We are setting up an NFT purchase web site. My plan is to have an “inventory” wallet that holds the NFTs. My API will get the current list of NFTs in the wallet, and pass that back to the browser, which will present the selection page. If someone selects an NFT for purchase and completes the payment, or crypto transfer, then the api will “send” the purchased NFT to the wallet the customer enters. To do this, I need to have the private key for the “inventory” wallet available to my API. Currently the server running the APIs is also running my Cardano node. I have the network firewall and system firewall set up to only accept the bare minimum of connection ports. My API is running on a non-standard port with https, and only accepts connections from clients with an auth key.
I feel uncomfortable having the private key that could potentially allow someone to take all the NFT’s from the inventory wallet held on the same server as the API that transfers assets from the wallet, but I haven’t found any way to secure the key, and still maintain the functionality of the system. I can’t imagine this hasn’t been address already, but my searches don’t seem to give me any relevant information. What is the most secure way to handle this situation?