Securing a Bitcoin Exchange

Kai · March 11, 2014, 10:14am

Hey,
I am building a simple small Bitcoin Exchange which transfers euro’s (via a Dutch payment system) to Bitcoins (via the coinbase-ruby gem) and back.

But since i’m not an expert on security, especially in combination with rails. Do you guys have some do’s and don’t?

Is it safe to run the system on an heroku server with ENV variables?

Thanks is advance!
Kai

Noah_Clark · March 11, 2014, 8:13pm

Don’t.

All kidding aside, web security comes down to most often user input. Remove as much user input as possible, and where you can’t white list and validate it as much as possible.

raul · March 11, 2014, 11:00pm

I agree with the previous advice. Also, at the bare minimum, read the Official Rails Guide on Security.

Your ENV vars should be safe at Heroku.

geoffharcourt · March 12, 2014, 9:32pm

Dogecoin. Very wow. Much profit. So security.

Kai · March 13, 2014, 8:14am

Thanks guys,
This gives me much more confidence, i am really careful with the user input. This security guide, is a perfect start.

Topic		Replies	Views
FinTech - Encrypting Devise Passwords and ENVs Ruby on Rails	0	680	November 24, 2015
What is the most secure we can get with Rails? Ruby on Rails	8	1277	September 17, 2014
Realtime on Rails Ruby on Rails	4	1287	February 23, 2015
Rails 4.1 secrets.yml on Heroku Ruby on Rails	2	1668	May 15, 2014
Have environment variables from .env be picked up config/database.yml Ruby on Rails	5	2984	July 26, 2013

Securing a Bitcoin Exchange

Related topics