Categories
Programming

Making a Bitcoin service: web hierarchical deterministic wallet

It looks like Bitcoin is developing really fast these days, both on the usage and on the technical side. There are a lot of usability issues, and ideas for bitcoin services that look great on paper but don’t exist yet. Many of those ideas will be created with time, some of them though it’s better to go ahead and make as soon as possible, to let people use and see the advantages and disadvantages.

One of the most interesting ideas I’ve read so far is the creation of the Hierarchical Deterministic Wallet, or Bitcoin Improvement Proposal (BIP) 32. It is trying to solve the problem that currently the standard Bitcoin clients need generate independent new Bitcoin addresses to the user, and store a piece of secret in a wallet file for every Bitcoin address a person has. If that file is gone and not backed up, the person will lose access to those coins permanently.

Others tried to fix this too, like Armory and Electrum, two clients that can generate a whole chain of addresses, though have their own limitations that I don’t go into (though at the moment I’m using Electrum for most my coins).

BIP32 on the other hand can generate infinite number of new address from a master secret, and all of that arranged in a hierarchy that one can create well separated accounts and addresses very easily. One example is creating a separate wallet for each of the branches of a store, or for different websites a person is working on.

BIP32 key derivation scheme (click for full size)
BIP32 key derivation scheme (click for full size)

One practical problem with BIP32 was that I couldn’t find any wallet management software for it. Electrum has that in the works (I think for the 2.0 version) but they are not there yet. Had to make one myself to try it out.

Design choices

I wanted to make something easy to use (as much as possible given the hairy details), secure, and powerful enough.

For ease of use, it’s a single web page that does all the work with Javascript and HTML; try to have as few moving pieces as possible; make sensible default choices, e.g. for the structure of the hierarchy.

For security the keys entered in the page are never transmitted over the network; the created transactions can be checked independently by a 3rd party (can decode it with Blockchain.info); the single page can be saved

For power it can use both public keys for querying balance, and private keys for actually preparing transactions; it generates addresses automatically; it has everything needed for transactions within one page, with very little external dependency; have access to advanced functions if needed.

WebHDWallet main screen
WebHDWallet main screen

Implementation

It took a few day, it it was too bad to get to a working prototype: it is hosted on http://webhdwallet.github.io/, but can be downloaded with all the code to makei it a stand-alone application.

I didn’t want to implement the BIP32 extended public/private keys generation because someone better than me already did it at BIP32.org, and it is also a good way to separate responsibilities. Two independent crooked website is much less likely than one, isn’t it?

The Bitcoin functions, including using the BIP32 keys, are delegated to the bitcoinjs library. Apparently there are a bunch of forks of the original one at various stage of advancement, and incompatible added features. I have chosen the fork one that looked the most active, by BitGo, to import into this project. So far so good, maybe will do some porting of features between the forks later.

The “standard” way of creating addresses from here is creating two chains: an external that the user is supposed to share with whoever wants to pay him or her, and an internal chain for change addresses (to eliminate address reuse as payments are sent). The site creates the bunch of these addresses starting from the 0th one (as computer programming so often start to count from 0).

All of these addresses are checked with the Blockchain.info JSON API whether they ever had any transactions. If they did, then check for the spendable coins, and generate some more addresses in the chain. This tries to reduce address reuse and ensure that all addresses used so far are checked. Of course, this is one of the weaknesses of BIP32 – one can never really be sure without a lot of computation or out-of-band communication whether all the addresses ever used with the key are accounted for.

If any spendable coins are found, then the user can create a new transaction. I didn’t put in too much effort into finding a good coin-selection algorithm, just start from the oldest one and add more to the input side of the transaction until there are enough to cover the desired outgoing amount. Apparently, though, that is a good way to do it, so fair enough.

If the extended public key is used, then the page only knows enough to create an unsigned transaction. This can be checked, and hopefully later I’ll be able to implement the feature of signing such transactions  (with the same page) when being offline for security. If the private key is present, then a proper signed, spendable transaction is made, and ready to be submitted via the Blockchain.info Broadcast Transaction tool.

The receiving addresses have QR generation too. The chain addresses not, because they shouldn’t be used directly – this is just some opinionated programming.

