Re: [bitcoin-dev] BIP Proposal: Wallet Interface

[Shane Jonas via bitcoin-dev]

There’s a BIP to create a standard API document for the Bitcoin JSON-RPC API 
https://github.com/bitcoin/bips/pull/776

here’s an example of the generic ethereum api 
https://github.com/etclabscore/ethereum-json-rpc-specification/blob/master/openrpc.json

and another example of just the wallet interface 
https://github.com/etclabscore/signatory/blob/master/openrpc.json

here’s a live demo with interactive documentation:

https://playground.open-rpc.org/?schemaUrl=https://raw.githubusercontent.com/etclabscore/ethereum-json-rpc-specification/master/openrpc.json

Creating a standard api document like this makes it a lot easier to build dev 
tools and documentation.

I’d love to help document the bitcoin JSON-RPC API, let me know how I can help.

> On Dec 23, 2020, at 6:15 PM, Erik Aronesty via bitcoin-dev 
>  wrote:
> 
> Obviously Bitcoin has a wallet api, intermingled with other protocol APIs:
> 
> https://en.bitcoin.it/wiki/Original_Bitcoin_client/API_calls_list
> 
> For security, a standard wallet API should write a token/port to a
> local file where the user can grab that token and use it (that's
> basically how the existing bitcoind does it, with a username/password
> living in a file... not as nice as a token/port, IMO)
> 
> Probably any such standards document should do its best to be
> compatible with the existing APIs that so many are already familiar
> with.   Or maybe I misunderstand the proposal.
> 
> - Erik
> 
>> On Tue, Dec 22, 2020 at 9:48 AM monokh via bitcoin-dev
>>  wrote:
>> 
>> Hi
>> 
>> This is a first draft of a BIP we intend to submit. The main intention is to 
>> define a simple interface that wallets and applications can agree on that 
>> would cover the vast majority of use cases. This can enable writing bitcoin 
>> applications (e.g. time lock, multi sig) on the web that can be seamlessly 
>> used with any compatible wallets. We have implementations of such examples 
>> but I don't want to turn this thread into a promotion and rather focus on 
>> the spec.
>> 
>> Appreciate input from the list. Please share if there are existing efforts, 
>> relevant specs or use cases.
>> 
>> --
>> 
>> A wallet interface specification for bitcoin applications
>> 
>> ## Abstract
>> 
>> This BIP describes an API for Bitcoin wallets and applications as a standard.
>> 
>> ## Summary
>> 
>> Bitcoin wallets should expose their address derivation and signing functions 
>> to external applications. The interface would be expressed as follows in 
>> javascript:
>> 
>> ```
>> {
>> // Wallet Metadata
>> wallet: {
>> name: 'Bitcoin Core'
>> },
>> 
>> // Request access to the wallet for the current host
>> async enable: (),
>> 
>> // Request addresses and signatures from wallet
>> async request ({ method, params })
>> }
>> ```
>> 
>> In the web context the interface could be exposed at the top level of a 
>> webpage, for example under `window.bitcoin`. However this spec does not 
>> intend to define any standards for how and where the interfaces should be 
>> exposed.
>> 
>> ## Motivation
>> 
>> Due to the seldom available APIs exposed by wallets, applications (web or 
>> otherwise) are limited in how they are able to interact. Generally only 
>> simple sends have been available. A more robust API that introduces other 
>> requests will promote richer Bitcoin applications.
>> 
>> Additionally, wallet APIs have frequently included inconsistencies in their 
>> interfaces and behaviour. This has required applications to build and 
>> maintain a separate client for each wallet, increasing the risk of bugs and 
>> unintended behaviour as well as being a limiting factor for the adoption of 
>> usable bitcoin applications.
>> 
>> With a standardised wallet API:
>> 
>> - Wallets have a clear API to implement
>> - Applications have a clear expectation of wallet interface and behaviour
>> - Applications become agnostic to the wallet specifics, increasing choice 
>> for users
>> 
>> If more wallets implement the specification, applications will be developed 
>> more confidently by benefiting from the wallet interoperability. This 
>> creates a positive feedback loop.
>> 
>> ## Specification
>> 
>> For simplicity, the interface is defined in the context of web applications 
>> running in the browser (JS) however, they are simple enough to be easily 
>> implemented in other contexts.
>> 
>> ### General Rules
>> 
>> - For sensitive functions (e.g. signing), wallet software should always 
>> prompt the user for confirmation
>> 
>> ### Types
>> 
>> **UserDeniedError**
>> An error type indicating that the application's request has been denied by 
>> the user
>> Type: Error
>> 
>> **Hex**
>> Type: String
>> Example: `"000a24677957d1e50d70e67c513d220dbe8868c4c3aefc08"`
>> 
>> **Address**
>> Address details
>> Type: Object
>> Example:
>> 
>> ```
>> {
>> "address": "bc1qn0fqlzamcfuahq6xuujrq08ex7e26agt20gexs",
>> "publicKey": 
>> "02ad58c0dced71a236f4073c3b6f0ee27dde6fe96978e9a9c9500172e

