Author: Michael Hendricks 2013-07-23 15:48:22
Published on: 2013-07-23T15:48:22+00:00
Pieter Wuille expressed concern about the security risks and potential DoS risks associated with exposing an HTTP-based interface publicly. He believes that the attack surface should be reduced rather than increased, and that the only thing that should be exposed in the P2P protocol is inevitable and already has some DoS protections. On the other hand, Michael argues that there are benefits to having a REST interface that is exposed publicly. He suggests that a well-written prototype is needed to balance the costs and benefits of this approach, and that concrete experience gained from node operators can help inform security trade-offs. While there is support for the HTTP interface, it is suggested that it be used only for trusted local applications and debugging.
Updated on: 2023-06-07T14:18:55.046974+00:00