Usage

The incoming BIP32 keys are generated as it is described in the help section of my page: choose a hard enough passphrase, and generate a child key as custom m/i’ child path (this should really be standard, by the way). It just means take the master key (m), and create the ith child in “private derivation” mode (hence the prime). Can see the original BIP32 page for some of the details.

This leaves you with an extended public key (something starting with xpub…) and an extended private key (xpriv…). Should keep the passphrase from the previous step as well, but definitely these two keys.

When one of these keys is plugged into the page, it starts to generate the appropriate keys for the two wallets, and the balance shows up. When any balance is found, a new transaction can be created, and sent off to the network with Blockchain.info.

To prove that I made this work before at least, the extended public key to generate the listed donation address of 17NWCFWo8EvFp7vtkbRH6ec3DEdxZhrhrd is xpub69i6TTB6JU2mwcQ7pKeDG8aAMnc2AZ2UdpuphoNak4nT4UTWYhkSGqpDgbGjHGbxYVK8jNF4eXMRk1aeGweLxiCWWB5EjKm3k6YMKoWN5VT (receiving address chain index 1) – go ahead, try it. Also used the page to create a small transaction – sending the from receiving address chain index 0, which also used the change chain index 0 address. When that worked, that was a relief. :)

Future

There’s a lot to do about this project and related services to make it more usable and interesting, the Issue Tracker is bursting with ideas. Here are some with higher priorities:

  • really make it offline usable (which would remove a lot of security concern, probably). Will need to think much more about the internal implementation then, how’s the most user friendly to create new transaction if you cannot go online to get data (what and how to import between online and offline)
  • make a usage video
  • generate addresses in the receive/change chain at arbitrary indexes (could be useful)
  • add QR code reading to the input field, probably via jsqrcode.
  • implement storage of retrieved data so it’s more user friendly when on non-public computer
  • talk to the bitcoin network directly, either to get the input or to send the transaction. Some groundwork is laid down in a blogpost recently about using the raw Bitcoin protocol in Python.
  • implement my own server/API for Bitcoin/Litecoin/Dogecoin that can be used with BIP32 wallets, and probably Blockchain.info compatible. Currently there are no good service for such altcoins (even if it would be pretty straightforward I think), and for the Testnet (so not risking real value to try things out)
  • implement a Point-of-Sale app (I guess on Android), that uses an extended public key to generate receive addresses for incoming transactions (totally hold-up-safe, and crooked-employee-safe payment method)
  • implement a WordPress plugin that uses extended public key to generate per-post donation addresses (for the donations themselves, as well as analytics-via-payment)

Well, at least the first step is done. All source up on Github. Would love to hear from anyone who used it, and what do you think could be improved upon.

Categories
Maker Programming

Bitcoin vending machine prototype

Since my last exploration of bitcoin, there are a lot of things happening in that topic, and the geekiness of it (among other things) didn’t let me go. There were a lot of talks about one more more Bitcoin ATMs (like Lamassu) coming here to Taiwan, but all of them are months in the future. I thought maybe it could be interesting to build my own – let’s call it – vending machine, for fiat-to-bitcoin transactions.

There were other people making similar effort, for example the Open Bitcoin ATM, but I felt they fall a bit short and unlikely that I can get the same parts over here.

Preparation

For a vending machine like this to work, there’s really only one piece of equipment is needed, the bill acceptor. I have looked around on eBay, and Alibaba for a Taiwan Dollar (TWD) bill acceptor, but there’s little to none to be found. Looks like I still got lucky that one of the big vending machine manufacturers, International Currency Technologies (ICT) is actually local (less than 1 hour on public transport from here, maybe?).

Looking around their side, they have plenty of bill acceptors (many but not all can do TWD). They don’t have any local distributor, so I got in touch with their sales directly. The first guy didn’t speak any English, but somehow after a handful of emails I got to guy with pretty good English (which is unfortunately not as common as I’d like it to be). A few weeks (yes, weeks) of emailing, and some nudging phone calls I got some useful information out of them.

