Author: Christian Decker 2023-09-08 14:50:55+00:00
Published on: 2023-09-08T14:50:55+00:00
The email discusses an interesting proposal for implementing a system using runes. The idea is to have the rune managed by a hardware wallet and commit the rune used to authenticate an RPC call commit to the call's payload. This approach ensures that a potentially compromised client cannot authenticate arbitrary calls, as the hardware wallet is required to associate a rune with it, allowing for review.The authentication of RPC calls in this proposal is similar to how it works in greenlight, where the node host is not trusted. In greenlight, authenticated commands are passed forward to the signer for verification before processing any signature request from the node. The decision to authenticate the payload instead of the transport (as done in partonnere) removes the need for a direct connection and provides flexibility in delivering commands.In summary, the proposal suggests using runes managed by a hardware wallet to authenticate RPC calls. This approach prevents unauthorized calls and adds flexibility to command delivery. It is similar to the authentication process in greenlight, where commands are reviewed before signature requests are processed.
Updated on: 2023-09-09T01:49:50.158333+00:00