The full-node (bitcoind) connected to the internet is in the DMZ. The signing private node (bitcoind with private keys - cold wallet) is inside behind a firewall.

Is it possible to setup bitcoind such that it only uses a wallet with public keys and have a separate local (does not talk to the world) bitcoind with a wallet that has the private keys ? Want this setup so only transactions originating from my application will sign the raw transaction using the local bitcoind (using rpc) and then forward the signed transaction to the bitcoind connected to the internet. Any pointers/help appreciated

Ah, see the -disablewallet option for bitcoind ... that will disable the wallet and allow bitcoind to be a proxy for all rpc requests as desired ... the only question then have is how do we run a client that has just the wallet management capability and proxies requests via bitcoind

Thanks for the response ... just want to clarify - dont want to share the wallet.dat ... want bitcond just to be a rpc server while have the wallet on another node

Hello all;

Was able to setup bitcoind in a local test mode (regtest) to explore the bitcoin json-rpc protocol. Starting bitcoind also creates/manages the wallet.dat. Is it possible to setup/create/manage the wallet.dat on another node (remote) and setup bitcoind as just a json-rpc proxy to send/receive bitcoin requests ?

Thanks in advance