Blog
Long-form notes on what we're building, how the chain plumbing works under the hood, and the occasional tutorial. Engineering-heavy by default — sales pitches go elsewhere.
Forwarding crypto payments: the temporary-address pattern
Why we route every invoice through a fresh HD-derived address and immediately forward to the merchant. The privacy, reorg-safety, and accounting consequences.
How to verify coinkraft.io webhooks in 8 lines of code
The minimum-correct webhook receiver in Node, Python, Go, and Ruby. Constant-time comparison, timestamp window, and the one mistake almost everyone makes.
Why our JWTs sign with Ed25519, not RS256
32-byte keys, faster sign/verify, and no padding oracle surface. The case for moving your auth tokens to EdDSA in 2026.
Handling chain reorgs without losing your mind
Our chain-monitor watches the last 12 blocks of every chain and replays them on every poll. Here's the exact algorithm and the cursor table that backs it.
coinkraft.io v2 is live: real-time invoice SSE and idempotent POSTs
What changed since v1, the new event envelope, and how to migrate your webhook receiver in under an hour.
Accept Bitcoin in WooCommerce with one plugin and zero KYC
A step-by-step tutorial for installing the coinkraft.io plugin, configuring forwarding, and verifying your first payment with a small live BTC transaction.
Subscribe
New post once or twice a month. No marketing fluff — opt out with one click.