Skip to content

Updating RPC documentation from Core to Knots #233

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: 29.x-knots
Choose a base branch
from
+15 −15
Open

Updating RPC documentation from Core to Knots #233

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 15 additions & 15 deletions doc/JSON-RPC-interface.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ bitcoin-cli -named createwallet mywallet load_on_startup=true

## Versioning

The RPC interface might change from one major version of Bitcoin Core to the
The RPC interface might change from one major version of Bitcoin Knots to the
next. This makes the RPC interface implicitly versioned on the major version.
The version tuple can be retrieved by e.g. the `getnetworkinfo` RPC in
`version`.
Expand Down Expand Up @@ -92,21 +92,21 @@ protocol in v27.0 and prior releases.

## Security

The RPC interface allows other programs to control Bitcoin Core,
The RPC interface allows other programs to control Bitcoin Knots,
including the ability to spend funds from your wallets, affect consensus
verification, read private data, and otherwise perform operations that
can cause loss of money, data, or privacy. This section suggests how
you should use and configure Bitcoin Core to reduce the risk that its
you should use and configure Bitcoin Knots to reduce the risk that its
RPC interface will be abused.

- **Securing the executable:** Anyone with physical or remote access to
the computer, container, or virtual machine running Bitcoin Core can
the computer, container, or virtual machine running Bitcoin Knots can
compromise either the whole program or just the RPC interface. This
includes being able to record any passphrases you enter for unlocking
your encrypted wallets or changing settings so that your Bitcoin Core
your encrypted wallets or changing settings so that your Bitcoin Knots
program tells you that certain transactions have multiple
confirmations even when they aren't part of the best block chain. For
this reason, you should not use Bitcoin Core for security sensitive
this reason, you should not use Bitcoin Knots for security sensitive
operations on systems you do not exclusively control, such as shared
computers or virtual private servers.

Expand All @@ -116,19 +116,19 @@ RPC interface will be abused.
and passphrase). Any program on your computer with access to the file
system and local network can obtain this level of access.
Additionally, other programs on your computer can attempt to provide
an RPC interface on the same port as used by Bitcoin Core in order to
an RPC interface on the same port as used by Bitcoin Knots in order to
trick you into revealing your authentication credentials. For this
reason, it is important to only use Bitcoin Core for
reason, it is important to only use Bitcoin Knots for
security-sensitive operations on a computer whose other programs you
trust.

- **Securing remote network access:** You may optionally allow other
computers to remotely control Bitcoin Core by setting the `rpcallowip`
computers to remotely control Bitcoin Knots by setting the `rpcallowip`
and `rpcbind` configuration parameters. These settings are only meant
for enabling connections over secure private networks or connections
that have been otherwise secured (e.g. using a VPN or port forwarding
with SSH or stunnel). **Do not enable RPC connections over the public
Internet.** Although Bitcoin Core's RPC interface does use
Internet.** Although Bitcoin Knots's RPC interface does use
authentication, it does not use encryption, so your login credentials
are sent as clear text that can be read by anyone on your network
path. Additionally, the RPC interface has not been hardened to
Expand All @@ -138,21 +138,21 @@ RPC interface will be abused.
`bitcoind -help` for more information about these settings and other
settings described in this document.

Related, if you use Bitcoin Core inside a Docker container, you may
Related, if you use Bitcoin Knots inside a Docker container, you may
need to expose the RPC port to the host system. The default way to
do this in Docker also exposes the port to the public Internet.
Instead, expose it only on the host system's localhost, for example:
`-p 127.0.0.1:8332:8332`

- **Secure authentication:** By default, when no `rpcpassword` is specified, Bitcoin Core generates unique
- **Secure authentication:** By default, when no `rpcpassword` is specified, Bitcoin Knots generates unique
login credentials each time it restarts and puts them into a file
readable only by the user that started Bitcoin Core, allowing any of
readable only by the user that started Bitcoin Knots, allowing any of
that user's RPC clients with read access to the file to login
automatically. The file is `.cookie` in the Bitcoin Core
automatically. The file is `.cookie` in the Bitcoin Knots
configuration directory, and using these credentials is the preferred
RPC authentication method. If you need to generate static login
credentials for your programs, you can use the script in the
`share/rpcauth` directory in the Bitcoin Core source tree. As a final
`share/rpcauth` directory in the Bitcoin Knots source tree. As a final
fallback, you can directly use manually-chosen `rpcuser` and
`rpcpassword` configuration parameters---but you must ensure that you
choose a strong and unique passphrase (and still don't use insecure
Expand Down