gui: enable RPC server by default #17301

pull Sjors wants to merge 1 commits into bitcoin:master from Sjors:2019/10/gui-server changing 3 files +8 −3
  1. Sjors commented at 6:12 PM on October 29, 2019: member

    This PR enables the RPC server by default for GUI users (with cookie based authentication).

    Alternatively I could add GUI setting.

  2. [gui] enable RPC server by default 5e5ece467a
  3. Sjors commented at 6:16 PM on October 29, 2019: member

    Some recent projects that would benefit from this:

    1. HWI: especially once it has a GUI: https://github.com/bitcoin-core/HWI/issues/263
    2. Junction: https://github.com/justinmoon/junction

    These applications only need bitcoind / bitcoin-qt to run when they're being used.

  4. instagibbs commented at 6:48 PM on October 29, 2019: member

    What are the arguments against? Security? Any open issues for this?

  5. laanwj added the label GUI on Oct 29, 2019
  6. laanwj commented at 7:05 PM on October 29, 2019: member

    What are the arguments against? Security? Any open issues for this?

    Yes, the reason the RPC server has always been disabled for the GUI by default is that it's not necessary for most GUI users, so it reduces the attack surface without any adverse consequences.

    If new developments cause it to be more necessary, this can be reconsidered, of course.

  7. MarcoFalke added the label Brainstorming on Oct 29, 2019
  8. jonasschnelli commented at 6:22 AM on October 30, 2019: contributor

    I guess most GUI users don't use the RPC interface and it's unclear to me if it is worth to enable it by default for better integration with HWI/junction.

    Though better GUI integration to enable the RPC interface would be desirable IMO. Maybe a setting that could directly enable the interface without a restart (yes, needs some refactoring)...

  9. laanwj commented at 8:58 AM on October 30, 2019: member

    W.r.t. security, some of the trade-offs are non-obvious: for example it's mostly GUI users that tend to run the software on the same computer as a browser.

    As long as the RPC is reachable through localhost TCP (and not something off-limits to browsers like a UNIX socket), with RPC enabled there is the increased risk that malware running in the browser (with or without the aid of a partial sandbox evasion) attacks the wallet.

  10. practicalswift commented at 11:52 AM on October 30, 2019: contributor

    In general I don't think users expect non-server applications to listen to TCP ports unless the user has explicitly opted-in to such behaviour.

    As a user I expect the default mode of operation to minimise available attack surfaces ("secure by default").

    It feels risky to increase the attack surface for all GUI users users to accommodate the needs for a subset of said users.

    I suggest adding a GUI setting instead to make this opt-in.

  11. laanwj commented at 12:35 PM on October 30, 2019: member

    I'd agree. A GUI setting to quickly enable this, for users that need it, would make sense.

    To be clear, I'd feel better with enabling this by default after UNIX sockets for RPC are implemented (e.g.#9919 resurrected) and UNIX-socket-only is the default.

  12. fanquake renamed this:
    [gui] enable RPC server by default
    gui: enable RPC server by default
    on Oct 30, 2019
  13. Sjors commented at 7:41 PM on October 30, 2019: member

    Ok, so I'll either add a GUI setting, or wait for UNIX sockets, whichever comes first...

  14. Sjors closed this on Oct 30, 2019
  15. MarcoFalke locked this on Dec 16, 2021
Contributors
Sjorsinstagibbslaanwjjonasschnellipracticalswift
Labels
BrainstormingGUI
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 09:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me