Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PK Authentication #21

Open
cryptoquick opened this issue Mar 7, 2023 · 1 comment
Open

PK Authentication #21

cryptoquick opened this issue Mar 7, 2023 · 1 comment
Assignees
@cryptoquick

Comments

@cryptoquick
Copy link
Member

This will authenticate a user by their public key.

GET /id - Gets the node public key

This is then signed, which is then used as a bearer token.

Both the pk and sig are provided as a bearer token, hex-encoded, joined by :

The token is authenticated by the client's public key it signs for.

This may require some Axum middleware. We'll also need to look into middleware in order to cache certain things, like pk generation.
@cryptoquick cryptoquick self-assigned this May 6, 2023
@cryptoquick
Copy link
Member Author

An example of the id part is here:
https://github.com/diba-io/bitmask-core/blob/5208db0af61dc4ee124d6387b9542b540c89630e/src/bin/bitmaskd.rs#L191-L201

An example of the shared secret being used for bearer auth:
https://github.com/diba-io/bitmask-core/blob/5208db0af61dc4ee124d6387b9542b540c89630e/src/bin/bitmaskd.rs#L30-L51

This does not actually include a verification step, so that will need to be added.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cryptoquick cryptoquick

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cryptoquick