Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change Rust view service to use token-based authentication mechanism.. #1683

Closed
6 tasks
hdevalence opened this issue Nov 30, 2022 · 1 comment
Closed
6 tasks

Change Rust view service to use token-based authentication mechanism.. #1683

hdevalence opened this issue Nov 30, 2022 · 1 comment
Labels
A-client Area: Design and implementation for client functionality

Comments

@hdevalence
Copy link
Member

Is your feature request related to a problem? Please describe.

See #1556.

Describe the solution you'd like

Following #1682, we should change the Rust implementation of the view service to use the new auth mechanism. This is also an opportunity to clean up the initialization flow.

Currently, we have code that initializes a view server with the user's full viewing key. Instead, we'll now use the auth mechanism as a registration / initialization step:

  • Add an implementation of the ViewAuthService RPC added in Add client authorization to view protocol requests. #1682:
    • Use the SQLite database to record a set of ViewAuthTokens (random 32 byte strings)
    • Handle ViewAuthRequest by checking if there is an FVK in SQLite:
      • if we have not set the FVK, set the FVK to the provided FVK, generate 32 random bytes, save those bytes as a ViewAuthToken, and return it to the client.
      • if we have set the FVK, check if the provided FVK is the existing one (erroring if not), then generate a new ViewAuthToken, save it, and return it to the client.
  • Change the startup logic for the view service so that the worker starts when the FVK is registered, and not before. Remove the existing logic that initializes the view service with an FVK (we'll use registration for that).
  • Change the view service implementation to check request authorization by checking whether the provided ViewAuthToken is a valid one.
  • Change pcli to register with its internal view service on startup. We'll need a way to save state in pcli beyond the view service data, so we can save the auth tokens. We don't currently have any state other than the view service and the custody service, but we'll need it to be able to record viewing keys if we have custody mechanisms that don't allow access to the spending key.

Because of the last point, it's probably worth waiting to make this change until after we have a more flexible custody story for pcli.
@hdevalence hdevalence added A-client Area: Design and implementation for client functionality on hold labels Nov 30, 2022
@hdevalence
Copy link
Member Author

We shouldn't use that mechanism at all, and instead just use normal GRPC auth using bearer tokens, as in https://github.com/hyperium/tonic/blob/master/examples/src/authentication/server.rs

@github-project-automation github-project-automation bot moved this to Testnet 47: Sinope in Testnets Mar 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-client Area: Design and implementation for client functionality
Projects
No open projects
Testnets
Status: Testnet 47: Sinope
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hdevalence