AdamISZ
commented
7 years ago TLS was added in 5d3fbe9a74c009acd83b48f9ed9849bf694ae0a4 although only basic (self-signed cert). Auth still open.
Open AdamISZ opened 8 years ago
AdamISZ
commented
7 years ago TLS was added in 5d3fbe9a74c009acd83b48f9ed9849bf694ae0a4 although only basic (self-signed cert). Auth still open.
roshii
commented
1 year ago I will be working on this one next.
I'm thinking at something similar to https://github.com/bitcoin/bitcoin/blob/master/doc/JSON-RPC-interface.md#security reusing/adapting JMTokenAuthority from https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/1480
As far as I see it, authentication would be applied to both daemon and wallet RPC.
AdamISZ
commented
1 year ago I will be working on this one next.
I'm thinking at something similar to https://github.com/bitcoin/bitcoin/blob/master/doc/JSON-RPC-interface.md#security reusing/adapting
JMTokenAuthorityfrom #1480As far as I see it, authentication would be applied to both daemon and wallet RPC.
Interesting idea to connect these. Look forward to it. At some point there was code to do this with self-signed certs, I'm not sure if it's still functional, because I think there were only a couple of people using it, based on the idea of having jmdaemon on a remove (virtual) machine.
Also, encryption/TLS. Not sure of the right approach here; it looks like it's fairly easy to add credentials to the AMP connection. The connection is currently hardcoded to localhost, but clearly it would be either nice or essential to add security to this inter process communication, depending on how you look at it.