Skip to content

mhanne/webtc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
app
app
 
 
config
config
 
 
db
db
 
 
doc
doc
 
 
lib/tasks
lib/tasks
 
 
public
public
 
 
script
script
 
 
spec
spec
 
 
vendor/plugins
vendor/plugins
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
LICENSE
LICENSE
 
 
README
README
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 

Repository files navigation

== WeBTC

This is a bitcoin online-wallet application based on the bitcoind RPC API.

== Requirements

* bitcoind
* ruby 1.9
* rails 3
* database (ActiveRecord compatible; sqlite3, mysql, pgsql)
* GPG and GPGME

== Features

* list/display addresses
* list/display transactions
* label addresses
* send transactions (autocomplete labels)
* (of course it also receives transactions, but bitcoind does that for us :)
* key encryption (see below)
* flexible transaction verification / limits

== Key encryption

Every user may have a GPG key secured with his account password.
When the user signs out, all his bitcoin private keys are encrypted to this GPG key
and then removed from bitcoind.
When the user signs in again, he gives his password, the keys are decrypted and
loaded into bitcoind.
This way an attacker who compromised the server only has access to the currently
logged in users' money.

This can be enabled globally in config/application.rb (because it requires a patched
bitcoind) or as a user setting (because it makes password recovery impossible).

For this to work, you need a bitcoind that supports dumping, loading and removing
private keys. For the time being you have to use the 'showwallet' and 'removeprivkey'
branches from my git repo (git://github.com/mhanne/bitcoin.git).

== Transaction Verification

There are different kinds of verifications, all have in common that they generate a
code, store a salted hash, and send it to the user through a specified delivery method.
Delivery methods can be email, SMS, Jabber, whatever.. (only email yet).
A user can define rules which specifiy an amount, a time frame and a verification method.
Each transaction exceeding the amount in the given timeframe needs to be verified with
the defined method. Codes are sent to the user and they must be entered on a confirmation
page before the transaction is sent to bitcoind.
There are also two special kinds of verifications:
"Confirm" only displays the confirmation page, but provides the code in a hidden form field.
"Deny" throws away the code so it can never be verified; to be used for hard limits.

== Setup

Install ruby 1.9 via your distribution, RVM or from source.
Install development libraries for your database.
Run `bundle install` to install all ruby libraries.
Edit config/database.yml (if you don't use sqlite3)
Run `rake db:migrate` to setup the database.
Edit config/application.rb and configure your bitcoind connection.
Create .gpg/ folder with chmod 700
Run `rails s` to start the webserver.
Open your browser at http://localhost:3000/

== Tests

To run the tests, make sure you have a test database configured and the schema loaded.

 rake db:test:prepare

Then you can run either the whole test suite

 rake spec

or individual tests with

 spec spec/controllers/transactions_controller_spec.rb

== License

This application is released under the MIT license (see LICENSE file).

About

Bitcoin online wallet

webtc.interesthings.de

Resources

Readme

License

MIT license
Activity

Stars

13 stars

Watchers

4 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages