remove `-uacomment` #15048

I think it can be a security problem, in a way I don't know, but:

$ bitcoind -h
…
 -uacomment=<cmt>
       Append comment to the user agent string
…

it looks to be dangerous and unnecessary. https://github.com/spesmilo/electrum/issues/4968#issuecomment-450268698

NACK. The user agent comment is rarely shown to the user. When shown to the user, it is explicitly known to be part of a node's user agent string and is never shown in it's own dialog or message without surrounding context that makes it clear it is a user agent string for another node. I see no reason to remove this whatsoever.

Agree with @achow101.

NACK

If there is concern about how it is displayed, it should be addressed on that end. Making it harder to add comments doesn't help anyone.

I think this is a valid topic to discuss. It's about future proofing exploitable details of a codebase. We want mainstream adoption and to that end there should be considerations that future users might not realize some form of text is not official.

While a user agent string to me isn't necessarily an alarming feature, some retrospective thought should be done on other flags or optional details that a bitcoin client might have exposed or available to be displayed. @isghe Do you have some examples where a user agent string in this case could be exploited or used to phish / attack another client?

Any fancy characters in the string are removed before displaying it to the user.

I do have a copy of a user attempting to use a phish/attack.

@markaw67 So someone was trying to use the user agent string maliciously? Do you have a screenshot of this? How did you discover it?