Deny external access to non-personal accounts

hyperledger-iroha / iroha

Iroha - A simple, enterprise-grade decentralized ledger

https://wiki.hyperledger.org/display/iroha

Apache License 2.0

444 stars 277 forks source link

Deny external access to non-personal accounts #5022

Open s8sato opened 2 months ago

s8sato commented 2 months ago

The stronger the trigger authority, the higher the risk of compromise of the corresponding private key. Such a system-side trigger authority should be a system-side account whose ID would be a pseudo public key that completely denies external access at authentication

s8sato commented 1 month ago

This also serves to prevent multisig monopoly: https://github.com/hyperledger/iroha/pull/5027#discussion_r1742295971