(opens new window) (opens new window)
# BTCPayServer.Vault
This project is composed of two parts:
- BTCPayServer.Hwi (opens new window): An easy to use library (nuget (opens new window)) wrapping the command line interface of the hwi project (opens new window).
- BTCPayServer.Vault (opens new window): A simple local web server providing access to the hardware wallet physically connected to your computer via hwi.
The video below explains how to use BTCPay Vault with BTCPay Server.
# Why BTCPayServer Vault
BTCPayServer Vault allows web applications to access your hardware wallet, this enables a better integrated user experience.
# How to install
# Direct download
The binaries are on our release page (opens new window).
# Via brew (macOS only)
You can use brew:
brew install btcpayserver-vault
# How does BTCPayServer Vault work
When running the BTCPayServer Vault, a local webserver is hosted on http://127.0.0.1:65092
which web applications, via your local browser, can connect to in order to interact with your hardware wallet.
The protocol is fairly simple:
First, the web application needs to make a permission request to the Vault by sending a HTTP request GET
to http://127.0.0.1:65092/hwi-bridge/v1/request-permission
This will prompt the user to grant access to the web application and if the user accepts, the request returns HTTP 200. Note that internally, the Vault relies on the ORIGIN
HTTP header to identify the web application requesting access.
If the access was granted previously, the request returns HTTP 200.
Second, the web application can query the hardware through POST
requests to http://127.0.0.1:65092/hwi-bridge/v1
.
{
"params": [ "param1", "param2" ]
}
Those parameters are then passed as-is to hwi (opens new window) and the result is returned as a string.
# Is it safe?
Hardware wallets have been created to protect your money, even if your computer was compromised.
However, while it protects your money, it will not protect your privacy if you allow an untrusted application to access your public keys. This is why BTCPayServer Vault always ask permission to user first before allowing any web application to access your hardware wallet.
# How to build?
This is a two step process:
- Install the latest version of the .NET Core 6.0 SDK (opens new window)
- Run
dotnet build
If you want to run it for testing:
cd BTCPayServer.Vault
dotnet run
# Documentation
Video below explains how to use BTCPay Vault with BTCPay Server.
# Licence
This project is under MIT License.
# Special thanks
Special thanks to Wasabi Wallet (opens new window), this code is based on their work, and as well to the bitcoin developers and achow101 (opens new window) for the HWI Project (opens new window).