Bitcoin Core (BTC) Node for CAS

Owned by Charles Wernicke
Last updated: Aug 14, 2024
6 min read

This is a step-by-step guide for installing a Bitcoin Core node as a Hot Wallet source for CAS. While you can operate a node on any suitable server, this guide is based upon a VPS using Digital Ocean. The intricacies of node installation (and operation) in a different environment are outside the scope of our support, and in such situations you should seek assistance from the Bitcoin Core community.

This guide is based on VPS installation only!

This guide demonstrates Bitcoin Core installation for version: 27.0

Other/newer versions may (and probably will) work, but this guide only supports this version.

 Before you begin…

The following example presumes you have the following ready:

  • root access to a server running any current Ubuntu LTS (24.04 in this example),

  • sufficient free space on your storage/hard drive for the full Bitcoin blockchain,

    • the blockchain increases in size by approximately 20GB per month,

  • 4+ GB of memory (RAM).

It’s common for full nodes on high-speed connections to use 200 gigabytes upload or more a month. Download usage is around 20 gigabytes a month, plus around an additional 195 gigabytes the first time you start your node.

- https://bitcoin.org/en/full-node#minimum-requirements

1. Install the software:

Download and install the Bitcoin daemon on your server:

wget https://bitcoincore.org/bin/bitcoin-core-27.0/bitcoin-27.0-x86_64-linux-gnu.tar.gz

Optional: verify the file integrity:

wget https://bitcoincore.org/bin/bitcoin-core-27.0/SHA256SUMS sha256sum --ignore-missing --check SHA256SUMS

  • If successfully verified, you’ll see: "bitcoin-27.0-x86_64-linux-gnu.tar.gz: OK" .

  • There are additional (optional) steps that can be taken to authenticate your download, and you are definitely encouraged to avail yourself of them. See: https://bitcoincore.org/en/download/

Decompress the Bitcoin Core tarball:

tar xzf bitcoin-27.0-x86_64-linux-gnu.tar.gz

Install the 2 required binaries to the system:

2. Create an RPC token:

The RPC token is designed to eliminate the need for hard-coded passwords in configuration and script files. You will receive a password here ONCE (unless you repeat the process and generate a new token).

This password is required for CAS - it's your “RPC Password” noted in Step 6.

Download rpcauth.py from GitHub:

Modify the file permissions to allow the python script to execute:

Then finally run the RPC token generator that you just installed and enabled:

  • Replace AnyNameYouWantHere with any preferred user name.

    • Don’t use spaces or any special symbols.

Example:

  • Save all the information securely. You'll need every detail in the steps to follow.  

  • The RPC User = AnyNameYouWantHere

  • The RPC Password = Kq66rZya7MNpCU_e0zZSgjR2Mb7rBeyX9QSeGhwPMeY=

  • The cookie/token ("rpcauth") will only be required in the Bitcoin Core configuration file (next step). The token authenticates the specific username+password combination created.

3. Create the Bitcoin Core configuration file.

Create a new file and secure it:

Open the file using the nano editor:

Add the following settings & rpcauth credentials (created above):

  • Replace the “rpcauth” line with the cookie/token you generated in the previous step 2.

  • Exit the nano editor with Control+X and “Y” to save your changes.

  • The CAS parameter “port” is the same as the “rpcport” specified in this step (8332).

4. Start the bitcoind daemon:

"When Bitcoin Core daemon first starts, it will begin to download the blockchain. This step will take at least several days, and it may take much more time on a slow Internet connection or with a slow computer."

- from https://bitcoin.org/en/full-node#other-linux-daemon

  • It will take a few minutes for Bitcoin Core to completely start.

  • With the first startup, expect to wait 5+ days for bitcoind to fully synchronize.

  • CAS will NOT be able to interact with bitcoind until the synchronization is COMPLETE!

    • When restarting the node, the sync will happen quickly (an hour or less).

  • To check the status, get the current block being processed by your node: 

    •  Compare the returned number to the latest network block:

    • The debug log is typically located at $HOME/.bitcoin/debug.log

      • You can also check the status periodically using tail .bitcoin/debug.log

To STOP or interrupt Bitcoin Core at any time, use the following command:

  • It may take a few minutes to completely shut down.

  • It will resume synchronizing from the point where it stopped the next time you start it.

