[Net] WebSocket support #11833

It would be useful to have WebSocket support to allow JavaScript to connect to the P2P network

I'm not actually sure what you're asking for...I dont think we neccessarily want to turn Bitcoin Core into a catch-all "runs 42 different interfaces" server...building a server in python that serves things over WebSockets after requesting them from bitcoind's RPC interface, however, would probably be interesting (though is likely out of scope for Bitcoin Core).

@TheBlueMatt I didn't mean for the RPC interface, I meant for the P2P network. Think: JavaScript SPV wallets.

@saleemrashid: Can you elaborate a bit more on the use-case?

Agree with @TheBlueMatt that web-socket support is very likely out-of-scope for Bitcoin Core. A simple mapper script (use python or something) that converts raw 8333 P2P to compatible websockets interface and vice versa would be trivial. Could also be added to /contrib.

@jonasschnelli TCP proxies for WebSockets exist already but it would be useful to be able to connect directly to a node from JavaScript without a centralized backend.

@saleemrashid Why can't JS speak TCP/IP?

@sipa: it can (in theory). There is a W3C specs. But only Chrome has it implemented in it's "experimental extension".

@sipa I'm not sure what the original rationale is but one reason is security since it bypasses CORS (e.g. that MySQL server running on localhost shouldn't be accessible from a random server but it has no way of telling you that). But WebSockets require you to use CORS before upgrading from HTTP to TCP.

@saleemrashid Hmm, ok why would the proxy need to be centralized? I would assume that proxy software exists that you can locally in front of bitcoind.

@sipa Well, the user using the JavaScript would not be running bitcoind. If they want to connect to the P2P network, they would need to use a proxy to connect to nodes. Since these nodes do not support WebSockets, the user cannot connect without using a WebSockets proxy. This makes the user vulnerable to a Sybil attack.

Searching for websocket tcp proxy It seems like there are a number of proxies out there that you could use to let a javascript client connect to a bitcoin nodes over p2p. I would expect these solutions to be better (more reliable and more configurable) than something that would be built into bitcoind.

I don't understand the part about sybil attacks. Presumably a proxy should be able to give you full information about the connection.

Are you trying to get the javascript code to somehow be able to accept incoming connections from bitcoin nodes as well as making outgoing connections?

@ryanofsky

something that would be built into bitcoind.

WebSockets are just like TCP except the socket starts with HTTP headers. bitcoind would just strip the HTTP headers if it received the WebSocket Upgrade header.

I don't understand the part about sybil attacks.

If all the communication goes through the WebSocket proxy, you only really have one peer, right? (the WebSocket proxy).

Are you trying to get the javascript code to somehow be able to accept incoming connections from bitcoin nodes as well as making outgoing connections?

No :smile:

If all the communication goes through the WebSocket proxy, you only really have one peer, right? (the WebSocket proxy).

Eh, no?

You just wouldn't be able to tell what IP they are connecting from, but that doesn't mean that they're all the same entity...

@sipa The WebSocket proxy could be malicious

@saleemrashid That's why you run it yourself. It being malicious is not worse than any other network node being malicious.

I think what @saleemrashid wants to achieve is using bitcoin's p2p network directly from the browser without installing third party applications nor having any form of "centralised validation".

@sipa Running it yourself defeats most of the point of having WebSocket support though. @jonasschnelli :+1:

I'm very confused.

You want to connect a website(?) to a Bitcoin Core instance. If you're running Bitcoin Core, why can't you run a proxy in front of it as well?

@sipa Possible applications for this could be JavaScript SPV wallets for use with hardware wallets (without any centralized backend)

Well it seems unreasonable to expect that every P2P node would start accepting WebSocket connections from untrusted peers.

@sipa Why would WebSocket require any more trust than an ordinary TCP connection?

Massive extra complexity and attack surface, requiring people to open more ports, ... just to circumvent a dumb limitation of a programming language?

Saleem, probably it would be most productive to write a contrib script that would start up a websockets proxy and make it easy for individual bitcoin node operators to accept connections from javascript apps. There's no way we could justify building in support for a new protocol and running it on all nodes by default when there are no apps yet in existence that would even use the functionality.

There was more discussion of this yesterday in IRC: https://botbot.me/freenode/bitcoin-core-dev/msg/94281925/

Turns out immediate issue is not giving a javascript application access nodes on the p2p network, but letting an enscripten compiled version of bitcoind access the network. Using existing SOCKS5 support over websocket like https://github.com/kousu/socks5.ws might be a good way to do this with minimal code changes.

To be pedantic @sipa it's not really limitation of a language per se, it's a limitation of a browser context. You can do a full node in javascript, including the p2p network - https://github.com/bcoin-org/bcoin has done so.

@saleemrashid are you still working on this? Have you thought about @ryanofsky's suggestion of writing a contrib script to start a websockets proxy?

I suggest we close this issue if no-one is actively working on it.

Going to close for now.