Versions Compared

Old Version 3

changes.mady.by.user Charles Wernicke

Saved on

compared with

New Version 4

changes.mady.by.user Charles Wernicke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This is a step-by-step guide for installing a Bitcoin Core node as a Hot Wallet source for CAS.

This guide has been updated for Bitcoin Core version: 0.20.1

Info

 Before you begin…

The following example presumes you have the following ready:

  • root access to a server running any current Ubuntu LTS (20.04 in this example),

  • 350 GB free disk space (plus 20 GB more every month),

  • 4 GB of memory (RAM)

It’s common for full nodes on high-speed connections to use 200 gigabytes upload or more a month. Download usage is around 20 gigabytes a month, plus around an additional 195 gigabytes the first time you start your node.

- https://bitcoin.org/en/full-node#minimum-requirements

...

1. Install the software:

Download and install the Bitcoin daemon on your server:

Code Block
wget https://bitcoin.org/bin/bitcoin-core-0.20.1/bitcoin-0.20.1-x86_64-linux-gnu.tar.gz

...

  • expect to see: "bitcoin-0.20.0.1-x86_64-linux-gnu.tar.gz: OK" .

  • ignore anything additionally reported by the last command.

Decompress the Bitcoin Core tarball:

Code Block
tar xzf bitcoin-0.20.1-x86_64-linux-gnu.tar.gz

Install it to the system:

Code Block
sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-0.20.1/bin/*

...

2. Create an RPC token:

The RPC token is designed to eliminate the need for hard-coded passwords in configuration and script files. You will receive a password here ONCE.

Tip

This password is required for CAS - it's your “RPC Password” noted in Step 6.

Download rpcauth.py on GitHub:

Code Block
sudo wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py -O /usr/local/bin/rpcauth.py

Modify the file permissions to allow the python script to execute:

Code Block
sudo chmod +x /usr/local/bin/rpcauth.py

Then finally run the RPC token generator that you just installed and enabled:

Code Block
rpcauth.py AnyNameYouWantHere

...

The cookie/token is a secure hash of your password. The point is to hide your password on the node server to other users of the node. If your node is secure, then using the cookie is simply added security in the event of a server breach, however if your server is breached - you have a bigger problem than an exposed password - and that hash will afford very little protection.

...

3. Create the Bitcoin Core configuration file.

Create a new file and secure it:

Code Block
mkdir $HOME/.bitcoin
touch $HOME/.bitcoin/bitcoin.conf
chmod 0600 $HOME/.bitcoin/bitcoin.conf

Open the file using the nano editor:

Code Block
nano $HOME/.bitcoin/bitcoin.conf

Add the following settings & credentials:

Code Block
server=1
daemon=1
addresstype=legacy
rpcport=8332
rpcauth=ThisIsAnExample:77cf8c03b15219cafb1e72ae9329d5fd$72de450660cdb6dd2689cd2cba4091646a5e8005490dec07dc577b6dad67770e

  • Replace the “rpcauth” line with the cookie/token you generated in the previous step.

  • Exit the nano editor with Control+X and save your changes.

...

4. Start the bitcoind daemon:

"When Bitcoin Core daemon first starts, it will begin to download the blockchain. This step will take at least several days, and it may take much more time on a slow Internet connection or with a slow computer."

- from https://bitcoin.org/en/full-node#other-linux-daemon

...

  • It will resume downloading from the point where it stopped the next time you start it. It may take a few minutes to completely shut down.

Tip

The Bitcoin Core node (bitcoind) is now running.

...

5. Setup a tunnel for CAS <--> node secure communication.

The tunnel must be live 24x7.

Option 1: Using the Wallet Tunnel (recommended):

General Bytes has incorporated an open-source ssh client into CAS.

Click here for instructions to install the GB Wallet Tunnel Server.

  • Perfect for the GB Cloud.

Option 2: Creating an SSH tunnel:

If you're running your own CAS server, then you may elect to use a SSH tunnel for secure RPC communication with the node. We also discourage running any software on your CAS server (except for CAS itself) and this includes Bitcoin Core. The solution is use port forwarding to enable access to your separate Bitcoin Core node. We recommend "dialing out" from CAS to the node.

...

  • "ssh -f -N" is the "create a permanent tunnel in the background" command.

  • "-i /home/gb/.ssh/bitcoind" specifies the private SSH key to be used.

  • "-L 8332:127.0.0.1:8332" are the node's RPC port definitions.

  • "gb@35.237.163.176" is the SSH "dial-in" identity of the node.

Recruit an IT professional if you are uncomfortable with any of this!

...

6. Save the required information for CAS:

user: this is the “RPC User” you invented earlier in Step 2.

password: is the “RPC Password” you also created earlier in Step 2.

...

7. Setup a Crypto Setting in CAS to access your Bitcoin Core Node.

Tip

Follow this link to see configuration instructions for Bitcoin Core with CAS.

...

Additional Notes:

More information about the RPC API: https://developer.bitcoin.org/reference/rpc/index.html

Note

Note: bitcoin-qt is NOT supported at this time.

Important notes regarding pruning nodes:

A "pruning node" (or lightweight node) is a special configuration that may be applied to bitcoind. It is unsupported by General Bytes. It is a substantial security risk when operating a BATM. Per the Bitcoin wiki:

...

Warning

The instructions given in this guide do not enable “pruning nodes”.

  • Install a full node as recommended by the Bitcoin community.

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@10d56
sortmodified
showSpacefalse
reversetrue
typepage
cqllabel in ( "node" , "cas" , "bitcoind" , "hotwallet" ) and type = "page" and space = "ESD"
labelscas bitcoind node hotwallet

...