working php code here.
i know there is already some code around, but i just can´t find it.
|
|
|
|
lulzplzkthx
|
|
May 13, 2012, 06:48:25 PM |
|
I think hamdi's whole price is that he doesn't want to have to use bitcoind. And he doesn't have to. Now whether someone is going to write a script for him for free or not is the question.
|
|
|
|
hamdi (OP)
|
|
May 13, 2012, 06:51:20 PM |
|
read, i set a bounty of 1 btc
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
May 30, 2012, 12:42:35 AM |
|
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
May 30, 2012, 01:38:40 AM |
|
|
|
|
|
crazy_rabbit
Legendary
Offline
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
|
|
August 29, 2012, 03:30:28 PM |
|
How did this work out? I would be interested in seeing exactly how you did it in the end.
|
more or less retired.
|
|
|
hamdi (OP)
|
|
August 29, 2012, 11:59:56 PM |
|
i use vanitygen in the back now
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 30, 2012, 05:55:47 AM |
|
By the way, this is possible to do entirely in PHP, no calls to an external program. You need a PHP library for doing EC math (there is one, LGPL), the curve definition for secp256k1 (copies of SEC2 are available for free on the web) and a little code to glue it all together.
The nice part is that if you do it all internally, you can specify the private key rather than asking the program for one at random.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
1541
Newbie
Offline
Activity: 19
Merit: 0
|
|
August 30, 2012, 07:23:35 AM |
|
But there is no real "out of the box" PHP solution ready, right? As most PHP based onlineshops (oscommerce, xtcommerce, zen-cart,...) run on a shared webspace, they would really benefit from a solution that does not rely on "bitcond" running as a service (or external server).
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 30, 2012, 11:28:32 AM |
|
But there is no real "out of the box" PHP solution ready, right? As most PHP based onlineshops (oscommerce, xtcommerce, zen-cart,...) run on a shared webspace, they would really benefit from a solution that does not rely on "bitcond" running as a service (or external server).
If you don't trust the host that runs your web store with your wallet, you really shouldn't trust it with the stuff that your wallet it made of either.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
hamdi (OP)
|
|
August 30, 2012, 02:04:46 PM |
|
i now use vanitygen via exec(); from php. i then present the enduser with the bitcoin-address where he can pay his money, at the same time the private-key is sent to an off-site bitcoind to be imported there.
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
August 30, 2012, 02:30:02 PM |
|
i now use vanitygen via exec(); from php. i then present the enduser with the bitcoin-address where he can pay his money, at the same time the private-key is sent to an off-site bitcoind to be imported there.
You'd be better off generating the pair remotely, and pulling the address into the customer-facing server. The stuff that you don't want stolen is being created in the place that you are worried about it being stolen from. That isn't a great idea, even if you delete it right away.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
scintill
|
|
August 31, 2012, 04:53:02 AM Last edit: August 31, 2012, 07:15:13 AM by scintill |
|
For the challenge and to learn more about Bitcoin, I implemented this in pure PHP (bcmath extension required, but I think that's pretty standard. Edit: Goes much faster with GMP extension!) Please check it over yourself before using it! I checked several keypairs with Casascius' address utility and they look good, but I'm not an expert, and there aren't real solid tests of the code. Most of the work is by a pre-written ECC lib I found. Anyway, the code, with a demo embedded, is at https://gist.github.com/3549107. It is a little slow right now but could be sped up by using GMP instead of bcmath. I don't know if anyone still cares or if the bounty has been claimed, but it'd be nice to have. If there's interest, let me know, and I will extend and/or test it better. Edit: Cleaned up the code and made it use GMP if possible, as it is much much faster. Also found ways to use the ECC lib's helper functions more, so there is less code.
|
1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
|
|
|
payb.tc
|
|
August 31, 2012, 04:56:39 AM |
|
thanks, i care, and look forward to reviewing your work.
|
|
|
|
BCB
CTG
VIP
Legendary
Offline
Activity: 1078
Merit: 1002
BCJ
|
|
October 12, 2012, 06:49:14 PM |
|
scintill
Works like a charm. Is there any more info on how to generate a sufficient amount of entropy when generating key pairs for real world use (line 42).
Thanks!
|
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
October 12, 2012, 07:07:42 PM |
|
scintill
Works like a charm. Is there any more info on how to generate a sufficient amount of entropy when generating key pairs for real world use (line 42).
Thanks!
Your best bet is probably to fopen /dev/random and read 32 bytes from it. Be warned that /dev/random will stall until it comes up with enough entropy to complete your request. Check /proc/sys/kernel/random/entropy_avail first, or use /dev/urandom (unsafe).
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
scintill
|
|
October 14, 2012, 05:38:54 AM |
|
scintill
Works like a charm. Is there any more info on how to generate a sufficient amount of entropy when generating key pairs for real world use (line 42).
Thanks!
Your best bet is probably to fopen /dev/random and read 32 bytes from it. Be warned that /dev/random will stall until it comes up with enough entropy to complete your request. Check /proc/sys/kernel/random/entropy_avail first, or use /dev/urandom (unsafe). Yeah, that sounds good to me. I didn't know about that proc file, that's cool. Glad it's working for you, BCB.
|
1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
|
|
|
|