From 29c8a2e9039c5b31aaca35625129da68b6728f01 Mon Sep 17 00:00:00 2001
From: Daniel McNally <mcnallydp@gmail.com>
Date: Wed, 3 Oct 2018 02:48:33 -0400
Subject: [PATCH] expand rpc blacklist

This commit expands the rpc blacklist to cover all calls that could leak
sensitive information about the wallet of the bitcoin node or that could
cause the operator to lose funds. It also alphabetizes the blacklist.
---
 app/config.js | 60 ++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 50 insertions(+), 10 deletions(-)

diff --git a/app/config.js b/app/config.js
index f3c3282..32d8e7f 100644
--- a/app/config.js
+++ b/app/config.js
@@ -9,27 +9,67 @@ module.exports = {
 	coin: currentCoin,
 
 	rpcBlacklist:[
-		"stop",
-		"savemempool",
 		"addnode",
+		"backupwallet",
+		"bumpfee",
+		"clearbanned",
+		"createmultisig",
 		"disconnectnode",
 		"dumpprivkey",
 		"dumpwallet",
-		"setban",
-		"clearbanned",
-		"setnetworkactive",
+		"encryptwallet",
+		"generate",
+		"generatetoaddress",
+		"getaccountaddrss",
+		"getaddressesbyaccount",
+		"getbalance",
+		"getnewaddress",
+		"getrawchangeaddress",
+		"getreceivedbyaccount",
+		"getreceivedbyaddress",
+		"gettransaction",
+		"getunconfirmedbalance",
+		"getwalletinfo",
+		"importaddress",
+		"importmulti",
+		"importprivkey",
+		"importprunedfunds",
+		"importpubkey",
+		"importwallet",
+		"keypoolrefill",
+		"listaccounts",
+		"listaddressgroupings",
+		"listlockunspent",
+		"listreceivedbyaccount",
+		"listreceivedbyaddress",
+		"listsinceblock",
+		"listtransactions",
+		"listunspent",
+		"listwallets",
 		"lockunspent",
+		"logging",
 		"move",
+		"preciousblock",
+		"pruneblockchain"
 		"removeprunedfunds",
 		"rescanblockchain",
-		"encryptwallet",
-		"backupwallet",
-		"importwallet",
+		"savemempool",
+		"sendfrom",
+		"sendmany",
+		"sendtoaddress",
+		"sendrawtransaction",
+		"setaccount"
+		"setban",
+		"setnetworkactive",
+		"signmessage",
+		"signmessagewithprivatekey",
+		"signrawtransaction",
+		"stop",
+		"submitblock",
+		"verifychain",
 		"walletlock",
 		"walletpassphrase",
 		"walletpassphrasechange",
-		"verifychain",
-		"pruneblockchain"
 	],
 
 	// https://uasf.saltylemon.org/electrum