Security bridge on bitcoin-qt walletpassphrase

1

1

Is it safe to use walletpassphrase with bitcoin-qt rpc call ? I can think of a security problem, suppose hacker was able to insert some kind of program that call each second to the wallet with sendToAddress and the hacker bitcoin address, now he will get a lock response each time until the call will execute on the timespan the wallet is unlocked. is it possible ?

Haddar Macdasi

Posted 2017-10-08T10:15:26.383

Reputation: 845

Answers

0

The wallet passphrase protects against an attacker who has access to your disk but not the rest of your system.

If someone has access to your bitcoind through RPC, you need to protect by setting an RPC password, not a wallet encryption password.

Pieter Wuille

Posted 2017-10-08T10:15:26.383

Reputation: 54 032

But can't the hacker use some kind of listener (man in the middle attack) on that port and see the Credentials in the post ?Haddar Macdasi 2017-10-08T22:13:03.080

Yes, but if your attacker can access your local machine, you have far bigger problems. He could replace your bitcoind...Pieter Wuille 2017-10-08T22:23:59.950

Asked: 2017-10-08T10:15:26.383

Viewed: 60 times

Active: 2017-10-08T20:08:03.507