-
Notifications
You must be signed in to change notification settings - Fork 35.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[proposal] de-militarized-[RPC]-zone #15319
Comments
There once was the RPC safe mode (which was different though) #13090. The current safest mode is probably to run without private keys ( Another approach I once looked into would be creating another RPC server binary that would act as a bridge between an http server (that could use TLS and auth) and the bitcoind RPC server. |
Not sure if I understand, you want distinct RPC interfaces or you want different user privileges? |
I think there are multiple ways to achieve what is desired. An extended REST API with read-only wallet access could do the job as well. Example: I am renting out servers. One machine is too much for Alice but together with Bob the offer would fit. Now I am looking for a way to handle the payment in a mainly automated way by checking their wallets for the possible inputs and suggesting the PSBT for each of them. That way they could check and copy-paste sign the inputs. I can handle the rest of the process but would need read-only access to their wallets. |
I don't think we should promote access to other's server HTTP interface. P2P should be the only public interface. Even the REST interface should not be exposed, otherwise it's easy to mess your node. |
The REST could be expanded to a wallet branch... Are there other ideas how to port useful features into commonly useable and safe interfaces? |
I made a project that is similar to this idea, you can check it out here: https://github.com/benthecarman/Lightning-Rod |
Duplicate of #12248 ? |
Short abstract: Certain (and newly introduced) functions are only accessible via the RPC interface. While being very useful, due to the complexity, some of them (e.g. multisig, partially signed tx) might never make it onto a user level.
Proposal: Introduction of an advanced user level. At advanced level, a limited RPC interface is enabled which serves all regular functions except those where private keys are involved.
This would allow 3rd parties to create guiding software, which takes over the complex steps of those functions, while remaining trustless.
My 2 cents so far, probably enough to trigger a discussion.
The text was updated successfully, but these errors were encountered: