
BitPay Integrates Bitcoin with Fulfillment by Amazon - kirian
http://www.marketwatch.com/story/bitpay-integrates-bitcoin-with-fulfillment-by-amazoncom-2013-03-06
======
implr
For those who haven't noticed, a single bitcoin is worth almost 47 dollars
now, over 30% more than two days ago:
[http://bitcoincharts.com/charts/mtgoxUSD#rg5ztgSzm1g10zm2g25...](http://bitcoincharts.com/charts/mtgoxUSD#rg5ztgSzm1g10zm2g25zvzp)

~~~
craftkiller
I really wish it would crash already. I don't feel comfortable buying any
right now for day-to-day purchases because the crash has to be coming.

~~~
SilasX
... and, back to $34.

~~~
nazgulnarsil
and back to $43

this is not a market for weak hands.

------
kirian
On BitPay site: <https://bitpay.com/amazon>

------
kseudo
Hummm. Does Amazon know about this? Are they likely to revoke access to anyone
availing of this service?

~~~
dangrossman
It shouldn't really matter to Amazon. Their fulfillment service is just an API
for saying "take this item from your warehouse and ship it to this address".
Amazon doesn't know that you're shipping things in response to a BitCoin
payment, versus goodies for KickStarter backers, versus holiday gifts for
customers. All BitPay is doing is integrating their API with Amazon's API for
you so that receiving a payment can kick off a shipment. It doesn't create any
new potential liability for Amazon; they're not touching bitcoins and their
payment for the fulfillment service is separate from what they're fulfilling.

~~~
kseudo
Cool, thanks for the clarification. So I guess its only a matter of time there
are electronics stores accepting BTC online

~~~
rishimoko
There are already many electronics for sale for bitcoins:

<https://en.bitcoin.it/wiki/Trade#Electronics>

------
mcantelon
What's the best API for doing Bitcoin transactions from a web app?

~~~
eric_bullington
To be honest, bitcoind, the original Bitcoin client has a very accessible
json-rpc API [0]. This is the same daemon that runs behind the QT front-end of
the "official" Bitcoin client. RPC is not my favorite (gotten spoiled by
RESTful), but bitcoind's implementation is easy-to-use, and most languages
have nice, easy-to-use json-rpc libraries [1]. You run bitcoind as a headless
client on your server. It's pretty robust, and multithreaded. The benefit to
that setup is that you are in control of everything, no need to depend on (or
pay) a third-party. And there's no need to store Bitcoins on the server beyond
what you need for your transactions, since you can set up a cron job to
periodically forward x percentage of the balance to an off-site wallet with
ease.

However, if you want something with a RESTful interface that you don't have to
maintain yourself, ycombinator-funded Coinbase appears to have a nice API. But
unlike bitcoind (which I've used for several small and one largish project),
I've never used coinbase or any of the other third-party APIs.

[0] <https://en.bitcoin.it/wiki/Bitcoind> [1] <http://json-
rpc.org/wiki/implementations> [2] <https://coinbase.com/>

EDIT: Clarity, grammar.

~~~
muyuu
That's the kind of set-up that has been hacked to high hell several times.

It's not that hard to understand why. Having a computer connected to the net
to run bitcoind means that if you get it rooted by any chance, you just lost
the entirety of your hot wallet.

Please, please stop doing that.

~~~
tquai
One of bitcoin's strengths is decentralization, and you just told people not
to manage their own wallets.

How do _you_ accept bitcoin? Please enlighten us.

~~~
muyuu
Non-hot wallets.

I didn't say you shouldn't use wallets, just don't use the naive approach of
having a plain wallet in a computer that's exposed via bitcoind. That's asking
for it.

Cryptography is hard, but you can use this for instance:

<http://bitcoinarmory.com/using-offline-wallets-in-armory/>

It's already prepackaged for you. Give it a good read if you don't know it.
Free, Open Source, etc. And the author is a nice chap.

It's not the only way. But whatever you do, just don't keep a massive hot
wallet in a server that's online. They will find it and if you move enough
money they will put massive amounts of effort into hacking it.

~~~
eric_bullington
Did you read my original comment? You basically just described a solution that
mirrors my own, which was to send x percentage of your balance to an off-site
wallet (maximizing x to the extent possible, obviously). I didn't get into how
to securely store your coins off-site, since that wasn't the question.

EDIT: BTW, you do realize that Armory is a front-end to bitcoind, right? You
still have to run bitcoind for Armory to work.

From their Github page:

" __ _Armory has no independent networking components built in._ Instead, it
relies on on the Satoshi client to securely connect * to peers, validate
blockchain data, and broadcast transactions * for us. Although it was
initially planned to cut the umbilical * cord to the Satoshi client and
implement independent networking, * it has turned out to be an inconvenience
worth having. * Reimplementing all the networking code would be fraught with
bugs, * security holes, and possible blockchain forking. The reliance * on
Bitcoin-Qt right now is actually making Armory more secure!"

~~~
muyuu
Yes, that's fine. But the rest of the elements are non-trivial and you left
them "as an exercise for the reader". This usually means that the reader will
just run the standard client with a full internet connection and get hacked to
high hell.

You can have a computer with a firewall and a custom protocol connected to
another system, and still get hacked, if you don't put in place the sort of
measures Armory uses.

Read carefully what you quoted: "it relies on on the Satoshi client to
securely connect * to peers, validate blockchain data, and broadcast
transactions * for us" - that is not the actual problem when you have your
server rooted. The problem is KEYS. Key generation, and key
storage/management. Which no other common solutions that I know do in a way
that won't get your arse robbed if the computer storing the wallet is
compromised. Which I think is a big deal.

------
irickt
By the way, BitPay is recruiting node.js developers.

------
freefrancisco
Anybody trading bitcoins options or futures?

------
nym
Whoha, that's awesome!

------
reaclmbs
Where to buy BitCoins easily? CoinBase is useless since they've "exceeded
their maximum daily limit", and Mt. Gox wants me to verify my home address,
but I just moved and don't have any bills yet.

~~~
ufmace
I've had good luck with Bitfloor. They let you do a cash deposit at Bank of
America, and it goes instantly to your account. No ID or addresses or
anything.

Yes, they've been hacked before and lost bitcoins. I figure 1. being hacked
once probably makes them a lot more cautious now, and 2. what was stolen was
bitcoins that were sitting in user accounts there. You're at very low risk if
you don't leave bitcoins sitting in your account - transfer them to a private
wallet or convert them to USD immediately.

