Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Command: encrypt - Add user signature #762

Open
alexcos20 opened this issue Nov 26, 2024 · 0 comments
Open

Command: encrypt - Add user signature #762

alexcos20 opened this issue Nov 26, 2024 · 0 comments
Labels
Breaking changes Type: Bug Something isn't working

Comments

@alexcos20
Copy link
Member

alexcos20 commented Nov 26, 2024
edited
Loading

Now, the encrypt command can be called by anyone, without any type of auth.
This can lead to some DDOS attacks.
So, let's add auth on this command

Modules to update:

Commands:

  • add consumerAddress & signature required parameters
  • check signature when somebody is trying to use this handler
  • add optional policyServer input param, which gets sent to policyServer

Http:

  • update http route

PolicyServer:

  • add policyServer command, so an owner can decide who can have access ( { action: 'encrypt',
    consumerAddress,
    policyServer
    }

##Warning:

  • this has breaking changes for ocean.js/cli, so they need to be updated
@alexcos20 alexcos20 added Type: Bug Something isn't working Breaking changes labels Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Breaking changes Type: Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alexcos20