CjS77
commented
2 years ago I've been thinking about this. Let's rather do this properly with TLS.
Since that's a slightly bigger effort, let's deprioritise it for now.
Closed alex1307 closed 2 years ago
CjS77
commented
2 years ago I've been thinking about this. Let's rather do this properly with TLS.
Since that's a slightly bigger effort, let's deprioritise it for now.
CjS77
commented
2 years ago Going to shelve this approach for a more robust TLS-based one
Description
We will run the grpc server using a session password: the password is provided when the wallet is started. Or the password could be configred using the conf. variable: TARI_WALLET_GRPC_PASSWORD.
Motivation and Context We should protect the wallet sensitive infromation.
How Has This Been Tested? Both cases are maunally tested. Run the wallet with -- --grpc-password=12345678A and called getBalance. When the correct password is provide balance is shown. If not then 16 UNAUTHENTICATED: Invalid gRpc password is shown.
Run without a password and balance is shown with or without authorization.
Setup: grpc-password=12345 Metadata: {"authorization": "7d4e3eec80026719639ed4dba68916eb94c7a49a053e05c8f9578fe4e5a3d7ea"}