sgeos
New member
What steps should be taken to secure darkcoind on a live server that needs to send payment? I'm interested in the case of running something like a web app, but I suspect anyone running a masternode will face similar challenges.
As far as I can tell, if darkcoind is being used to automatically send payments, all of that machinery needs to be unlocked and running on your system. If anyone competent breaks in, you lose. Are there ways to secure a running copy of darkcoind, or is your last real line of defense preventing people from breaking in in the first place?
One architecture I have read about is splitting an app across two servers- a public facing app server and an internal payment server. The app server gets invoice addresses and payment status from the payment server, but it never actually touches any Darkcoin. The payment server provides invoice addresses, processes any outgoing payments and provides notification that payment was sent. In theory, either server can monitor invoice addresses for payment. If anyone hacks the app server to point to a different payment server, you are sad. If anyone hacks your payment server, you lose.
Also, backups need to be securely managed to prevent losing a wallet.
As far as I can tell, if darkcoind is being used to automatically send payments, all of that machinery needs to be unlocked and running on your system. If anyone competent breaks in, you lose. Are there ways to secure a running copy of darkcoind, or is your last real line of defense preventing people from breaking in in the first place?
One architecture I have read about is splitting an app across two servers- a public facing app server and an internal payment server. The app server gets invoice addresses and payment status from the payment server, but it never actually touches any Darkcoin. The payment server provides invoice addresses, processes any outgoing payments and provides notification that payment was sent. In theory, either server can monitor invoice addresses for payment. If anyone hacks the app server to point to a different payment server, you are sad. If anyone hacks your payment server, you lose.
Also, backups need to be securely managed to prevent losing a wallet.