Author: Pieter Wuille 2013-07-23 10:36:46
Published on: 2013-07-23T10:36:46+00:00
In an email exchange between Andreas Schildbach and Pieter Wuille, Schildbach suggested adding HTTP authentication/SSL to the REST API to allow SPV users to run their own instance of the API or for a trusted party to set up a server. However, Wuille believes that exposing the HTTP-based interface publicly would increase security risks and potential DoS risks, and that the only thing that should be exposed in the P2P protocol is inevitable and already has some DoS protections. Wuille thinks the HTTP interface should only be used for trusted local applications and debugging.
Updated on: 2023-05-19T17:07:08.928073+00:00