As it stands this will leak the xpriv since the xpriv will be in the command history. The import of the xpriv should be interactive and should be encrypted before being stored.

I know previously we would not recommend forcing encryption because it could lead to funds loss, here the user already has the xpriv so it's already backed up.

@btcdrak We can change this to accept the seed only from stdin (-stdin).

Yes. I'm aware of the security weakness of accepting a xpriv over a startup argument.
A previous proposed solution would be to support a tool called bitcoin-wallet which could create, alter and encrypt wallet without the need of bitcoind (this would by my preferred solution but can be added later).

I think accepting a xpriv over a configuration value is not extremely bad. If an attacker can access bitcoin.conf he might also be capable of grabbing your RPC password and dump your wallet to /tmp.

Personally I prefer a separate interactive import tool and a Qt GUI option which I think would be used more in any case. FWIW, I think importing via a bitcoin.conf option is even worse.

@btcdrak We can change this to accept the seed only from stdin (-stdin).

Sounds good, that relieves my concerns.

Concept ACK, but I think this needs significant reworking to interact with multiwallet.

This would possibly be easier to implement using bitcoin-wallet-tool (#8745)

I am confused. Is there any workaround that allows me importing xpriv or seed or mnemonic into bitcoind?