Bitcoin system with payins and payouts using bip32


I want to build an automated system, that can accept payments from users in bitcoin and can make payouts to addresses, specified by users, as well.

BIP32 says, that the best way to accept payments is to use HD wallets. But what about payouts? How can I make payouts using funds from account's external chain addresses with received funds and not introduce security leaks?


Posted 2016-07-25T11:54:34.243

Reputation: 1

What security leaks are you concerned with? I don't understand what your question is asking. – Jestin – 2016-07-25T13:43:08.820



For some code examples, take a look at Synala --

Or on Github:

Supports watch-only BIP32 wallets, user registration, etc. Will also gather the unspent inputs and format them into an outgoing tx, allows for offline signing, etc.

However, doesn't allow for users to automatically send funds from their account. Due to security reasons, no private keys are stored online, and sends must be manually processed by admin.

Nonetheless, will give you some good example code to build on. Hope that helps.

Envrin Group

Posted 2016-07-25T11:54:34.243

Reputation: 11


Andreas explains in his book "Mastering Bitcoin" ( in chapter 4 the use of Hierarchical Deterministic Wallets (BIP0032/BIP0044). Also it explains, how to use one of these address types for a webpage. Basically this allows to receive on an "ever changing" address. For your payout, you would also have a similiar concept of derived private keys, that allow for a number of addresses to pay from. You security concerns are not clear - receiving to an ever changing address, and then spending this "once", makes it visible in the blockchain - but doesn't imply a security risk. You are not re-using this address for your customers, so it will stay a one time usage model...


Posted 2016-07-25T11:54:34.243

Reputation: 4 806


Automating the sending of bitcoins requires that you keep the private keys online. This is a very risky proposition. That is why most exchanges use a split setup where some funds are stored in a hot wallet while the bulk of the funds are stored offline in cold wallets. BIP32 lets you generate receiving addresses for the cold wallets that are stored offline.

For more information see this question.


Posted 2016-07-25T11:54:34.243

Reputation: 2 414