...

...

This guide

...

demonstrates Bitcoin Core installation for version: 27.0

...

Other/newer versions may (and probably will) work, but this guide only supports this version.

...

Info
Before you begin… The following example presumes you have the following ready: root access to a server running any current Ubuntu LTS (2024.04 in this example), sufficient free space on your storage/hard drive for the full Bitcoin blockchain, the blockchain increases in size by approximately 20GB per month, 4+ GB of memory (RAM).

...

Download and install the Bitcoin daemon on your server:

wget https://bitcoinbitcoincore.org/bin/bitcoin-core-27.0.20.1/bitcoin-27.0.20.1-x86_64-linux-gnu.tar.gz

Optional: verify the file integrity:

wget https://bitcoincore.org/bin/bitcoin-core-27.0.20.1/SHA256SUMS.asc
gpg --list-keys
gpg --keyserver hkp://keyserver.ubuntu.com --refresh-keys
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0x90C8019E36C2E964
gpg --edit-key 0x90C8019E36C2E964
trust

• Press 5 (“5 = I trust ultimately” ), and “y”:

...

• then type “quit” to exit gpg. Next, examine the signature:

gpg --keyid-format long --list-keys --with-fingerprint 0x90C8019E36C2E964

• expect to see: "Key fingerprint = 01EA 5486 DE18 A882 D4C2  6845 90C8 019E 36C2 E964"

gpg --verify SHA256SUMS.asc

• expect to see: 'gpg: Good signature from "Wladimir J. van der Laan (Bitcoin Core binary release signing key) <laanwj@gmail.com>"'

sha256sum --ignore-missing --check SHA256SUMS.asc

...

• If successfully verified, you’ll see: "bitcoin-0.2027.0.1-x86_64-linux-gnu.tar.gz: OK" .ignore anything additionally reported by the last command.

• There are additional (optional) steps that can be taken to authenticate your download, and you are definitely encouraged to avail yourself of them. See: https://bitcoincore.org/en/download/

Decompress the Bitcoin Core tarball:

tar xzf bitcoin-27.0.20.1-x86_64-linux-gnu.tar.gz

Install

...

the 2 required binaries to the system:

sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-27.0.20.1/bin/*/bin/bitcoind
sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-27.0/bin/bitcoin-cli

...

2. Create an RPC token:

The RPC token is designed to eliminate the need for hard-coded passwords in configuration and script files. You will receive a password here ONCE (unless you repeat the process and generate a new token).

Download rpcauth.py

...

from GitHub:

sudo wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py -O /usr/local/bin/rpcauth.py

...

rpcauth.py AnyNameYouWantHere

• Replace AnyNameYouWantHere with any preferred user name.Avoid using

  • Don’t use spaces or any special symbols.

Example:

...

• Save all the information securely. You'll need every detail in the steps to follow.  

• The RPC User = AnyNameYouWantHere

• The RPC Password = Kq66rZya7MNpCU_e0zZSgjR2Mb7rBeyX9QSeGhwPMeY=

• The cookie/token ("rpcauth") will only be required in the Bitcoin Core configuration file (next step). The token authenticates the specific username+password combination created.

...

3. Create the Bitcoin Core configuration file.

...

nano $HOME/.bitcoin/bitcoin.conf

Add the following settings & rpcauth credentials (created above):

server=1
daemon=1
rpcport=8332
rpcauth=AnyNameYouWantHere:cbb36c03b15219cafb1e72ae9329d5fd$72de450660cdb6dd2689cd2cba4091646a5e8005490dec07dc577b6dad608a80
# enable RBF
walletrbf=1

• Replace the “rpcauth” line with the cookie/token you generated in the previous step 2.

• Exit the nano editor with Control+X and “Y” to save your changes.

• The CAS parameter “port” is the same as the “rpcport” specified in this step (8332).

...

"When Bitcoin Core daemon first starts, it will begin to download the blockchain. This step will take at least several days, and it may take much more time on a slow Internet connection or with a slow computer."

- from https://bitcoin.org/en/full-node#other-linux-daemon

bitcoind

• It may will take several a few minutes for Bitcoin Core to completely start.

• In actual practiceWith the first startup, expect to wait 1- 5+ days for bitcoind to fully synchronize.

• CAS will NOT be able to interact with bitcoind until the synchronization is COMPLETE!

  • When restarting the node, the sync will happen quickly (an hour or less).

• To check the status, get the current block being processed by your node: 

  • Code Block
    bitcoin-cli getblockcount

  •  Compare the returned number to the latest network block:

    • (e.g https://www.blockchain.com/btc/blocks)

  • The debug log is typically located at $HOME/.bitcoin/debug.log

    • You can also check the status periodically using tail .bitcoin/debug.log

...

bitcoin-cli stop

• It may take a few minutes to completely shut down.

• It will resume downloading synchronizing from the point where it stopped the next time you start it. It may take a few minutes to completely shut down.

...

5. Setup a secure tunnel for

...

The tunnel must be live 24x7.

...

encrypted communication.

Your CAS server and this node must have a secure line. Your password and other sensitive information will be passed back & forth. Encrypt (and thus protect) this communication by using a secure SSH tunnel.

The GB Wallet Tunnel is recommended.

General Bytes has incorporated an open-source ssh SSH client into CAS.

Click here for instructions to install the GB Wallet Tunnel Server .

