Whitelist feature for wallet #135
Conversation
|
Should the wallet API be concerned with networking security? I'd rather see that handled at another layer, which are much better suited for the task : firewalls, network ACLs/hardware, reverse proxy etc. which will be much more powerful and configurable. I am not convinced the library should be concerned by those things and would advocate for separation of concern here. |
That's a fair point. The motivation for this was the knowledge of how many people are running unsecured wallets and the general technical level of people who run wallets. Yes, real security would be preferable but unfortunately this won't be the case in many situations. This was a feature combination with FactomProject/factom-walletd#84 to disallow remote connections by default and then enable specific ones if needed. |
| FactomdRPCPassword string | ||
| FactomdServer string | ||
| FactomdTimeout time.Duration | ||
| WalletWhiteListEnable bool |
There was a problem hiding this comment.
whitelist is a single word and should be camel cased Whitelist (like you did in other places actually)
Right, open wallets in the wild has been a plague... ok we can do it I guess, but we will need to document that properly to avoid people questions about why they can't call their wallet. |
|
@WhoSoup does this PR still makes sense with the wallet stuff gone? |
Nope, this would have to be re-done at the new location. I'll close this and make a note in the issue. |
This implements a simple whitelist feature for wsapi. It's enabled by starting the webserver with
RPCConfig.WalletWhiteListEnable = true. IPs to whitelist can be added withwsapi.WhiteListIP(string).Localhost (127.0.0.1, ::1) will always be able to connect. If a connection is attempted from a remote address not on the white list, the attempt is logged in the console and a 401 error is returned.