5. Setup a secure tunnel for encrypted communication.

Your CAS server and this node must have a secure line. Your password and other sensitive information will be passed back & forth. Encrypt (and thus protect) this communication by using a secure SSH tunnel.

The GB Wallet Tunnel is recommended.

General Bytes has incorporated an open-source SSH client into CAS.

Click here for instructions to install the GB Wallet Tunnel Server on this node.

6. Save the required information for CAS:

user: this is the “RPC User” you invented earlier in Step 2.

password: is the “RPC Password” you also created earlier in Step 2.

7. Create a Wallet

After the node has fully synchronized, you’ll need to create a hot wallet.

Create a Descriptor wallet:

  • Creates a subfolder cas_default containing a wallet.dat file (the actual wallet),

  • sets the avoid_reuse flag to comply with Bitcoin convention, and

  • loads the cas_default wallet automatically when starting the node.

Create a new wallet address for funding:

image-20240627-181759.png

  • The latest “bech32m” (Taproot) option is demonstrated, but any type works with CAS.

  • Send Bitcoin to whatever address is generated to fund your node.

    • The address bc1q4wv99c3yqpwttt7a59qqqqmyxda0z8l2ups7fx is only an example (do not send BTC to it).

8. Final Step: Configure your CAS

Your bitcoind node is now complete, but you’ll still need to plug in the parameters (created above) into your Bitcoin Crypto Settings.

Notes

1. Remote Procedure Calls (RPC) (all):

More information about the RPC API: https://developer.bitcoin.org/reference/rpc/index.html

2. Pruning nodes:

A "pruning node" (or lightweight node) is a special configuration that may be applied to bitcoind. It is unsupported by General Bytes. It is a substantial security risk when operating a BATM. Per the Bitcoin wiki:

“Lightweight nodes are sometimes able to be temporarily tricked into accepting transactions or blocks that are not actually valid. This could cause serious financial damage, especially for websites that automatically process Bitcoin transactions. Full nodes provide the maximum security possible, and so they should be used by all businesses, and also by regular users whenever doing so is convenient.”

- https://en.bitcoin.it/wiki/Full_node

Housekeeping

This data is outside the scope of GB Support, but is presented here because it is frequently asked.

RBF and CPFP

Deploying a Bitcoin Core node grants you the ability to modify your unconfirmed transaction fees. Without a node, you must rely on third-party services to “unstuck” a low-fee transaction.

CPFP (Child Pays For Parent) is no longer necessary for modern transactions using this Core version. It has been fully replaced by RBF (Replace By Fee) and is less reliable than RBF. Using the instructions from this article, your node is already configured to use RBF.

To verify that your node is creating RBF-compatible transactions by default, use:

  • The results should include this: "fullrbf": true

RBF Instructions:

Backups

Backup is a simple matter of executing this RPC call:

You can also just copy/archive the wallet file normally located in $HOME/.bitcoin/wallet.dat .

The wallet.dat file can change over time because:

  • New Transactions: when you receive or send Bitcoin, new transactions are recorded in the wallet file.

  • New Addresses: if you generate new addresses for receiving Bitcoin are added to the wallet file.

  • Private Key Generation: new private keys (for new addresses) are stored in the wallet file.

A file backup would be the most comprehensive recovery option in the event of catastrophe. Since the file is so sensitive though, having multiple copies also increases your hack risks. Secure your backups!

Private Keys

It is dangerous to print or expose your private key(s). Be extremely cautious with these operations. Anyone with access to your private key(s) can control your Bitcoin funds associated with that address. We generally recommended you use hardware wallets or other secure methods for managing your private keys.

If you absolutely must retrieve your private key for a specific address - you must first determine the type of wallet you’re using:

  • Examine the descriptors attribute in the result.

    • true = use the listdescriptors method.

    • false = use the dumpprivkey method.

The dumpprivkey command is deprecated and unusable for non-legacy wallets. Example:

  • Replace "your_bitcoin_address" with the actual address for which you want to retrieve the private key. This command will output the private key associated with that address.

  • Only works for legacy-type (non-descriptor) wallets.

The listdescriptors command works for non-legacy wallets (bech32, bech32m, and descriptors). It is a bit more complex to use than dumpprivkey, and prints out the all the keys in JSON format.

  • Returns all descriptors and their private keys, including their derivation paths.

Related articles

Copyright © 2020-2024 General Bytes USA LLC