Question about encrypting wallet

Just out of curiousity:

I am wondering if I should use an encrypted wallet if I want people to be able to send/receive coins from the same wallet. Example: I have a faucet and when a new user registers, it creates a specific address for them with their email as the label. If I encrypt the wallet and they wish to withdraw their coins, would the have to be able to know the password or is that something I write into the code on the backend for the “withdraw” call that hopefully nobody can see. OR should I just not have the wallet staking and therefore not require the encryption.

This might be a good use-case for multisig addresses. Your app holds one key and the user another. There is already multisig support in Qt Wallet 1.4 but I’m not sure how to use it: https://github.com/reddcoin-project/reddcoin/blob/master/src/rpcwallet.cpp#L826

1 Like

That was another thought I had, but I don’t want people to have to wait for their withdraws. I would rather be safe than sorry though, so I may have to put “withdraws may take up to 24 hours to be processed for security purposes.” I guess a little research is required. I’ve learned so much already from this project :slight_smile:

2 Likes

bmp02050 Security would be the benefit of a multisig address. If you encrypt the second signature with the users password (on the client side) a hacker won’t be able to withdraw coins from this address without knowing the unencrypted password or signature of the user. If the user wants to withdraw directly from the faucet address (via blockchain) with his signature this won’t be possible because he needs the signature from the app too and this one is stored on the server.