Security: Impossible to set owner API secret different from node API secret which can result in stolen coins #203
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The wallet owner API appears to utilize the config option "node_api_secret_path" and this is also used for the API secret for the node path that is used.
The consequence of this is that the owner API must have the same secret as the node API. Absent this the owner server cannot access the node as it has no valid credentials. This is especially dangerous if someone uses a remote grin node. It appears requests are made over HTTP non-encrypted, so anyone could get the API secret that a wallet was sending to a remote node.
If the wallet owner API was on a public facing port, they could then utilize that same secret to control the users wallet and thus steal their coins.
The fix for this would of course to utilize "api_secret_path" as the secret path for the wallet owner API. Thus the secret used for the node and the wallet owner API are different.
The text was updated successfully, but these errors were encountered: