8

This question asks about how to work with bitcoin via an API without requiring a local blockchain. The only answer is about blockchain.info's JSON API, but it appears that unlike the web version of blockchain.info, the JSON API requires the account passwords to be sent to the server.

Is there another remote API that allows one to perform various bitcoin operations without compromising security - without sending private keys anywhere, but rather signing transactions locally? The API should not require any downloads - SPV does not fall under this category - but should just be a remote API to the bitcoin network that doesn't require any state / bootstrap from its client.

If I recall correctly then Stratum was supposed to be this API. Did it ever take off?

Community
  • 1
ripper234
  • 26,550
  • 30
  • 111
  • 246
  • Also on bitciontalk - https://bitcointalk.org/index.php?topic=144347.0 – ripper234 Feb 15 '13 at 16:34
  • I'm not sure how you want it to be trustless if you don't want to validate anything locally? – Pieter Wuille Feb 15 '13 at 18:40
  • 1
    @PieterWuille - I am willing to trust that a remote node is not lying to me (I need to carefully choose that node/s). However, I do not want that node to know my private keys - instead, I'll sign transactions locally and send the signed tx to the node. – ripper234 Feb 16 '13 at 06:36
  • See also http://bitcoin.stackexchange.com/questions/7855/sending-bitcoins-programatically-without-running-a-node – ripper234 Feb 22 '13 at 16:43

5 Answers5

5

The BOP Enterprise Bitcoin Server is an open source full node implementation with remote (that is client side) wallet. The server downloads the block chain does the transaction and block validation and routes transactions signed at the client.

The client connects to the server via a message bus. There is a Java and other APIs available with added client side features. Source code: https://github.com/bitsofproof/supernode

Commercial support and hosted instances available at http://bitsofproof.com

Tamas Blummer
  • 187
  • 2
  • 3
  • 1
    BOP is not yet "enterprise grade". In fact I could not even compile it on my new Win64 system. I feel it is a bit unstable as of now. Hopefully this is improved. – Jus12 Jul 03 '13 at 17:53
  • but the original question specified "without blockchain" – ekkis Jan 03 '20 at 03:28
2

There are quite a few answers in the bitcointalk thread. This is what I consider to be the best option:

  1. Using blockchain.info for queries
  2. Using bitcoinj to sign transactions
  3. Using blockchain.info broadcast API to broadcast transactions

This class from the the android version of My Wallet is supposed to implement this scheme.

Community
  • 1
ripper234
  • 26,550
  • 30
  • 111
  • 246
2

There is a simple and customized Git repo available (Node.js).

Github Repository Link

This code allows you to do things such as:

  • balance - Retrieves the balance of a wallet.
  • fees - Gets a list of current fees based on the BitCoin network going rate.
  • utxo - Pull a list of unspent transaction outputs.
  • pushtx - Push a raw transaction onto the blockchain.
Vishal Dalve
  • 147
  • 9
1

bitcore-wallet-service by Bitpay seems to satisfy your conditions, in that it does not require you to log in or send the private key.

Janus Troelsen
  • 897
  • 10
  • 27
0

As a client that doesn't download the whole blockchain, you must trust the bitcoin network more than one that does. That being said, there is only one question you absolutely need the blockchain to answer:

"How much money do I have?"

Such clients are called SPV, which was a method described in the original bitcoin whitepaper. Electrum is one such client.

It doesn't have an API, but it is open source, so, if you want, you could write a python wrapper for it.

Nick ODell
  • 29,396
  • 11
  • 72
  • 130
  • SPV still requires downloading headers. I am seeking an API that 1. Requires you trust something (e.g. that the server won't lie to you regarding how much money you have) 2. But that will not require you to download anything and 3. will not require your private keys, so will not be able to steal from you. – ripper234 Feb 15 '13 at 18:19
  • 2
    So, you're looking for an API that does everything but the signing for you, right? – Nick ODell Feb 15 '13 at 23:35
  • The API should include a client library that does the signing. The remote API should indeed do everything except the signing. – ripper234 Feb 16 '13 at 06:35
  • What do you mean Electrum doesn't have an API? What is Electrum-server then offering? – Janus Troelsen Jun 09 '15 at 15:28
  • 1
    @JanusTroelsen It offers an undocumented interface. – Nick ODell Jun 09 '15 at 15:37