Guidelines for creating a PHP driven web app for redeeming Bitcoin coupons

3

1

I would like to issue Bitcoin coupons with a given USD value. The redeeming web app should accept the coupon pin-code and a Bitcoin address and transfer bitcoins to that address according to the current exchange rate. I'm looking for a quick / simple solution, preferably with PHP. Looking for design guidelines and any advice to help me get started.

[edit] To be more specific:

  1. Is there a sample code for sending coins using bitcoind / PHP ?
  2. Is there a 3d party API providing such functionality (instead of using bitcoind)?
  3. Do MtGox and Tradehill have APIs for transfers?
  4. Is captcha a must?

[end edit]

asi

Posted 2012-01-03T21:48:24.147

Reputation: 69

I suggest you don't try to maintain a bitcoin daemon yourself, but rather work with something like the Overlay Network / Stratum - https://bitcointalk.org/index.php?topic=55842.0

ripper234 2012-01-04T10:36:54.047

>

  • never EVER captcha. They provide no benefit, in exchange for enraging users. Don't. Ever.
    • < – o0'. 2012-01-04T12:59:39.647

    Answers

    2

    I modified the open source Intersango exchange code so that it can issue and accept Bitcoin coupons. You can view the code to see how I did it. My code doesn't store the whole coupon code in the database, so even if a hacker gains read access to the database, they can't redeem the unclaimed coupons.

    To answer your particular questions:

    1) Is there a sample code for sending coins using bitcoind / PHP ?

    Yes. Here's some code that does it in a very simple way.

    2) Is there a 3d party API providing such functionality (instead of using bitcoind)?

    I don't know. Maybe one of these has what you want.

    3) Do MtGox and Tradehill have APIs for transfers?

    Tradehill's no longer operating. MtGox does.

    4) Is captcha a must?

    No. They're annoying. Have the code which checks the coupons take a long time to return a result, and only allow the users to check one at a time. Then they can't brute force the coupons in reasonable time.

    Chris Moore

    Posted 2012-01-03T21:48:24.147

    Reputation: 13 952

    How do you stop a malicious user from trying more than one at a time?David Schwartz 2012-03-05T08:11:25.460

    I use a lock to stop each logged in account doing more than one thing at a time. I can't stop one malicious user making a million accounts and using them all at once, but that is a lot more obvious if it happens.Chris Moore 2012-03-05T09:57:56.693

    If a malicious user creates N accounts, he can check N coupons at a time. You can't hold him to one. And while it might be obvious if a user creates millions of accounts, how do you stop him? The delay also tends to turn it into a self-DOS because you tend to run yourself out of connections.David Schwartz 2012-03-05T10:11:26.293

    0

    1. Issue coupons with some serial number that is unique to each coupon, preferably concealed in a way that once the number is visible, the coupon can't be made to look unopened.
    2. Have a list of all coupon serial numbers and their values in your database.
    3. Upon redeeming the coupon with a proper Bitcoin address, convert the amount according to some value form an exchange (like Mt.Gox) and send the proper amount of coins to the specified address.

    As for the actual program to perform those actions, can't help you much, but if you can communicate with Bitcoind through JSON-RPC, the rest should be pretty easy to program for.

    ThePiachu

    Posted 2012-01-03T21:48:24.147

    Reputation: 41 594

    tnx ThePiachu, i've edited the question, added some more specific points.asi 2012-01-04T07:09:54.417

    Asked: 2012-01-03T21:48:24.147

    Viewed: 912 times

    Active: 2012-03-05T07:51:58.583