Open howardwu opened 2 years ago
Note: jsonrpsee
just declared that it's more or less stable a few days ago; I'll check it out, it might be the time to close https://github.com/AleoHQ/snarkOS/issues/754 as well.
Oh, and just so that no one else tackles it in parallel, I'm already working on this.
What's the status on this?
Let's consider the the things we've used the RPC server for so far:
And some of the related issues we've encountered:
jsonrpsee
resource limitHaving all the above in mind, I'd like to propose to start shifting towards dedicating the RPC server to local/restricted use; this means:
127.0.0.1
jsonrpsee
's AccessControl
to restrict the hosts that can send RPC requests to the sync nodes (this would be employed by the nodes we want to use for Aleo explorer's purposes)This proposal would completely resolve any concerns related to malicious RPC use; even if we used per-IP bans, a well-organized malicious actor could still set up a lot of RPC clients that would individually send requests at a rate right above the one we permit.
One extra point for limiting RPC access as a policy: if we add private endpoints again, we would need to have a way of securely inputting and transmitting passwords in the headers, otherwise they'd be visible in command line history and transmitted in plaintext, which is very insecure.
🚀 Feature
Add controls that allow snarkOS to adjust 2 rates: a. The rate that RPC requests from all IP addresses are processed b. The rate that RPC requests from a single IP address is processed
Add a "restricted_peers" list for RPC IP addresses that exceed the rate.
Motivation
Some IP addresses are spamming the sync node RPC endpoints.