I asked, what do I need if I want to use a bill acceptor for “a digital goods vending machine”, and maybe a thermal printer (that’s cool, wanted to use one for a long time)? They had some advice which parts do I need, and how much would they cost. Their recommendation:

  • XBA, the most advanced bill acceptor [US$340]
  • GP-58IV thermal printer (an advanced, not yet announced version of GP-58III) [US$150]
  • a payment system board to make it easier to use them together and with an external control board (no mention of it on the website) [US$140]

It does add up quite a bit before any housing, brains, and display – definitely more than the Open Bitcoin ATM’s supposed $165 tag. But it looked like it does worth it, I went ahead and ordered it (+5% VAT, since I’m not a company).

Parts laid out on the table
Vending machine parts: bill acceptor, control board, thermal printer.

The parts arrived quite quickly (as a reference, 3 days ago), within less than a week of the order, because they were in stock. Unpacking is fun, though soon it was obvious that not everything is smoothly on track.

The guides attached were barely scratching the surface, contained no information on how to make the units work with the computer (i.e. no protocol, no nothing), maximum referring to some software that I didn’t have access to, and would run on Windows anyways as opposed to my Linux system.

Asking and re-asking a bunch of questions to the sales guy made it clear:

  • the thermal printer does not need the payment system board, and indeed it cannot even talk to the printer (though an attached documentation says the opposite). Need a “main” board to print to it.
  • the thermal printer on the order was 12V supply and RS232 connection, while mine is 9V and USB, and apparently the former does not even exist.  It uses wallplug instead of shared power like the bill acceptor and the payment system board.
  • the payment system board cannot control the bill acceptor with the current RS232 cable, because its single RS232 connector is for the external “main” board that I should make. If I plug in the bill acceptor in there, the payment system has to be stand-alone
  • the bill acceptor comes with a power plug which is type 172340-1, that none of the local computer part stores know, so I cannot (easily) supply power to it. They will send me another adaptor cable to improve on this.

Based on all this it seems like that even if they knew my use-case correctly, the actual parts I got do not fit together the way they represented it, and there’s plenty of confusion about the specs. I really didn’t need the payment system board, for example…

All in all, my contact was quite helpful, and pretty quick to reply, though it is still quite painful first encounter with system integration, and there’s a lot more to fix with the hardware, though was good enough to start.

Assembly

There was a lot more querying in the emails about related documentation. Got the description of the ICT-104 protocol to communicate with the bill acceptor (it’s not too bad). Got the windows printer driver for the thermal printer, though managed to use it without that (and installing Windows): it turns out that the printer implements the Epson ESC/POS protocol, for which there’s already a python library, the python-escpos. It seems to be pretty dead, but good enough for initial testing. 

Thermal printer test print showing a Dallas Clayton poem, Good/Bad
Thermal printer test print

The test prints are “okay”: the text is fine (32 char/line), barcode and qr code should be usable but there seems to be some communication problem that breaks images (like the space shuttle on the above picture), that needs to be debugged (seems like not all gifs are created equal, for example, some are more reliable). Oh, I used Dallas Clayton’s poem, “Good/Bad” for the testing.

Played with the bill acceptor as well, using some pins and a bench power supply (set to 12V, the bill acceptor eats max ~0.6V when the motor is running), and hoped that I don’t blow the circuit… So far so good.

The vending machine flow is something like this:

  1. turn on
  2. read receive address of customer
  3. accept payment
  4. calculate outgoing bitcoin
  5. send payment
  6. print receipt

I was doing the printer testing in Python, and RS232 is pretty easy in Python, so just cobbled together a command line vending machine interface in Python.

Turn on, communicate with the bill acceptor, display some initial information that I know that it’s going well.

Start running zbar in the background to read qr codes from the computer’s webcam. Using the console to exchange information, didn’t have time to fix up the python-zbar integration, though it should work as the Electrum bitcoin client uses it as well.

After an address is read, read the notes of the bill acceptor, and update the sum of received pay. This is listening on the RS232 line for specific codes, and replying to tell the bill acceptor what to do (i.e. accept/reject).

