geth option "--allow-insecure-unlock", what exactly does it mean?

About

Asked 15/12, 2019 at 2:33 Answered 2/1, 2020 at 7:7

Solved security blockchain ethereum go-ethereum

The doc on github says:

--allow-insecure-unlock Allow insecure account unlocking when account-related RPCs are exposed by http

And, I have to add the option when start geth, otherwise can't unlock the account.

Questions

What does this option exactly mean? I read the doc and searhed on Google, still can't fully understand it.
Is it safe to use this option, will it create security holes?

Globuliferous answered 15/12, 2019 at 2:33 Comment(0)

If you access to a node with geth via HTTP protocol you can´t unlock account with personal.unlockAccount(web3.eth.account, password). If you try, you'll receive error "account unlock with HTTP access is forbidden". So, to avoid that you have to use the flag allow-insecure-unlock.

That is because the unlock operation is unsafe if the node is exposed to external. That "protection" was added in go-ethereum in PR #17037 (https://github.com/ethereum/go-ethereum/pull/17037)

Herophilus answered 2/1, 2020 at 7:7 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Questions

Recommended topics

Hot tags