Re: [bitcoin-dev] BIP Proposal: Wallet Interface

[Aymeric Vitte via bitcoin-dev]

Resending to the list since I am using a different email

Complement: if anonymity is required from the browser (or elsewhere) you
might consider looking at https://github.com/Ayms/node-Tor too


Le 24/12/2020 à 20:40, Aymeric Vitte a écrit :
>
> You might want to take a look at: https://peersm.com/wallet
>
> And https://github.com/Ayms/bitcoin-transactions
>
> "wallet" is not the very correct word, it's more bitcoin cli outside
> of bitcoin core but for now not linked to an explorer/tx system which
> makes it probably still not so easy to use for the transactions part
> (which can be extended to lightning, etc)
>
> The idea is to propose to people most of the tools they need to manage
> their coins by themselves, or at least understand better what they are
> doing
>
> "People should not be encouraged to write or use web browsers for
> their wallet." --> yes and no, please crack the standalone webapp
> above, so it's finally a no when things are done correctly, of course
> there is no story of keys storage inside browsers or online stuff with
> keys
>
> Maybe this can be turned one day into a w3c api like webcrypto
> (window.bitcoin as you sketch)
>
> Le 23/12/2020 à 08:29, monokh via bitcoin-dev a écrit :
>> Thanks for the input Luke.
>>
>> > 1) People should not be encouraged to write or use web browsers for
>> their wallet.
>>
>> Indeed. Holding keys in the browser can be very insecure, however the
>> spec is not limited to this. I will amend to make this clear. The
>> same interface can be used to communicate from a web context or even
>> desktop application with hardware wallets where keys are segregated
>> safely. The prominent hardware wallets already have such an
>> interface. Unfortunately as there has been no standardisation, an
>> application must specifically provide an implementation for each
>> wallet to be compatible.
>>
>> > 2) You may want to look over earlier work in this area.
>>
>> Please share if you have specifics in mind. What has been considered
>> were mainly hardware wallet apis. The requests have been defined such
>> that they would be compatible. I will make references to such
>> considerations in the text. I welcome any feedback on what may be
>> missing or problematic for these providers - something I will also
>> pursue outwith the thread.
>>
>> -monokh 
>>
>> On Wed, Dec 23, 2020 at 2:15 AM Luke Dashjr > > wrote:
>>
>> 1) People should not be encouraged to write or use web browsers
>> for their
>> wallet.
>> 2) You may want to look over earlier work in this area.
>>
>> On Tuesday 22 December 2020 14:43:11 monokh via bitcoin-dev wrote:
>> > Hi
>> >
>> > This is a first draft of a BIP we intend to submit. The main
>> intention is
>> > to define a simple interface that wallets and applications can
>> agree on
>> > that would cover the vast majority of use cases. This can
>> enable writing
>> > bitcoin applications (e.g. time lock, multi sig) on the web
>> that can be
>> > seamlessly used with any compatible wallets. We have
>> implementations of
>> > such examples but I don't want to turn this thread into a
>> promotion and
>> > rather focus on the spec.
>> >
>> > Appreciate input from the list. Please share if there are
>> existing efforts,
>> > relevant specs or use cases.
>> >
>> > --
>> >
>> > A wallet interface specification for bitcoin applications
>> >
>> > ## Abstract
>> >
>> > This BIP describes an API for Bitcoin wallets and applications as a
>> > standard.
>> >
>> > ## Summary
>> >
>> > Bitcoin wallets should expose their address derivation and signing
>> > functions to external applications. The interface would be
>> expressed as
>> > follows in javascript:
>> >
>> > ```
>> > {
>> > // Wallet Metadata
>> > wallet: {
>> > name: 'Bitcoin Core'
>> > },
>> >
>> > // Request access to the wallet for the current host
>> > async enable: (),
>> >
>> > // Request addresses and signatures from wallet
>> > async request ({ method, params })
>> > }
>> > ```
>> >
>> > In the web context the interface could be exposed at the top
>> level of a
>> > webpage, for example under `window.bitcoin`. However this spec
>> does not
>> > intend to define any standards for how and where the interfaces
>> should be
>> > exposed.
>> >
>> > ## Motivation
>> >
>> > Due to the seldom available APIs exposed by wallets,
>> applications (web or
>> > otherwise) are limited in how they are able to interact.
>> Generally only
>> > simple sends have been available. A more robust API that
>> introduces other
>> > requests will promote richer Bitcoin applications.
>> >
>> > Additionally, wallet APIs have frequently included
>> inconsistencies in their
>>