Conrad Barski - Bitcoin for the Befuddled

HELLO MONEY! A SIMPLE JAVASCRIPT PROGRAM

One factor that makes Bitcoin so exciting is that anyone can write computer programs to link directly into the Bitcoin network and perform financial transactions. This appendix explains how to write a simple JavaScript program that watches a wallet and indicates when bitcoins have been sent to the wallet. In , well create some more advanced programs in Java that expand on this idea.

Writing programs that manipulate money in Bitcoin is easy. However, as we walk through this process, it might not seem very easy to you.

But imagine, instead, if we built our app or service using a traditional e-commerce system. Roughly, heres what those steps would look like:

1. Incorporate your business to receive a DUNS number.

2. Get a corporate account at your bank.

3. Have your account verified by a merchant services provider (Intuit, PayPal, Stripe, Apple, etc.).

4. Set up an account via the provider with your DUNS number to get access keys.

5. Acquire proprietary library software from the provider (youll probably need to update this library regularly to maintain your software).

6. Redirect your customers to a special provider to authorize payments.

7. Write your code.

8. Have your finished app reviewed by the payment provider.

Here is the main step needed to get a Bitcoin-based, e-commerce system up and running:

1. Write your code.

Having to complete just this one task is what we mean when we use the term easy when programming with Bitcoin.

To write Bitcoin-enabled software, you can use three different approaches:

1. Use a merchant service.

2. Connect to a local Bitcoin wallet program (typically the original Bitcoin wallet application based on Satoshis initial code, named bitcoind).

3. Create a program that inserts itself directly into the Bitcoin network.

Using approach #1, you would connect to a web API over the Internet. That API would be supplied by a third-party company to manage your bitcoins. Companies that supply these APIs for sending and receiving bitcoins are typically called merchant services.

For example, if your website sells widgets and you want people to buy your widgets with bitcoins, using a merchant service may be a simple, nofuss way to get your website working quickly. An additional benefit of a merchant service is that it may also offer services to automatically convert Bitcoin to/from other currencies as part of a transaction. Many companies supply these APIs, and BitPay is a common choice. But you can find a more extensive list of companies on the official Bitcoin foundation website.

However, this approach has some drawbacks. First, these vendor APIs arguably go against the spirit of Bitcoin, because using an API middleman makes you beholden to an external party; serious Bitcoiners prefer to retain 100 percent control over their money. Second, these APIs are mostly designed only for common use cases, so they dont allow the flexibility and innovative app development that we want to foster with this book. Third, the design of these APIs tends to change frequently, making it difficult to provide you with current information. For these reasons, we wont spend much time discussing vendor APIs in this book.

Approach #2 involves connecting to a local Bitcoin wallet and basically running the wallet on autopilot. Two of the Bitcoin wallet programs based on Satoshis original codeBitcoin Core and bitcoindcan be remote-controlled using a special protocol called JSON-RPC, as we will discuss shortly. Because these two programs are the gold standard in Bitcoin wallets, it is very enticing to utilize them for custom programs. Programs written to automate Bitcoin Core and bitcoind are easy to understand, and libraries exist in all popular programming languages, simplifying their use. You can use this approach in JavaScript, Ruby, PHP, Python, and many other languages. Unfortunately, the main drawback of using a local Bitcoin wallet program and controlling it from your own code is that this process often clunky and inefficient, as youll see in the first programming example.

NOTE
Bitcoin Core and bitcoind share the same code. This common code is called the Bitcoin reference client, or just Bitcoin. It was the first implementation of the Bitcoin protocol and eventually was split into two variants: Bitcoin Core has a friendly graphical interface (UI), and bitcoind is a more stripped-down version with a text-based interface.

Approach #3 involves going right to the metal and inserting your Bitcoin-enabled program directly into the Bitcoin network. You can do this in languages such as Java, C++, or Go or any language that has a fully implemented Bitcoin client library available. This approach is more robust and less resource-intensive than approach #2, but it is more technically complex.

However, if youre a programmer who believes in the Bitcoin ethos, being able to write an app that is a real first-class citizen in the Bitcoin networka true Bitcoin node participating in the Bitcoin systemis motivating. The reason is that absolutely no limitations restrict what your app can do (as long as your app obeys the rules of the network.) In , well write some programs that use this approach.

An important disclaimer we need to mention here is that in this appendix, well write programs that send and receive only a few pennies. The techniques and example discussed are useful for learning the basic concepts of Bitcoin programming but are in no way appropriate for writing programs that manipulate substantial sums of money. If you plan on writing serious Bitcoin applications, youll need to do the following:

1. Learn the basic concepts from the sample programs in this chapter.

2. Use this knowledge to study and understand the underlying source code for the Bitcoin libraries used in this chapter.

3. Follow the forums used by the developers and other library users to stay current with any security risks involved when using these libraries.

Most important, be aware that were using community-maintained source code in our examples; if a clever black hat hacker and insert rogue code into a doctored version of the library that is incorporated into your program. As a result, the hacker can steal all your money.

Additionally, as mentioned in earlier chapters, hackers can steal your bitcoins in many other ways that arent specific to Bitcoin programming. In a few years, if the current popularity of Bitcoin continues, we suspect most computer viruses will include code that immediately empties any Bitcoin wallets they find.

The bottom line is that you need to understand the grave risks your money might be exposed to if you plan on creating more advanced Bitcoin programs; youll be able to safely protect your money only if you have a comprehensive and firm understanding of Bitcoin technology that goes beyond the introduction we give in this chapter. Please proceed with caution!

Now that youve endured some fire and brimstone to prevent you from losing money, well point out a few facts that should make you feel confident about Bitcoin security:

The core Bitcoin network has so far maintained a record of almost perfect security. Most of the security risks involved in using bitcoins are due to careless acts that people executed on their own computers and could have been avoided.

Despite the risks weve discussed so far in this chapter, established programming practices exist that mitigate all of these risks. You will be able to write secure Bitcoin software if you study this book, follow general guidelines on secure software development, and keep up-to-date on the latest security concerns discussed on Bitcoin development forums.