Crypto Cafe

Crypto Cafe is a classified marketplace for trading goods in crypto currencies. A sellable good could be anything from digital books/software to physical furniture/shoes ETC. The marketplace provides a highly secure escrow system that protects both buyer and seller.

The users of the system include

  • Site Staff
  • Buyers
  • Sellers

Client Overview

Myriad Interactive Media, Inc. (MYRY) - A publicly listed, interactive marketing and development firm based in Toronto, Canada.

Timeline

Dec 2013 - Apr 2014

Platform

Web
>Marketplace Home 1

Technical Highlights

Web App

The classified site is based on Osclass, an open source classifieds web app.

We developed a crypto-based escrow module with features including but not limited to:

  • Deal lifecycle system with steps: Bid, accept, cancel and finalize. Additionally Double-Blind rating/feedback steps post successful trade.
  • multiple cryptocurrency based trading and user wallet (cashouts and topups): supporting bitcoin and dogecoin to begin with. Both code and database are written in currency-agnostic fashon to quickly add new support for a new currency just by providing its jsonRPCCclient library and config/database settings for the new currency.
  • Realtime currency rates and conversions: Seller could choose to set price either in a supported cryptocurrency (fixed price) or in fiat currency such as GBP/EURO/USD (dynamic pricing based on conversion rate between specified fiat and the displayed cryptocurrency).
  • Secure private messaging for communication between trading parties to resolve before/after trade queries
  • A notification subsystem that notifies both buyer and seller of every action throughout the trade lifecycle with email and online notification center

Security

Security is paramount for a crypto-based system. Some of the security measures we performed: CloudFlare managed DNS (to protect against DDoS and to hide server location), Mandatory use of SSL/HTTPS, two-factor (via sms) for authentication In addition the online database only contains wallet addresses with their private keys stored offline to protect against stealing of funds in case of server breach. database itself is guarded with site user configured with minimum permissions required. For instance data in tables like transactions, blocks etc. are supposed to be readonly so there's no update/delete permission granted too site user on such data.

Other Integrations

Integrated with email (for messages and notifications), Twilio (two-factor sms), crypto exchanges (for real-time conversion rates)