SDP 0.9.1: include documentation for the Anchor Platform's security-related SEP10 fields, and update documentation for its ASSET_VALUE field - Githubissues

stellar / helm-charts

Helm charts for deploying SDF maintained software

3 stars 12 forks source link

SDP 0.9.1: include documentation for the Anchor Platform's security-related SEP10 fields, and update documentation for its ASSET_VALUE field #63

Closed marcelosalloum closed 11 months ago

marcelosalloum commented 11 months ago

What

Add documentation about the SDP's Anchor Platform instance fields that are meant to improve the SEP10 security:

SEP10_CLIENT_ATTRIBUTION_REQUIRED, recommended to be set to true
SEP10_CLIENT_ATTRIBUTION_ALLOW_LIST, if the previous one is set to true, this one will need to be manually kept up to date with a comma-separated list of client domains allowed to make SEP-10 requests.

Also, update the documentation of AP's ASSETS_VALUE to make it clear that it also needs to be manually kept up to date.

Why

Replicating the change from https://github.com/stellar/stellar-disbursement-platform-backend/pull/16