Skip to content
This repository has been archived by the owner on May 24, 2022. It is now read-only.

Proposal to add an ability to restrict some JSON RPC API methods #647

Open
varasev opened this issue Apr 19, 2022 · 1 comment
Open

Proposal to add an ability to restrict some JSON RPC API methods #647

varasev opened this issue Apr 19, 2022 · 1 comment

Comments

@varasev
Copy link
Contributor

varasev commented Apr 19, 2022

In some cases we may need to close some API methods leaving others available. For example, for enabled eth namespace we could restrict eth_sendTransaction.

I'd propose to add

--jsonrpc-restricted-methods

CLI option (and a similar --ws-restricted-methods for WebSocket connections).

The method names are comma-separated, e.g.:

--jsonrpc-restricted-methods="eth_sendTransaction,eth_accounts"

Such an option would close access for the listed methods for all network interfaces and ports. I think we don't need to delimit them by ip/port.

If --ws-restricted-methods is not defined, its value would be implicitly taken from --jsonrpc-restricted-methods for the case when a user forgot to restrict the same methods for WebSockets (and vice versa).
@varasev varasev mentioned this issue Apr 20, 2022
Closed
@varasev
Copy link
Contributor Author

varasev commented Apr 21, 2022

UPD: probably, it's better to make an opposite behaviour like it's implemented in Nethermind in CallsFilterFilePath option which whitelists approved JSON RPC methods.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
Wishlist
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
1 participant
@varasev