When the user is finished and signaled that to the interface, calculate the outgoing value, send the payment through a payment server. The payment server is a nodejs script that accepts payment information through a REST API. It does it very badly, insecurely, using the wrong REST model (it should be “POST” to do anything with consequence, never “GET”), but it does work. It connects to a local bitcoind instance (over SSL at least, not that it matters in this case, but at least I know SSL will work for the “real” server), which at the moment is connected to the testnet, not the real one.

After the payment is sent, print the receipt with some useful information on it, and a bitcoin logo for good measure.

The current stages of the both the bitcoin vending interface, and the payment server are open source and online. And it worked, here’s a video of it in operation.

Future

I hoped it would be in better stage before tomorrow’s Bitcoin with a Lawyer’s Eyes event in the Taipei Hackerspace, but either way it is good to think ahead further.

If I want to make it really useful, and a “real” machine (one that you can kick or pour beer over it and still keeps working, as one of my friends put it), there are some specific things I can improve:

  • enclose it in a box: metal, laser cut acrylic, …?
  • better bill acceptor: keep bills in escrow before the payment gets through, disable acceptance unless we are at that stage of the workflow, set maximum vending amount in one go.
  • designa a better interface, that can do multiple payments before needing to restart
  • price not hardcoded into the software but dynamically set
  • print relevant links embedded in qr code, eg. transaction on  blockchain.info
  • make the payment server secure and improve the overall security, eg. have a code or activation for starting up
  • hook it up to the proper bitcoin network (this is the scariest part)
  • build a few more, fund them, and put somewhere accessible

Now back to work.

Ps: My purpose of building any such machine is to make it easier to acquire bitcoins, this spreading their usage and increasing their usefulness. If you feel like tipping, my address is 1GxSUTrw5onv9HbJhKN5PVhuyxm4j75X8d. Thanks!

Categories
Computers Life

Two day dive into Bitcoin

Nudged by a number of different news about bitcoin, I decided that this is the time to give it a new look and try to learn as much about it as possible. I wanted to explore how to use it in practice, so I have spent the last two days figuring out as many aspects of bitcoin as I had energy to do.

Introduction

As a short intro for those who are not familiar with bitcoin, check the “What is Bitcoin” video, or the Bitcoin Wiki. In a nutshell, it’s a kind of currency, that lives all in computer, based on cryptographic algorithms, in a way that people can send each other amounts of bitcoin securely. The coins are created by “mining” by computers doing heavy work, your balance is stored in a “wallet” as special numbers, and you send them from and to bitcoin “addresses” (people can have as many addresses as they want). The value of these coins decided by people exchanging it, between each other, or from bitcoin to currencies or back. (any thoughts on this introduction can be given in the comments, though I hope to explain things simpler instead of “completely” right)

Mt.Gox bitcoin price chart of the last 1 week
Mt.Gox bitcoin price chart of the last 1 week

Getting some

Since mining is out of practical reach now, logically there are two ways to get bitcoins: buy them, or earn them. Buying sounds more straightforward, and let’s check that one out first.

Exchanges

It’s much easier to say than to do to exchange any money to bitcoin. For seller’s safety (since there are not chargebacks in bitcoin, but on most money-exchange platforms there are), one has to jump through hoops to get anywhere. So far for me there were just too many hoops, no matter how much I was jumping.

Mt.Gox is probably the most well known bitcoin exchange, based in Japan. I find it awesome that it was originally made to trade Magic: The Gathering gaming cards. A real effective pivot if I have ever seen one. The price is generally higher than on the other exchanges (better for sellers), requires verification to deposit, and as I read before, it has a history of suspending payouts when their cashflow is not good enough for it. I have started the verification just in case, hopefully their Japanese skills (ie. Kanji) help my Chinese language documents ahead. Don’t think I will use them to buy any coins, though.

Bitstamp seems to have somewhat lower prices (better for buyers), though the minimum deposit fee of $15 is pretty high. They also require verification though for me that didn’t work out: living in a Chinese writing country, even if my government ID has my address on it, and I typed in my Chinese address, they spit it back saying “we don’t read Chinese, get us a notarized English version”. That just doesn’t worth it.

Kraken seems to be another one that might work, since they seem to have a better connection to UK banks (will see in practice), and for historical reasons I still have an account in the UK with some pocket money that would be enough to experiment with. They seem to be the most  lenient in verification, and pretty responsive support emails.

AsiaNextGen is a Hong Kong based exchange, and when I heard about it from a friend, I had high hopes, though in practice it didn’t quite work out. It could use Alipay to deposit as well, and just recently heard how popular Alipay is in China for all kinds of online trading. No wonder, since it’s a pre-paid account, making things more secure in an environment where both buyers and sellers have to be extremely wary of fraudsters. But that’s for another story. At the moment it’s enough that the English site of Alipay seems to be only for businesses, so that’s all for now.

If I ever wanted to start my own exchange, for a few minutes it looked like I had found the tool for that in the form of Buttercoin, an open source trading platform. But the software development seems to have stopped a few months ago. They also appear to be turned into a company called Buttercoin, which would be also interesting, though they don’t ship anything yet..

ATM

Learning more about the whole ecosystem, the bitcoin ATM seems to be an even better idea than an exchange. The relevant corners of the internet are full with the success story of the (not really) first bitcoin ATM in Vancouver. It just makes sense due to its convenience.

Robocoin is I think the maker of that ATM, and they look very full featured – as much as I can tell regulatory compliance from gibberish. They only seem to target Canada at the moment, maybe because it’s been tested and worked.

Lamassu is another vendor, that looks really good, and e.g. already capable of accepting TWD. If I had a spare $5000… The design looks really good as well, definitely would attract interest here.

Lamassu bitcoin ATM
Lamassu bitcoin ATM

It’s not an ATM, but close enough – LocalBitcoins would let people exchange BTC/cash in person. Except in Taiwan nobody sells (well, there’s one guy, but my spidey-senses are tingling about that listing).

Work for your bitcoin

If I cannot buy some, let’s see if I can earn some. Now this turned out to be a short, eye-opening journey to the underbelly of the Internet. Not too deep, I didn’t go too far, but I’ve seen more seedy websites than I’ve seen in a very long time. Won’t name names here, just to be on the safe side. :)

It all started with Google searches like “free bitcoins” and “earn bitcoins”, and there are enough sites for listing a lot of the services like that. The results are falling into three main categories:

  1. Sites that don’t work anymore (most “free” giveaway sites).
  2. Sites that have some kind of useful service.
  3. Scams

The most are I think 1 and 3, and there’s some overlap between 2 and 3 as what’s useful for the “worker” is not always useful for the community as a whole.

I’ve spent about 2 days exploring how these different sites work.

The most useful was an Amazon Mechanical Turk style service, where people can fulfill tasks requested by others. All are very low payout at the current exchange rate (you’d be lucky to make few $cents/hour with them), though some of them are lower than other. I had some kind of article categorizing, author discovery work that someone’s running, I guess scraping the web for personal and mental health topics. That had snapped up I think more than 20.000 tasks (each a bunch of sub-tasks) in a day or so. A better paying task is checking profile pictures of some social networking (I guess dating) website for policy violations. It paid better, but the tasks were quickly snapped up, and I’m kinda glad. That was enough of it.

Other sites seem to be focusing on advertisements, paying you to visit sites and watch videos. The sites are usually other bitcoin related services (trading, betting), though there were other ones as well, like investing in a poker playing team. The videos were mostly crappy pop music from performers who I guess couldn’t make it popular otherwise. Though most of these seem to come through a service which has a name suggesting they offer making your media go “viral”. Good riddance to both the sites and the videos, I don’t think I have seen more than a dozen sites and half a dozen videos (with the sound off:).

The last type of sites I’ve seen were for solving CAPTCHAs. Being a sysadmin who hates spammers, I didn’t use any of these. I’m experimenting, at the previous sites I actually did something (marginally) useful, and to my surprise I was somewhat interested in the links and videos I’ve seen that I would not have heard of otherwise. Deliberately hurting other sites, as I know these solutions would be used for, is not acceptable. Of course, this is just scratching the surface, and I don’t want to go that deep to see the “real” underbelly of the Internet.

All in all, this 2 days resulted in 0.00103601BTC ($0.36 at current exchange rate on Mt.Gox). That’s not enough even to send it to anyone free on the network (need a minimum of 0.01BTC as I know), but it’s some learning. I call it a day.

