walletpassphrase should prompt for the password #2318

issue anarcat opened this issue on February 19, 2013
  1. anarcat commented at 4:07 PM on February 19, 2013: none

    In general, it is bad practice to put critical passwords (and I can hardly think of a more critical password than this one) on the commandline.

    It doesn't look like bitcoind allows for sending the passphrase securely. There's a contrib python script for this (see #548), but it would be nice for the builtin code to do this directly.

  2. luke-jr commented at 4:56 PM on February 19, 2013: member

    I'd agree, BUT... bitcoind is a JSON-RPC server; the quick-and-simple test client is just that, not meant to be a fully-featured Bitcoin client for actual production use.

  3. anarcat commented at 5:11 PM on February 19, 2013: none

    On 2013-02-19, Luke-Jr wrote:

    I'd agree, BUT... bitcoind is a JSON-RPC server; the quick-and-simple test client is just that, not meant to be a fully-featured Bitcoin client for actual production use.

    From the look of it, bitcoind is the only complete (ie. fully-featured) bitcoin client out there, or at least provided by bitcoin.org. For example, the qt client doesn't have a lot of the functionality bitcoind has.

    This leads to the creation of a myriad of unmaintained scripts in contrib. For example, the walletunlock.py script mentionned above, while it doesn't show the password in the history or on the commandline, does show it in the prompt. It also doesn't read the RPC password from bitcoin.conf...

    I believe this should simply be fixed in the regular bitcoind client.

    Thanks for the feedback.

  4. sipa commented at 5:14 PM on February 19, 2013: member

    @anarcat Luke isn't talking about Bitcoin clients, but about JSON-RPC clients. The JSON-RPC interface is intended to be used by applications, and bitcoind itself just implements a very simple CLI JSON-RPC client (in addition to being a full-blown Bitcoin client). Earlier discussions have suggested writing a more user-friendly python JSON-RPC CLI client, instead of pushing more features into bitcoind,

  5. anarcat commented at 5:22 PM on February 19, 2013: none

    I am not talking about the JSON-RPC interface, just the "client" part of the bitcoind binary.

    I agree things are confusing - maybe the "client" bits of bitcoind should be split in a separate binary. But as things stand, the "client" functionality of bitcoind (the JSONRPC client interface) is the most complete thing there seems to be around to talk to the bitcoin daemon...

    Maybe I'm missing something - what's the fully-featured bitcoin client you guys are refering to? :)

  6. sipa commented at 5:28 PM on February 19, 2013: member

    Well, bitcoind is the reference Bitcoin client, and a JSON-RPC server. Nothing to be changed about that.

    Regarding JSON-RPC clients: Bitcoin-Qt has an RPC console which can do everything bitcoind's RPC server can. But if you're just talking about CLI RPC clients, bitcoind is probably the most complete one, right now, unfortunately. I'm saying that earlier discussions about adding functionality to bitcoind-the-RPC-client resulted in suggestions to write a more featureful python RPC client instead.

  7. anarcat commented at 6:26 PM on February 19, 2013: none

    Yes, I understand all that. I read some of the code for bitrpc and the other Python clients out there.

    My point is that none of those implementations are mature enough. The bitcoind client is a JSONRPC client right now and it does a lot of things! It seems to me that making the bitcoind walletpassphrase command prompt for a password is a minor improvement that should be implemented, don't you think?

  8. extr0p commented at 6:33 AM on February 21, 2013: none

    anarcat - agree, secure password prompt from the command line would be easy to add, and very helpful. Also, we would benefit from adding to

    bitcoind encryptwallet
  9. vertoe commented at 12:43 PM on May 3, 2014: none

    Bump, this issue is still very important, just fyi, discussed here http://serverfault.com/q/592744/116529 and here http://bitcoin.stackexchange.com/q/1345/6441

    I hope we can find a solution sooner than later.

  10. laanwj commented at 12:47 PM on May 3, 2014: member

    This issue is already solved: the script contrib/bitrpc.py was added for this. It asks for a password in a secure way if you use the command walletpassphrase, for example. There are no plans to add interactive functionality to bitcoin-cli.

  11. jgarzik commented at 2:23 PM on December 31, 2014: contributor

    Closing based on @laanwj 's comment.

    Personally, I would not object to a patch that intercepts the walletpassphrase command and performs an OS-standard CLI password prompting. However, such a patch is not as trivial as it sounds, as it amounts to (in effect) an interactive mode, which would need a switch to be disabled, mode autodetection hueristics and so on.

    To Do It Right takes a fair amount of work. Absent volunteers doing all that, bitcoin-cli will remain as-is and not gain interactive functionality.

  12. jgarzik closed this on Dec 31, 2014
  13. ali1234 commented at 7:44 PM on July 2, 2016: contributor

    @laanwj what are we supposed to do now that bitrpc has been deleted from the repo?

  14. laanwj commented at 12:29 PM on July 11, 2016: member

    @ali1234 0.13 will introduce a mechanism for passing arguments through a pipe instead of on the command line: https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes.md#bitcoin-cli-arguments-privacy (added in #7550)

  15. MarcoFalke locked this on Sep 8, 2021
Contributors
anarcatluke-jrsipaextr0pvertoelaanwjjgarzikali1234
Labels
Refactoring
Linked (view graph)
#548 Wallet passphrase stored in buffer
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-15 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me