This tutorial will show you how to accept Bitcoin on a website with SSL signed payment requests, according to BIP-70. The docs are updated for Electrum 4.0 (currently in development).
You will need a valid SSL certificate (signed by a CA, for example free Letsencrypt). Please follow the instructions to install the development version. Do not forget the submodule update command.
electrum -o setconfig ssl_keyfile /path/to/ssl/privkey.pem
electrum -o setconfig ssl_certfile /path/to/ssl/fullchain.pem
For details see How to add SSL
Create a wallet on your protected machine, as you want to keep your cryptocurrency safe. If anybody compromise your merchant server, s/he will be able to access read-only version of your wallet only and won't be able to spent currency.
Please notice that the potential intruder still will be able to see your addresses, transactions and balance, though. It's also recommended to use a separate wallet for your merchant purposes (and not your main wallet).
electrum create
Still being on a protected machine, export your Master Public Key (xpub):
electrum getmpk -w .electrum/wallets/your-wallet
Now you are able to set up your electrum merchant daemon.
On the server machine restore your wallet from previously exported Master Public Key (xpub):
electrum restore xpub...............................................
Configure your full hostname and port:
electrum -o setconfig payserver_address ecdsa.org:80
Once your read-only wallet is (re-)created, start Electrum as a daemon:
electrum daemon -d
electrum load_wallet
Note: to stop the daemon
electrum stop
electrum add_request 0.5 -m "test"
{
"URI": "bitcoin:bc1qyr5xx5jkue3k72sldm5xa0taqs3n2achupymz8?amount=0.5&message=test&time=1589115653&exp=3600",
"address": "bc1qyr5xx5jkue3k72sldm5xa0taqs3n2achupymz8",
"amount": 50000000,
"amount_BTC": "0.5",
"bip70_url": "https://ecdsa.org:80/bip70/bc1qyr5xx5jkue3k72sldm5xa0taqs3n2achupymz8.bip70",
"exp": 3600,
"id": "6988b80931",
"memo": "test",
"status": 0,
"status_str": "Expires in about 1 hour",
"time": 1589115653,
"type": 0,
"view_url": "https://ecdsa.org:80/r/pay?id=bc1qyr5xx5jkue3k72sldm5xa0taqs3n2achupymz8"
}
This command returns a json object with two URLs:
- bip70_url is the URL of the signed BIP70 request.
- view_url is the URL of a webpage displaying the request.
You can view the current list of requests using the 'list_requests' command. You can clear the list using 'clear_requests'.
Let us open view_url in a web browser.
The page shows the payment request. You can open the bitcoin: URI with a wallet, or scan the QR code. The bottom line displays the time remaining until the request expires.
The page will update itself when the payment is received, using websockets.
To use lightning, you need to initialize lightning keys in your wallet. You will need to restart the daemon after that, or to stop it before:
electrum stop
electrum -o init_lightning
electrum daemon -d
Note that it is possible to add lightning keys to a watching-only wallet. That wallet will not be able to spend coins onchain, but it will be able to perform lightning transactions.
The next thing you will need to do is open a channel:
electrum open_channel <node_id> <amount>
Wait until it is ready to be used:
electrum list_channels
You will not immediately be able to receive with that channel, because it does not have inbound capacity. If you need to be able to receive immediately, you may do a submarine swap of your channel funds.
To create a lightning payment request:
electrum add_lightning_request 0.0001 -m "test"