One more thing, I found a website where one could mine bitcoin using a Java applet, and turned out I did mine 0.08+BTC back in 2011. The site turned out to be a scam, though, so I think I can consider as those coins were never mine.

Practicalities

Besides the finances, I tried to explore the practical aspects of bitcoin as well, using it day-to-day, or how it could work on the long term based on my understanding. Most things are only as good as they are easy to use and reliable, those are my main questions in general.

Clients

I’ve started checking the different bitcoin clients that can create and manage my wallets.

Multibit was the first one I’ve checked, and I keep using at the moment. It’s really quick to start, and now it’s less confusing than it was 2 days ago. It’s easy to create new addresses, my notifications are clear, and can use multiple wallets. Will have to figure out how to export and import wallets to other services, though.

Electrum is very interesting, because it’s based on a pass phrase of a list of words, and algorithmically generates the follow up addresses. This two features make it easier to keep the wallet safe against self-harm (hard to lose). The client was too simplistic, and some of the things I didn’t understand, so went back to Multibit later.

The official bitcoin-qt client might be the one that does the heavy lifting for the whole network (and for the previous two clients as well, so they can be snappy). I was just horrified that it takes 14Gb of data (and almost one whole day of computation) to set it up. That data is the total transaction record of the bitcoin network. I cannot even think what will it be like when it will be truly popular. I’m experimenting with this a bit as well, though likely that in the future I’ll try to find another computer instead of my laptop to run this and stay with thin clients.

Blockchain.info is a very useful site, and could be great to start with bitcoin. I like that it has “watch-only” addresses (no spend just monitor), and their Android app can notify me when I got transactions to those addresses that I watch. It has a lot of geeky information and tools too.

There are a bunch of other ones as well, Brainwallet, Bitcoin Wallet, Coinbase, Bitaddress, and more. Need to digest all of this new information and come up with a good way how to manage and keep safe the coins.

Bitcoin itself

I’m learning more about the technical side of bitcoin as well. I feel I understand it more now that I’ve tried in in practice, and can as better questions.

The trickiest part I think is the issue of micropayments. At the moment they are discouraged because the technical architecture of things cannot really handle it. The earning services seem to handle it by grouping multiple payouts into a single transaction, once an hour or once a day. On the other hand, if I want to make a micropayment (or even regroup my tiny amounts into a single address), then I’d have to pay for it dearly.

These transaction fees are the other question, that it’s not that straightforward how much those fees are. Looks like too small, and too big payments both incur fees, but there’s a bit of arbitrariness about it, and I don’t quite understand it.

The long term changes to bitcoin, the transformation of miner incentives from mining payout to transaction fees make these even more critical, though it’s likely years till that becomes an issue.

QR codes are very widely used, I guess that’s the intersection of large availability of mobile apps and the need for accurately entering a very long string that is a bitcoin address. It seems to be a good idea, and one example I’ll use further down.

Overall experience

I’m really impressed by this first experience. There are a lot of issues ahead, but when it works, bitcoin does an awesome work. It is borderless so anyone can be paid very easily (good because more opportunities) and many people are striving to get a piece of the pie (not that good because the opportunities are quickly exhausted).

The technical side feels truly futuristic, and I feel much more enabled, and just a little bit scared by the “what haven’t I think of” when operating things. That user experience will surely be even better in the future. Merchant tools offered by different places (eg. on Mt.Gox) are also seem to be pretty good enablers (once people can actually freely exchange currency and BTC).

I’m also very impressed how many different services people created based on bitcoin. There are truly awesome services, and also a lot more “also runs” who are still clearly more than a minimum-viable-product. If so many people are creating so many things, I am thinking why does it take so long for me to get my own (much smaller) project going?

Now let’s see what does the future bring. I hope I can contribute to this as well in some useful way.

Bitcoin donation link to 1Pem9zU7AMMif4t6zyP6r84T2BaEsY6USgIf you like the blog, bitcoin, and want to experiment, you can throw some bitcoin at me at 1Pem9zU7AMMif4t6zyP6r84T2BaEsY6USg. All donation I will use for good, among others to support the Taipei Hackerspace (there’s a direct donation link on their website as well).