How to use the Multisig feature on Bitcoin Core RPC in an online exchange?

[ad_1]

I created a small online exchange based on Bitcoin Core. The features of this application are:

  1. The user sends a request for a new address and the Bitcoin Core generates a new one with a defined passphrase.
  2. User can receive BTC on their own address.
  3. User can send BTC from their own address, and for this purpose I have used sendtoaddress after unblocking the account with walletPassphrase.

In this scenario, there is a complicated passphrase which is capable of unlocking all accounts. But after reading about the multisig feature, I thought about implementing a scenario in this regard on my app. But there are a few questions in my mind:

  1. I used a fixed passphrase in my codes when sending transactions. As for multisig concepts, I have to use different private keys to sign the data instead of using a passphrase to unlock this account. Am I right?
  2. As the operation in an online exchange should be done automatically, I think I should use all the private keys required in the last step of my codes. In this case, I think I didn’t add any new security mechanism to my app because everything is located next to each other. Can I count on the security impact of multisig accounts in my application?

Hope you can help me solve these issues in my mind.

[ad_2]

Source Link