How to accept bitcoin for ICO

ICOs have already raised 4.4 billion USD in 2018 (Source), and we are yet to complete half of the year. The traditional VC funding model…

How to accept bitcoin for ICO

ICOs have already raised 4.4 billion USD in 2018 (Source), and we are yet to complete half of the year. The traditional VC funding model has been disrupted and you need not fly half way around the world to pitch investors in close door meetings in Silicon Valley to raise funds. Let us see, how you can accept bitcoin for your ICO

BTC — ETH Smart Contract

On ETH with ERC20 tokens, you can automatically send tokens to sender address using a sale contract. However, in case of BTC this is not possible. To do this automatically; complex smart contracts have been proposed, including a federated multisig peg suggested by Vitalik.

These solutions are far from production ready and it would not be wise to trust your millions of dollars on oversmart contracts that could get easily hacked. The most safe way right now is to use the Trust Method

People will send BTC to your account and they will need to trust to that you will take each sender and give them their ERC20 tokens

This has also been documented by Legolas Exchange ICO. This makes sense because there is an inherent trust implied when you are buying an ICO token. The fact that you are spending your money means that you trust the company to work on project and bet on increase the token value. A company that implements a perfect ETH sale contract can tomorrow not do anything on the project driving the token price to zero, in which case the smart contract isn’t smart enough to send you your ETH back!

Funds Online— Don’t be a sitting duck

Keeping your BTC online — Don’t be this !

So you decide to accept bitcoins and spawn a bitcoin node to receive funds / use a payment processor that forward funds. Keeping private keys online (even temporarily) is an invitation to be a sitting duck for hackers. I know, you are different, have a few security researchers on your team and have multiple firewalls in place ! But feel free to see the history on this:

MtGox — 750,000 BTC

BitFloor — 24, 000 BTC

Poloneix — 97 BTC

Bitstamp — 19,000 BTC

Bitfinex — 120,000 BTC

History of Big Bitcoin hacks — Source: Coinsutra

Disconnect your Wealth

The safest way to keep your ICO funds is offline. Keep your private keys in cold storage not connected to the internet.

  • Paper Wallet: This is undoubtedly the most secure way, unless quantum cryptography catches up/Superman wants to hack your ICO! You can simply create a wallet through offline bitaddress and forward funds from online server to paper wallet regularly. This is still a very risky proposition, the hacker could wait for a large amount to arrive and then steal the keys. A better way is to create an offline HD wallet using Ian Coleman’s tool and keep the seed words list on paper in several distributed locations. The customer’s bitcoin addresses can be easily derived from the public xpub
  • Hardware Wallet: There are several hardware wallet like trezor, ledger, keepkey. Private keys are kept on hardware and transactions have to be manually signed on the device. There have been no major hacks reported on any of the top hardware wallets, other than man in middle attacks that require temporary possession of the device [1] [2]

Blockonomics has various features that enable an ICO to accept Bitcoins. The main reason these are suitable is that funds go directly to wallet and system is scalable to thousands of addresses. This means you can get BTC directly to your hardware wallet without losing sleep the security of funds. Lets see, how we can use Blockonomics to accept BTC for an ICO

Payment Buttons

Accept ICO payments using Payment button

Payment Buttons are a quick and easy way to accept payments. Various fields can be specified on the payment button form, for example you can ask the ETH address (where tokens are to be credited) and other personal information like Address/Country of Residence. The price of the token can be configured in any fiat currency and a quick summary of received orders can be seen

ICO Payment Button Orders Summary

To try out/ create your own payment button feel free visit the below resource:

Bitcoin Payment Button Demo

Payments API

If you are running an ICO, most probably you need a native integration of payments that fits into your user interface. For this you can use bitcoin payments api. The API has two major components

  1. New Address Call: You need to call this endpoint to generate new customer bitcoin address. For this you first need to enter your wallet xpub into blockonomics, so that it knows from which HD wallet to generate addresses from. No need to worry about Gap Limit etc. as these are automatically taken care by the system.
    Another interesting thing you can do is to have several cold wallets (keep one in bank, other at geographic distant location). This will help to distribute risk of fund theft. You can add xpub of all these HD wallets into blockonomics and cycle through them to generate addresses. Something like even customer funds will goto wallet 1 and odd ones will goto wallet 2. This an be done using match_account parameter in new_address call
  2. Payment Callback: HTTP callbacks are sent to your server endpoint on receiving payments on the bitcoin network. On successful confirmation you can mark the order as paid and send tokens to the customer.
Showing address QR on your application to receive BTC payments

Also note that blockonomics has full segwit support, so you can add an ypub to generate P2SH addresses and save on spending fee. If you are adventurous you can even go for bech32 addresses using zpub

Wishing you a Happy ICOing !