ut ACK.

Nits:

• No need to adopt over-long RPC naming system. "sendtx" or "pushtx" works.
• Agree that sending blocks should be added also (note - not a blocker for this PR)

No need to adopt over-long RPC naming system. "sendtx" or "pushtx" works.

@jgarzik why not just: POST /rest/tx
If you want to be able to post in the different formats... POST /rest/tx/[format]

Also, concept ACK, this would be great

utACK, except the nits posted are blockers to the merge IMHO.

agree w/ @dcousens

+1 for POST /rest/tx

I would also think supporting BIN (and JSON) as input format could make sense and would be consistent.

utACK.

Thanks for the fast feedback.

I've changed it to POST /rest/tx

Regarding the format: So far there is support for JSON / HEX / BIN for some of the REST methods. IMHO it should be either all methods support all formats or there is only one until there is a demand / request for other formats. I think the REST API was mostly created for webclients, which are probably most confortable with JSON or plaintext, or what was the intention when REST was added?

If we want to have support for several formats, I would vote for using the HTTP header files instead of a file-ending for the request:

5 Use HTTP headers for serialization formats

Both, client and server, need to know which format is used for the communication. The format has to be specified in the HTTP-Header.

Content-Type defines the request format.
Accept defines a list of acceptable response formats.

(From: http://blog.mwaysolutions.com/2014/06/05/10-best-practices-for-better-restful-api/)

SubmitBlock over REST is a good idea but I'll leave it out for another PR :)

@lclc agreed we should use the Content-Type header to specify in the request what response we are giving.

@lclc I have no doubt the file name extensions were made for easily viewing the data via a browser URL. Not for API usage.

As background, the discussion in IRC generally concluded that Content-type as the only method of specifying file type was not good. Command line users (curl, wget) and web browser URL bars generally make it easy to alter a URL, yet difficult to specify Content-type.

@jgarzik then lets take the approach of /rest/tx/[format]? A file type seems odd here, these aren't files.
But this argument is also relevant to all the other routes, so, may be for this pull request, we just use file types (such as .hex) for consistency, then discuss that elsewhere?

It is fair to open the topic - not disputing that.

What is the best for the most likely users? If most users are automated, content-type would seem reasonable.

If we want to have it easy to alter the URL I would vote for using GET for everything ;)

With the RPC interface we already have a easy to use API for command line usage.
I see the REST API as a self-hosted, potentially decentralize alternative to REST APIs from Blockchain.info, Blocktrail, etc.

Does anyone know a project that is using the REST API?

If I think about it without looking at other REST API designs, I like the file extension to determine the output format. Adding a file extension to the URL is much easier as adding a content-type request header.

I could see:

• URL file _extension_ = desired output forma
• request header _content-type_ = POST input format

Non post commands (currently everything expect rest/getutxo and this new command) would ignore the content-type request header because they have no input data (except to the URL itself).

If this makes sense, i think this PR would only need to evaluate the content-type request header and parse/deserialize the input POST data in the given format.

Using GET has some length limitations (not in RFC [there it is uint32max IIRC] but in most implementations). Using POST for posting data makes sense IMO.

Another nice addition would be to support an array of transactions.
Either content-type: application/json with ["<hex>", ["<hex>", ...]] or by binary stream (content-type: application/octet-stream): <varint><vector:transactions>.

I think the later, allowing tx submission without doing the JSON enc-/decoding, would be desirable.

I don't think Bitcoin Core should do it different then everyone else because we think it's easier.
But with this PR I just wanted to add the functionality to send raw transactions, not changing the general API format. Maybe we could discuss that in a new Github issue?
And keep this PR for now the same like it is for the other methods.

Another topic to discuss there is adding a REST API version method.

Regarding an array of transaction:
I'd keep it simple & stupid until there is a demand for more functionality. Since there wasn't such a demand for the sendrawtransaction RPC call I don't expect there is for the REST API.

@lclc: fair enough.
Supporting input formats – although – should be done to keep constancy. rest/getutxo also supports posting JSON/HEX/BIN as input format. But i agree – can also be done later.

Thanks. I'll add JSON & BIN as input formats next, determining them from the requested output format based on the 'file' ending in the URL (I expect if someone sends binary he wants binary back. Other scenarios can be covered ones we agree or disagree on Content-Type & Accept for data formats).

[...] I expect if someone sends binary he wants binary back [...]

Right. That exactly how rest/getutxo works.

In terms of HTTP "verbs", the method can be GET but should be POST or PUT.

• Please don't add a JSON input format. For security reasons (to reduce attack surface as there is no authentication), we don't want to parse complex input in REST (HEX and BIN are fine).
• The verb should be POST or PUT. GET is not acceptable for submitting new data in REST, it should be reserved for operations without side effects.

Re-reviewing latest version:

• Send different URI/behavior to a different dispatch function - avoid rest_tx() - and you don't need to reformat huge amounts of untouched code, vastly shrinking diff.
• Agree w/ @laanwj comments: Verb should be PUT or POST (done) and avoid JSON input.

ACK with those updates

Thanks for the review. It's strange that Travis says the checks passed even when they actually didn't (https://travis-ci.org/bitcoin/bitcoin/builds/87533414).

Makes sense, moved the POST /rest/tx (without /) code to rest_tx_sendrawtx (although the naming isn't consistent anymore now, anyone has a better idea for a function name?).

My binary tests (see latest part of rest.py) are still failing. Maybe someone has an idea whats wrong there or in the code? Thanks.

Ok.
What do you prefer @sipa , fRejectAbsurdFee always to be true or as an extra parameter to pass?

@MarcoFalke that's not the problem. You can run the same tx with hex (currently commented out) and it works. I'll look at this again when I've changed the Fee thing

@lclc So why would travis fail if that's not the problem? You can try to set it to false and the see if qa/pull-tester/rpc-tests.py rest fails.

@lclc I'm happy to take over this if you're busy

Sorry didn't have time for this, started at a new job (in Bitcoin), been abroad the last 3 weeks :)

@dcousens If you like to finish it that would be great, so maybe this makes it into 0.12. I can give you merge rights on my Github fork so we don't lose the discussions in here?

Otherwise I'll work on it again at the last weekend before December.

@lclc sounds good, add me when you can.

Needs rebase.

I'm still not entirely convinced that submitting anything belongs on this interface.

I've always felt that the REST interface was read-only on purpose - a way to query data that is public anyway without authentication. Making is possible to submit something changes the security expectations.

Closing this PR for now, to keep this interface read-only.

to keep this interface read-only.

I think that is a valid reason 👍