Bitcoinrpc connection to remote server

StackOverflow https://stackoverflow.com/questions/21324050

Domanda

Hey I was wondering if anyone knew how to connect to a bitcoin wallet located on another server with bitcoinrpc

I am running a web program made in django and using a python library called bitcoinrpc to make connections.

When testing locally, I can use bitcoinrpc.connect_to_local), or even bitcoinrpc.connect_to_remote('account','password') and this works as well as long as the account and password match the values specified in my 'bitcoin.conf' file. I can then use the connection object to get values and do some tasks in my django site.

The third parameter in connect_to_local is default localhost. I was wondering:

A) What to specify for this third parameter in order to connect from my webserver to the wallet stored on my home comp (is it my IP address?)

B) Because the wallet is on my PC and not some dedicated server, does that mean that my IP will change and I won't be able to access the wallet?

C) The connection string is in the django app - which is hosted on heroku. Heroku apps are launched by pushing with git but I believe it is to a private repository. Still, if anyone could see the first few lines of my 'view' they would have all they need to take my BTC (or, more accurately, mBTC). Anyone know how bad this is - or any ways to go about doing btc payments/movements in a more secure way.

Thanks a lot.

È stato utile?

Soluzione

I'm currently doing something very similar (heroku using express/nodejs instead of django/python tho) so I will try to share my thoughts.

In spite of using other library and other language, all the wallet remote libraries should be primarily a wrapper around JSON RPC (remote procedure call) API, which is actually the same for most of the coins out there (i would say all, but that would be a wild guess).

Specifically to your questions:

A)

To access the wallet from outside, use your external ip (fastest way to find it is to query google for it). Depending on your ISP you hopefully have static external address. You must provide this address to bitcoin.conf file under rpcallowip= option to allow incomming connections.

Moreover you should forward the used port in your home router (usually under NAT settings) to your local machine so the incoming connection from the server is allowed and redirected to your wallet computer.

There is one important thing to consider (https://en.bitcoin.it/wiki/Running_Bitcoin):

By default, only RPC connections from localhost are allowed.  Specify
as many rpcallowip= settings as you like to allow connections from
other hosts (and you may use * as a wildcard character).
NOTE: opening up the RPC port to hosts outside your local
trusted network is NOT RECOMMENDED, because the rpcpassword
is transmitted over the network unencrypted.

I am yet to look into it further, from this comment alone it seems totally unusable for monetary transactions.

B)

As I said before, it depends on your home ISP, type of connection and the service provided to you.

C)

If I understand correctly from a django point of view, as long as the login parameters (username/password) are inside a view (views.py of your app) and the debug mode is turned off, source code of the server should not be publicly accessible. But the security concern from A still applies.

Altri suggerimenti

You can use SSL with RPC to hide the password.

rpcssl=1

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top