- Is there any good tutorial, discussion or implementation of
- What’s the best Bitcoin.conf?
- How to expose the Bitcoind API to the internet?
- How to guarantee confidentiality, integrity and availability?
Basically I’m looking for advices on how not to turn my small online shop into the new mybitcoin.com 🙂
Just some quick tips to get you started:
- run with ‘noirc=1’ so that your node IP isn’t discoverable via IRC
- run with several ‘connect=’ so your node only connects to other specific nodes that you trust
- do not expose the json api to the internet at large, confine it to localhost or specific ip only.
- if you plan to hold a significant amount of bitcoins, then estimate how many you’ll need for your daily float, and save the rest in an offline wallet (also generated on an offline computer – don’t leave traces of your keys on any internet-connected disk)
- do not accept 0-confirmation transactions, other than for really trivial amounts where speed of delivery is of the essence.
- do use new bitcoin addresses for every new customer and order. address reuse makes it easier to track your customers.
There are probably a more items that could be added to the list, this is certainly not to be treated as comprehensive.