@@ -495,3 +495,76 @@ Git and GitHub tips
495495 This will add an `upstream-pull` remote to your git repository, which can be fetched using `git fetch --all`
496496 or `git fetch upstream-pull`. Afterwards, you can use `upstream-pull/NUMBER/head` in arguments to `git show`,
497497 `git checkout` and anywhere a commit id would be acceptable to see the changes from pull request NUMBER.
498+
499+ RPC interface guidelines
500+ --------------------------
501+
502+ A few guidelines for introducing and reviewing new RPC interfaces:
503+
504+ - Method naming: use consecutive lower-case names such as `getrawtransaction` and `submitblock`
505+
506+ - *Rationale*: Consistency with existing interface.
507+
508+ - Argument naming: use snake case `fee_delta` (and not, e.g. camel case `feeDelta`)
509+
510+ - *Rationale*: Consistency with existing interface.
511+
512+ - Use the JSON parser for parsing, don't manually parse integers or strings from
513+ arguments unless absolutely necessary.
514+
515+ - *Rationale*: Introduces hand-rolled string manipulation code at both the caller and callee sites,
516+ which is error prone, and it is easy to get things such as escaping wrong.
517+ JSON already supports nested data structures, no need to re-invent the wheel.
518+
519+ - *Exception*: AmountToValue can parse amounts as string. This was introduced because many JSON
520+ parsers and formatters hard-code handling decimal numbers as floating point
521+ values, resulting in potential loss of precision. This is unacceptable for
522+ monetary values. **Always** use `AmountToValue` and `ValueToAmount` when
523+ inputting or outputting monetary values. The only exceptions to this are
524+ `prioritisetransaction` and `getblocktemplate` because their interface
525+ is specified as-is in BIP22.
526+
527+ - Missing arguments and 'null' should be treated the same: as default values. If there is no
528+ default value, both cases should fail in the same way.
529+
530+ - *Rationale*: Avoids surprises when switching to name-based arguments. Missing name-based arguments
531+ are passed as 'null'.
532+
533+ - *Exception*: Many legacy exceptions to this exist, one of the worst ones is
534+ `getbalance` which follows a completely different code path based on the
535+ number of arguments. We are still in the process of cleaning these up. Do not introduce
536+ new ones.
537+
538+ - Try not to overload methods on argument type. E.g. don't make `getblock(true)` and `getblock("hash")`
539+ do different things.
540+
541+ - *Rationale*: This is impossible to use with `bitcoin-cli`, and can be surprising to users.
542+
543+ - *Exception*: Some RPC calls can take both an `int` and `bool`, most notably when a bool was switched
544+ to a multi-value, or due to other historical reasons. **Always** have false map to 0 and
545+ true to 1 in this case.
546+
547+ - Don't forget to fill in the argument names correctly in the RPC command table.
548+
549+ - *Rationale*: If not, the call can not be used with name-based arguments.
550+
551+ - Set okSafeMode in the RPC command table to a sensible value: safe mode is when the
552+ blockchain is regarded to be in a confused state, and the client deems it unsafe to
553+ do anything irreversible such as send. Anything that just queries should be permitted.
554+
555+ - *Rationale*: Troubleshooting a node in safe mode is difficult if half the
556+ RPCs don't work.
557+
558+ - Add every non-string RPC argument `(method, idx, name)` to the table `vRPCConvertParams` in `rpc/client.cpp`.
559+
560+ - *Rationale*: `bitcoin-cli` and the GUI debug console use this table to determine how to
561+ convert a plaintext command line to JSON. If the types don't match, the method can be unusable
562+ from there.
563+
564+ - A RPC method must either be a wallet method or a non-wallet method. Do not
565+ introduce new methods such as `getinfo` and `signrawtransaction` that differ
566+ in behavior based on presence of a wallet.
567+
568+ - *Rationale*: as well as complicating the implementation and interfering
569+ with the introduction of multi-wallet, wallet and non-wallet code should be
570+ separated to avoid introducing circular dependencies between code units.
0 commit comments