We should configure the official v2-services gateway for the merkle-streamer to:
whitelist only sablier.com, vercel.app/com and maybe localhost origins
[or, less safe] include an access token [^1]
It would make externally uploaded files (outside of our hosted backend) work within the airstreams utilities.
Worth mentioning, the biggest advantage and disadvantage at the same time: if people create the campaign programmatically and feed the ID to the contracts, we'll now be able to read that IPFS file, but also be less in control of which files get downloaded and read (meaning someone could simply make us read a 1GB file).
To this point, check #9 for a call-for-research on rate limiting.
[^1]: Important note: these permissions won't be stacked, they'll behave as an if A or Bcondition so it's not worth having both.
Pinata allows us to configure an access control scheme through different options, including access-tokens or whitelisted-origins.
We should configure the official v2-services gateway for the merkle-streamer to:
It would make externally uploaded files (outside of our hosted backend) work within the airstreams utilities.
Worth mentioning, the biggest advantage and disadvantage at the same time: if people create the campaign programmatically and feed the ID to the contracts, we'll now be able to read that IPFS file, but also be less in control of which files get downloaded and read (meaning someone could simply make us read a 1GB file).
To this point, check #9 for a call-for-research on rate limiting.
[^1]: Important note: these permissions won't be stacked, they'll behave as an
if A or B
condition so it's not worth having both.