Skip to content
This repository has been archived by the owner on Nov 6, 2020. It is now read-only.

SecretStore: ability to identify requester via Public/Address #7886

Merged
merged 2 commits into from
Mar 19, 2018
Merged

SecretStore: ability to identify requester via Public/Address #7886

merged 2 commits into from
Mar 19, 2018

Conversation

svyatonik
Copy link
Collaborator

In client sessions via HTTP requester (the one who queries/creates the server/document key) is always 'identified' by passing signature of server key id as the parameter.
While working with service contract, we can determine requester' address from msg.sender and it seems counter-productive to ask for another identification data (another security-related reason: everyone could intercept/read the signature from transaction and use it in HTTP API if available). So in service contract we will use msg.sender where possible and ask for full sender' public when required. In details:

  1. when generating server key: only msg.sender is required to remember in SS db and then authorize the same sender to store linked document key
  2. when storing document key: only msg.sender is required
  3. when querying document key AND when signing using server key: we also need the full public of msg.sender (to encrypt returned data). The contract will be responsible to check that address(public) = msg.sender

@svyatonik svyatonik added A0-pleasereview 🤓 Pull request needs code review. M4-core ⛓ Core client code / Rust. labels Feb 14, 2018
@5chdn 5chdn added this to the 1.10 milestone Feb 14, 2018
@svyatonik svyatonik mentioned this pull request Feb 14, 2018
Merged
@5chdn 5chdn modified the milestones: 1.10, 1.11 Mar 1, 2018
@5chdn 5chdn modified the milestones: 1.11, 1.12 Mar 1, 2018
@5chdn 5chdn added the P5-sometimesoon 🌲 Issue is worth doing soon. label Mar 1, 2018
folsen
folsen approved these changes Mar 13, 2018
View reviewed changes
Copy link
Contributor

@folsen folsen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks pretty straightforward refactor to me, also really like the ability to have more ways to identify a requester.

@debris debris added A8-looksgood 🦄 Pull request is reviewed well. and removed A0-pleasereview 🤓 Pull request needs code review. labels Mar 19, 2018
@debris debris merged commit a691577 into master Mar 19, 2018
@debris debris deleted the secretstore_requester branch March 19, 2018 05:42
General-Beck added a commit that referenced this pull request Mar 19, 2018
@General-Beck
Revert "SecretStore: ability to identify requester via Public/Address (
dc18426 
…#7886)"

This reverts commit a691577.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@debris debris debris approved these changes

@folsen folsen folsen approved these changes

Assignees
No one assigned
Labels
A8-looksgood 🦄 Pull request is reviewed well. M4-core ⛓ Core client code / Rust. P5-sometimesoon 🌲 Issue is worth doing soon.
Projects
None yet
Milestone
1.11 Prosperity
Development

Successfully merging this pull request may close these issues.
4 participants
@svyatonik @folsen @debris @5chdn