eonacore-service
v1.0.0
Published
A service for Mutisig HD Wallets
Downloads
2
Readme
EonaCore Service
A HD EonaCore Service.
Description
EonaCore Service facilitates HD wallets creation and operation through a (hopefully) simple and intuitive REST API.
TWS can usually be installed within minutes and accommodates all the needed infrastructure for peers in a wallet to communicate and operate – with minimum server trust.
Getting Started
cd eonacore-service
npm install
npm start
This will launch the TWS service (with default settings) at http://localhost:3232/tws/api
.
TWS needs mongoDB. You can configure the connection at tws.config.js
TWS supports SSL and Clustering.
TWS uses by default a Request Rate Limitation to CreateWallet endpoint. If you need to modify it, check defaults.js' Defaults.RateLimit
Using TWS with PM2
TWS can be used with PM2 with the provided app.js
script:
pm2 start app.js --name "eonacore-service"
Security Considerations
- Private keys are never sent to TWS. Copayers store them locally.
- Extended public keys are stored on TWS. This allows TWS to easily check wallet balance, send offline notifications to copayers, etc.
- During wallet creation, the initial copayer creates a wallet secret that contains a private key. All copayers need to prove they have the secret by signing their information with this private key when joining the wallet. The secret should be shared using secured channels.
- A copayer could join the wallet more than once, and there is no mechanism to prevent this.
- All TWS responses are verified:
- Addresses and change addresses are derived independently and locally by the copayers from their local data.
- TX Proposals templates are signed by copayers and verified by others, so the TWS cannot create or tamper with them.
Using SSL
You can add your certificates at the tws.config.js using:
https: true,
privateKeyFile: 'private.pem',
certificateFile: 'cert.pem',
////// The following is only for certs which are not
////// trusted by nodejs 'https' by default
////// CAs like Verisign do not require this
// CAinter1: '', // ex. 'COMODORSADomainValidationSecureServerCA.crt'
// CAinter2: '', // ex. 'COMODORSAAddTrustCA.crt'
// CAroot: '', // ex. 'AddTrustExternalCARoot.crt'
TX proposal life cycle
Tx proposal need to be:
- First created via /v?/txproposal -> This will create a 'temporary' TX proposal, returning the object, but not locking the inputs
- Then published via /v?/txproposal/:id/publish
-> This publish the tx proposal to all copayers, looking the inputs. The TX proposal can be
deleted
also, after been published. - Then signed via /v?/txproposal/:id/signature for each copayer
- Then broadcasted to the p2p network via /v?/txproposal/:id/broadcast
The are plenty example creating and sending proposals in the /test/integration
code.
Enabling Regtest Mode for TWS and Copay
Requirements
- eonacore-node running on http://localhost:3000
- tws running locally on http://localhost:3232/tws/api
- mongod running
- wallet running on port: 8100
- eonacore running on regtest mode (blue icon logo)
mongo topology crashes sometimes due to notifications being incompatible in a web browser eonacore-service/lib/notificationbroadcaster.js Note: If testing on a PC browser, comment out notificationbroadcaster.js to disable notifications.
Steps:
eonacore.config.json
- Add regtest to eonacore.config.json.
"regtest": {
"chainSource": "p2p",
"trustedPeers": [
{
"host": "127.0.0.1",
"port": 20020
}
],
"rpc": {
"host": "127.0.0.1",
"port": 20021,
"username": "bitpaytest",
"password": "local321"
}
}
eonacore-service/tws.config.js
- Point testnet to http://localhost:3000 in TWS/tws.config.js and set regtestEnabled to true.
blockchainExplorerOpts: {
btc: {
livenet: {
url: 'http://localhost:3232'
},
testnet: {
// set url to http://localhost:3000 here
url: 'http://localhost:3000',
// set regtestEnabled to true here
regtestEnabled: true
}
},
...