This is a project to define a new wallet protocol addressing problems with the current JSON-RPC implementation in bitcoind. Please feel free to make edits. If you disagree with something, turn it into a "debate".
- 1 Explanation
- 2 Requirements
- 3 DRAFT 0
- 3.1 Conformance requirements
- 3.2 Transport Layer
- 3.3 Session Layer
- 3.4 Presentation Layer
- 3.5 Application Layer
- 3.6 References
This protocol aims to be a standard for communication between Wallets and User Interfaces. It can be used to access a Wallet remotely, or even locally, even if the Wallet and User Interface are produced by different or competing vendors. For example, you could use an Android User Interface from Google to control a QBitcoin Wallet.
Please see the Infrastructure page for an overview of where this protocol fits into the big picture.
- Never use human-formatted data (for example, use base bitcoin units, not Decimal BitCoins nor Tonal BitCoins, which should only be used in formatting for humans)
- Don't require polling (for example, broadcast events for new transactions, or changes to current "work")
- Cooperative mining (see below)
- Allow calculating expected minimum fee for transactions, with either (wallet's choice) locking on the used inputs, or prebuilding the tx and error if it becomes invalid before sending
- Easy to use in a RPC-like manner, for simple applications
Binary or plaintext
- Binary is more efficient to parse and create
- Plaintext is easier for humans to debug
- Binary can include custom transactions as-is for transmission
- Protobuf (binary) seems efficient and easy to use from all major languages
- JSON implementations tend to be buggy
The protocol should support submitting completed blocks, such that it can get (just) addresses from an upstream pool to generate to, and send all completed blocks to that pool for verification and counting (and possibly submission to the network). This can reduce the pool's load.
For more secure use by ordinary end users, UIs and Wallets should support communication over standard I/O (stdio). This allows the UI to simply execute a dedicated Wallet, without requiring the user to setup Wallet-side authentication.
Everything beyond this point is strictly DRAFT, should NOT be implemented, and is subject to being completely rewritten or modified!
All diagrams, examples, and notes in this specification are non-normative, as are all sections explicitly marked non-normative. Everything else in this specification is normative.
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in the normative parts of this document are to be interpreted as described in RFC2119. For readability, these words do not appear in all uppercase letters in this specification.
Requirements phrased in the imperative as part of algorithms (such as "strip any leading space characters" or "return false and abort these steps") are to be interpreted with the meaning of the key word ("must", "should", "may", etc) used in introducing the algorithm.
Must support at least reliable in-order stream data.
- stdio (required for self-contained UI bundling)
- TLS (recommended)
- TCP (NOT recommended; see TLS)
HTTP-with-SSE request semantics
These content types may be specified in the Content-Type header, and Accept header.
- application/x-ripemd-160 (required)
- application/x-sha (required)
- multipart/mixed (required)
- text/event-stream (required for events over HTTP)
- application/x-bitcoin (required wallet-side)
- application/json (recommended)
Wallets may micro-manage security as they like, but the following are RECOMMENDED security levels:
|"Miner"||Can generate new addresses, get work, and report found blocks|
|Read-only||Can view accounts, addresses, and any public data, and combinations thereof (eg, balances)|
|Financial||Can create new transactions using the wallet's keys|
|Full||Can administrate (download, destroy, etc) wallet keys|
May be provided in multipart/mixed, JSON, XML, etc...
|id||Yes||Yes||Yes||Yes||Yes||Yes||Unique data identifier; only guaranteed to remain the same for a single session|
|type||Yes||Yes||Yes||Yes||Yes||Yes||Type of data: 'key', 'tx', 'block', 'account', 'accounting'|
|related||Yes||Yes||??||??||??||??||Can have multiple entries (in JSON, an array value)|
- Arbitrary data can be accessed with the path /data/<id>
- GET to fetch
- To get only block header, use /data/<id>/header
- To get only actual content (eg, no calculated values), use /data/<id>/raw
- Optional: PUT to upload
- GET /dataSearch?<query-object>
- POST /dataSearch allowed for more complex queries
NOTE: To get the id rather than the data itself, use a HEAD request and check the Location header.
- Always POST
New Data Available
New Data Available
p2p protocol encapsulation
Optional: Establish a WebSocket connection to /p2p to speak direct p2p protocol
- Key words for use in RFCs to Indicate Requirement Levels, S. Bradner. IETF.
- Hypertext Transfer Protocol -- HTTP/1.1, Fielding, et al, W3C.
- SPDY Protocol, various. Google, Inc.
- Server-Sent Events, Ian Hickson, Google, Inc.
- Extensible Markup Language (XML) 1.0 (Second Edition), Tim Bray, Jean Paoli, C. M. Sperberg-McQueen and Eve Maler, W3C.