• The CAS “host” parameter used will be this node’s public IP.

• The CAS “port” parameter will be the same port specified as the “rpcport” in Step 3 (above).

Option 2: Creating an SSH tunnel:

You may elect to use a SSH tunnel for secure RPC communication with the node. We also discourage running any software on your CAS server (except for CAS itself) and this includes Bitcoin Core. The solution is use port forwarding to enable access to your separate Bitcoin Core node. We recommend "dialing out" from CAS to the node. Seeon this node.

...

...

The general usage would be:

ssh -f -N -i /home/gb/.ssh/bitcoind -L 8332:127.0.0.1:8332 gb@35.237.163.176

In the above example,

• "ssh -f -N" is the "create a permanent tunnel in the background" command.

• "-i /home/gb/.ssh/bitcoind" specifies the private SSH key to be used.

• "-L 8332:127.0.0.1:8332" are the node's RPC port definitions.

• "gb@35.237.163.176" is the SSH "dial-in" identity of the node.

...

...

6. Save the required information for CAS:

...

password: is the “RPC Password” you also created earlier in Step 2.

...

7. Create a Wallet

After the node has fully synchronized, you’ll need to create a hot wallet.

• As of v23.0, the native, default wallet type is “descriptor”.

• See: https://bitcoindevkit.org/descriptors/

Create a Descriptor wallet:

bitcoin-cli -named createwallet wallet_name=cas_default avoid_reuse=true load_on_startup=true

• Creates a subfolder cas_default containing a wallet.dat file (the actual wallet),

• sets the avoid_reuse flag to comply with Bitcoin convention, and

• loads the cas_default wallet automatically when starting the node.

Create a new wallet address for funding:

bitcoin-cli getnewaddress bech32m

...

• The latest “bech32m” (Taproot) option is demonstrated, but any type works with CAS.

• Send Bitcoin to whatever address is generated to fund your node.

  • The address bc1q4wv99c3yqpwttt7a59qqqqmyxda0z8l2ups7fx is only an example (do not send BTC to it).

...

8. Final Step: Configure your CAS

Your bitcoind node is now complete, but you’ll still need to plug in the parameters (created above) into your Bitcoin Crypto Settings.

...

Notes

...

1. Remote Procedure

...

Calls (RPC) (all)

...

:

More information about the RPC API: https://developer.bitcoin.org/reference/rpc/index.html

...

2. Pruning nodes:

A "pruning node" (or lightweight node) is a special configuration that may be applied to bitcoind. It is unsupported by General Bytes. It is a substantial security risk when operating a BATM. Per the Bitcoin wiki:

...

...

Housekeeping

This data is outside the scope of GB Support, but is presented here because it is frequently asked.

RBF and CPFP

Deploying a Bitcoin Core node grants you the ability to modify your unconfirmed transaction fees. Without a node, you must rely on third-party services to “unstuck” a low-fee transaction.

CPFP (Child Pays For Parent) is no longer necessary for modern transactions using this Core version. It has been fully replaced by RBF (Replace By Fee) and is less reliable than RBF. Using the instructions from this article, your node is already configured to use RBF.

To verify that your node is creating RBF-compatible transactions by default, use:

bitcoin-cli getmempoolinfo

• The results should include this: "fullrbf": true

RBF Instructions:

• Use the bitcoin-cli command “bumpfee” for simplicity.

• https://github.com/BlockchainCommons/Learning-Bitcoin-from-the-Command-Line/blob/master/05_2_Resending_a_Transaction_with_RBF.md

Backups

Backup is a matter of copying simple matter of executing this RPC call:

bitcoin-cli backupwallet "backup_name.dat"

• https://developer.bitcoin.org/reference/rpc/backupwallet.html

You can also just copy/archive the wallet file normally located in $HOME/.bitcoin/wallet.dat .

...

A file backup would be the most comprehensive recovery option in the event of catastrophe. Since the file is so sensitive though, having multiple copies also increases your hack risks. Secure your backups!

Private Keys

It is not recommended dangerous to print or expose your private key, especially in a terminal or any other insecure environment. However, if you absolutely need to (s). Be extremely cautious with these operations. Anyone with access to your private key(s) can control your Bitcoin funds associated with that address. We generally recommended you use hardware wallets or other secure methods for managing your private keys.

If you absolutely must retrieve your private key for a specific address - you must first determine the type of wallet you’re using:

bitcoin-cli

...

 getwalletinfo

• Examine the descriptors attribute in the result.

  • true = use the listdescriptors method.

  • false = use the dumpprivkey method.

The dumpprivkey command is deprecated and unusable for non-legacy wallets. Example:

bitcoin-cli dumpprivkey "your_bitcoin_address"

• Replace "your_bitcoin_address" with the actual address for which you want to retrieve the private key. This command will output the private key associated with that address.Be extremely cautious with this operation. Anyone with access to your private key can control your Bitcoin funds associated with that address. We generally recommended you use hardware wallets or other secure methods for managing your private keys

• Only works for legacy-type (non-descriptor) wallets.

The listdescriptors command works for non-legacy wallets (bech32, bech32m, and descriptors). It is a bit more complex to use than dumpprivkey, and prints out the all the keys in JSON format.

bitcoin-cli listdescriptors true

• Returns all descriptors and their private keys, including their derivation paths.

...

Related articles

...

...