|
November 03, 2014, 05:00:40 PM |
|
Usually I've been generating batches of bitcoin addresses offsite, and then uploading them to a database, and refilling as needed.
However, I'd like to make a more flexible solution. So I will first describe what I need to get done:
* A user should be able to generate a deposit/payment address at will. (For example, by clicking a button or entering a web-page.)
Now, from researching HD wallets (BIP 32), I've learned you could have one master key on another server, that would be able to access and spend funds from the addresses generated on the website that holds customer deposits.
So basically what I'm looking to do is this:
1. Create a masterkey on an offline server. 2. Taking subkey from that generation and putting it on the webserver. 3. Now, it will be possible to generate payment addresses on the server each time a customer requests it. 4. As the customers pay, incoming funds will be spendable from a node having access to the masterkey only. If the public facing web-server is breached, it should not be possible to steal any funds.
Note: Master key/Master seed should only be accessible to the other server. Users should not be able to spend any of their deposited funds, that's exlusively to be done for the operator of the site.
Do anyone have any pointers as to how this is best achieved? I will probably figure it out, but I didn't find any examples, and I don't expect any hand holding, but some pointers apart from "use BIP 32", would be appreciated.
|