[jyu]

I'd like to know more about the security measures you guys take. I've been working on a personal project, and haven't found any good guides to securing bitcoin transactions and managing private keys properly (assuming you host the bitcoin client on some server somewhere).

[yumcoin]

Obviously, the security and scalability of our platform is a big part of the value we provide to buyers and sellers.

For now, know that there are a number of measures we take to ensure that the site and users' bitcoins are secure: The site runs entirely over SSL (HTTPS). We protect against CSRF and XSS attacks. The addresses used for purchases are generated offline. Withdrawals are handled separately from the application server. Importantly, sellers can withdraw their balances quickly to the Bitcoin address of their choice. As we scale up, we'll store the majority of sellers' funds offline, keeping enough for transaction fees and withdrawals.

We'll be writing a more detailed overview of how we handle security here: https://yumcoin.com/security

[jyu]

Thanks for the overview. It's refreshing to get straight answers.

Which wallet are you guys using? I've heard good things about armory which make it easier to do hot / cold storage. Keeping withdrawals separate from the application server makes a lot of sense; is this using the SSL protocol for JSON-RPC on a non-standard port, and then closing off internet facing ports for that computer/server?

Are you doing any sort of 2 factor authentication to limit hacked accounts getting emptied?

I'd be happy to email or something if you're up for it.

[gesman]

The absolutely best way to avoid any problem with stolen bitcoins is to use Master Public Key (MPK) to generate bitcoin addresses for customers to send money to. Electrum wallet (electrum.org) supports MPK. MPK allows generation of bitcoin addresses programmatically in a "receive only" way, without private keys. This way - even if hackers totally break into your server and online store database and steal everything - not a single bitcoin can possibly be stolen.

Real life implementation of this concept: http://wordpress.org/plugins/bitcoin-payments-for-woocommerc...

[jorgeseagull]

as someone in the space i can assure you they aren't taking the appropriate measures. best practices are known, but aren't being shared publicly b/c the info is an aspect of competitive business intelligence.