Strong concept ACK on providing a REST API which is built with the intention to be secure.

The current situation where we don't want to vouch for the security of our REST API and instead suggest that our users should roll their own sanitisation via an nginx proxy if they want to use it in settings where security might be needed feels really weird for a security critical project. We can do better! :)

@practicalswift That seems entirely orthogonal here. The concern with REST (and also RPC, though RPC has additional exposure) is that it isn't designed to be DoS resistant, so it's assumed to only be exposed to clients that are trusted to not DoS attack the node. Putting in a Python wrapper that translates REST to RPC seems like that would only worsen this.

@sipa it's not worse because a python rest server can enforce things like rate limiting or be configured to use a pool of nodes. If attacked directly, the python server's slowdowns can also function as rate limiting.

Made a few mods here:

• Use Tornado's Async HTTP Client
• Add a load balancer if you want to be backed by >1 node (-1 on consistency across calls, but you can mitigate this by having 1 external node connected to a fan out of mirror listener nodes serving RPCs)

@stickies-v you might be interested in helping with this as well :)

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

No conflicts as of last run.