Fonta1n3 / FullyNoded

Self sovereign, secure, powerful, easy to use wallet that utilizes your own node as a backend. Powered by PSBT's and descriptors. Acts as an offline signer using your node as a watch-only wallet. C-Lightning compatible for instant, unfairly cheap payments.
https://fullynoded.app
Other
201 stars 31 forks source link

Add cookie authentication to Tor Hidden Service #6

Closed 05nelsonm closed 5 years ago

05nelsonm commented 5 years ago

Opening port 8332 up via a Tor HS w/o properly generating a base32 keypair allows anyone and everyone who has the onion address to issue commands to it.

Setting up proper authentication will require that only the user with the private key pair has access to the hidden service.

A good guide for doing so: https://matt.traudt.xyz/p/FgbdRTFr.html

Fonta1n3 commented 5 years ago

Appreciate the issue, for sure once I fix the current bug on devices I will add ability for user to add an auth key for their V3.

Fonta1n3 commented 5 years ago

Added to latest update