Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Auth scan service request for authorizing access to a set of keys and their scan results #8202

Closed
Tracked by #7728
arya2 opened this issue Jan 29, 2024 · 5 comments
Closed
Tracked by #7728

Implement Auth scan service request for authorizing access to a set of keys and their scan results #8202

arya2 opened this issue Jan 29, 2024 · 5 comments
Labels
A-blockchain-scanner Area: Blockchain scanner of shielded transactions C-feature Category: New features P-Optional ✨ S-needs-triage Status: A bug report needs triage
Milestone
RPC Interface for...

Comments

@arya2
Copy link
Contributor

arya2 commented Jan 29, 2024
edited
Loading

Motivation

We want a way to:

  • Authenticate RPC clients/users
  • Authorize access to viewing keys and their results

Possible Design

We could add basic username/password authentication for RPC clients before authorizing access to viewing keys and their results:

  • Add an accounts db column where the keys are usernames, and the value is a hashed password + a list of registered keys for the account
  • Accept either a fresh token or a username/password pair in the request
  • Return a list of viewing keys that were registered by that account and a fresh token with the username as the response
  • Prefix the keys in sapling results with usernames
  • Add a config field for allowing unauthenticated requests
@arya2 arya2 mentioned this issue Jan 29, 2024
Closed
@github-project-automation github-project-automation bot moved this to New in Zebra Jan 29, 2024
@arya2 arya2 added S-needs-triage Status: A bug report needs triage C-feature Category: New features A-blockchain-scanner Area: Blockchain scanner of shielded transactions labels Jan 29, 2024
@mpguerra mpguerra moved this from New to Sprint Backlog in Zebra Jan 29, 2024
@oxarbitrage oxarbitrage changed the title Implement CheckForKeyHashes scan service request to check that a set of keys exist in the database Implement CheckForKey scan service request to check that a set of keys exist in the database Feb 1, 2024
@arya2 arya2 closed this as not planned Won't fix, can't repro, duplicate, stale Feb 5, 2024
@github-project-automation github-project-automation bot moved this from Sprint Backlog to Done in Zebra Feb 5, 2024
@arya2 arya2 reopened this Feb 6, 2024
@arya2
Copy link
Contributor Author

arya2 commented Feb 6, 2024

This is for later when we're working on authentication, it may be changed before we start on authentication.

@mpguerra mpguerra moved this from Done to Product Backlog in Zebra Feb 7, 2024
@mpguerra mpguerra moved this from Product Backlog to Sprint Backlog in Zebra Feb 13, 2024
@arya2 arya2 changed the title Implement CheckForKey scan service request to check that a set of keys exist in the database Implement Auth scan service request for authorizing access to a set of keys and their scan results Feb 15, 2024
@arya2 arya2 added S-blocked Status: Blocked on other tasks and removed S-blocked Status: Blocked on other tasks labels Feb 15, 2024
@arya2
Copy link
Contributor Author

arya2 commented Feb 15, 2024

@upbqdn @oxarbitrage Is this design okay, or do we want to do something else?

@upbqdn
Copy link
Member

upbqdn commented Feb 15, 2024

It looks good to me. I was thinking we could write a list of possible solutions in a discussion so that it's easier to tell we're picking the most suitable one. Will I start the discussion outlining the options?

@oxarbitrage
Copy link
Contributor

It looks good to me but i am not sure if that is the simplest way. I will like to do more research before implementing, i don't think we have to decide now.

@mpguerra mpguerra moved this from Sprint Backlog to Product Backlog in Zebra Feb 19, 2024
@upbqdn upbqdn mentioned this issue Feb 21, 2024
Closed
7 tasks
@arya2 arya2 removed their assignment Mar 18, 2024
@mpguerra
Copy link
Contributor

We won't be doing any more work on the scanner

@mpguerra mpguerra closed this as not planned Won't fix, can't repro, duplicate, stale Oct 18, 2024
@github-project-automation github-project-automation bot moved this from Product Backlog to Done in Zebra Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-blockchain-scanner Area: Blockchain scanner of shielded transactions C-feature Category: New features P-Optional ✨ S-needs-triage Status: A bug report needs triage
Projects
Zebra
Status: Done
Milestone
RPC Interface for Zebra Blockchain Sc...
Development

No branches or pull requests
4 participants
@mpguerra @arya2 @upbqdn @oxarbitrage