walletpassphrase CLI / RPC not intuitive and unsafe to use

[mimirmim]

When using walletpassphrase, it can be awkward. Switching between staking on and the moment you want to send some coins for instance isn't as intuitive as in the wallet. Further, the fact that you must enter your passphrase in plainttext is kind of a large issue in the CLI. I understand this issue persists in Bitcoin too. Also, if you unlock for staking only, I would imagine that the timeout value should by default be unlocked for an infinite amount of time. Who would want to come back every so often just to unlock their wallet only for staking when it times out?

If I have my wallet unlocked for staking only I should be prompted for my passphrase when sending coins. I should not have to unlock my wallet just for 60 seconds just to send coins, then re-lock it for staking only. Further, the prompt shouldn't expose my password if its the CLI. RPC is different as it's expected that you should use https. That may cause an issue as CLI and RPC share the same methods.

Example of steps taken to send coins then reunlock to allow for staking only:

# Initial enable staking some point in the past, must set long timeout so we don't stop staking soon
veil-cli walletpassphrase <password> true <long timeout>
# Unlock to send coins and set a short timeout incase I forget to relock
veil-cli walletpassphrase <password> false <short timeout>
# Send coins
veil-cli sendringcttoringct <address> <amount>
# Now lets reunlock with a long timeout for staking only
veil-cli walletpassphrase <password> true <long timeout>

Proposed change:

# Initial enable staking some point in the past, infinite timeout implied
veil-cli walletpassphrase <password> true
# Send coins and include password to unlock the wallet
veil-cli sendringcttoringct <address> <amount> <password>

Even better security conscious change:

# Initial enable staking some point in the past, infinite timeout implied
veil-cli walletpassphrase <password> true
# Send coins and include password to unlock the wallet
veil-cli sendringcttoringct <address> <amount>
Wallet password?
Password ⚩: *********************************

The last example would be best so that someone isn't able to extract a password and still can be fit into the CLI, perhaps.

[seanPhill]

This was addressed in #770 "Improvement: Password input ..." (July 2020)
where now a CLI input like veil-cli -stdinwalletpassphrase walletpassphrase false 10000 will allow password input hidden.

== Remaining change -- Help text so people can discover this command without finding it described on a web page. ==
The method in #770 is the same as in Bitcoin Core, but curiously there is no RPC help text for this!
We should check to see where (or whether) it is documented in Bitcoin Core, and make the help available to Veil CLI users, because while I have used this many times, I have had to paste the command in from my own notes.

One further note, using zero (0) at the end of the walletpassphrase command to mean infinite time is not quite achieved. The maximum time is 100,000,000 seconds (or about three years), and using zero sets it to the maximum, according to help walletpassphrase.

For users' reference I have just now created a tutorial in our Support Desk website explaining how to do this.
Veil.Freshdesk.com: Unlock the Veil wallet CLI without displaying the passphrase