You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
gRPC server is either enabled or disabled, with no way to filter which methods the
node or wallet operator wants to expose.
While this can be resolved by the use of a reverse-proxy, it is recommended that
the configuration exists to protect unaware operators. In particular, certain
methods should be disabled by default unless the operator explicitly requests
them, because they provide information about a node that in most cases should be
private, such as:
Description
---
Added configuration options for the base node's gRPC methods whereby
each method can be enabled or disabled with the startup-config settings.
Closing #5858
Some BloomRPC screenshots:
![image](https://github.com/tari-project/tari/assets/39146854/356cbe44-d3ff-46c8-9215-57e9f24da815)
![image](https://github.com/tari-project/tari/assets/39146854/8bf225b8-1b00-439b-96be-93c8040bf8d4)
Motivation and Context
---
See #5858
How Has This Been Tested?
---
- Pass existing unit tests
- Added unit test `fn it_deserializes_enums`
- Pass cucumber tests on CI
- Manual gRPC queries to the base node (with BloomRPC)
What process can a PR reviewer use to test or verify this change?
---
- Code walkthrough
- Manual gRPC queries to the base node
<!-- Checklist -->
<!-- 1. Is the title of your PR in the form that would make nice release
notes? The title, excluding the conventional commit
tag, will be included exactly as is in the CHANGELOG, so please think
about it carefully. -->
Breaking Changes
---
- [x] None
- [ ] Requires data directory on base node to be deleted
- [ ] Requires hard fork
- [ ] Other - Please specify
<!-- Does this include a breaking change? If so, include this line as a
footer -->
<!-- BREAKING CHANGE: Description what the user should do, e.g. delete a
database, resync the chain -->
gRPC server is either enabled or disabled, with no way to filter which methods the
node or wallet operator wants to expose.
While this can be resolved by the use of a reverse-proxy, it is recommended that
the configuration exists to protect unaware operators. In particular, certain
methods should be disabled by default unless the operator explicitly requests
them, because they provide information about a node that in most cases should be
private, such as:
Add the capability to disable or enable gRPC methods. Disable methods that
provide internal information of the node by default.
The text was updated successfully, but these errors were encountered: