foundry-rs
feat(`anvil`): add the ability to disable specific RPC methods and cheatcodes in Anvil
Component
Anvil
Describe the feature you would like
Description:
Currently, Anvil provides a robust set of RPC methods, including several non-standard methods that are extremely useful for development and testing. However, in certain scenarios, especially in environments that require stricter security and control, it would be beneficial to have the ability to disable specific RPC methods to prevent unintended use or tampering.
Motivation:
The ability to disable specific RPC methods would allow users to:
Ensure that certain RPC methods, which could be potentially dangerous in a controlled environment (e.g., anvil_reset, anvil_autoImpersonateAccount), are not accessible. Improve security in environments where strict RPC method control is necessary. Provide more granular control over the Anvil node configuration, aligning it with more restrictive deployment requirements. Proposed Solution:
Introduce a configuration option, either via a command-line argument or a configuration file, that allows users to specify a list of RPC methods to disable when starting the Anvil node. This could be implemented as follows:
A command-line argument such as --disable-rpc-methods "method1,method2" to disable specific methods. Alternatively, a configuration file option where users can list methods to be disabled.
Additionally, as requested in #8699 it would be beneficial to disable certain cheatcodes from being used in Anvil.
Additional context
No response
I think that's better (and easy achievable) with a proxy like nginx in front of anvil server
I was thinking of adding an option to Anvil named something like --safe-rpc-mode, which would essentially block any RPC method that is not described in the standard Ethereum JSON-RPC API. This would, therefore, block:
anvil_*evm_*hardhat_*
Among others.
Merging https://github.com/foundry-rs/foundry/issues/8699 in here, updated the title
