Open heikoheiko opened 8 years ago
4gn3s
commented
8 years ago Can you explain a bit more on how is_authorized is supposed to work? Can we just pass in a public key (which has been maybe verified somewhere else earlier) and check if it is registered, or do we have to send a signed message and use the public key to check if the sender actually operates the account?
4gn3s
commented
7 years ago Also, can you please tell me how should I test this functionality? Is this test something I should be looking into, or are there any other tools available to test network participation?
heikoheiko
commented
7 years ago is_authorized should be implemented as an abstract function that can be registered with the hdc_service, which is called with the pubkey and returns true or false. A concrete implementation would query a registry contract and check if the pubkey is whitelisted. Note that the pubkey needs to be the public key of the node as in the discovery protocol, not one used in the session.
For the test, it's not about preventing transactions but rather about permissioning when connecting to any node. Therefore i'd base it on this test with valid and invalid credentials.
4gn3s
commented
7 years ago Thank you, what about the public key verification? Does the discovery protocol somehow check if the user of the public key also holds the private key? If so, can you point me to the code that does this?
heikoheiko
commented
7 years ago Well during the handshake this is verified. I think here: https://github.com/ethereum/pydevp2p/blob/develop/devp2p/rlpxcipher.py#L221
So this does not need to be checked in hdc_service. There you only check if the RLPxSession.remote_pubkey is whitelisted.
Currently anyone can participate in the network and gets broadcasted all transactions and blocks, i.e. can access the full state.
Task: Add permissioning to the network access.
Solution: Contract equivalent to #63, except that we are now storing the
public_keys of the network of authorized users in the value filed of users. Also we don't needbegin_block. The registrar_address is still an externally owned account address(!).Extend
on_wire_protocol_starthttps://github.com/HydraChain/hydrachain/blob/develop/hydrachain/hdc_service.py#L488 and check ifproto.peer.pub_keyis authorized to connect. If not disconnect the client.Notes: Think about bootstrapping, graceful error messages.