forest

forest copied to clipboard

Issue summary

Currently we block on CLI input for passphrase. We need to concurrently spawn a mini HTTP JSON-RPC server so the node can be unlocked via an HTTP request (either via Curl or submitted via the Forest CLI when invoked by a script, especially remotely)

ACs

• [ ] Forest.EncUnlock can be called to bypass CLI password entry when the daemon is started with the encrypt_keystore option enabled.
• [ ] Forest CLI has a command, forest auth unlock that allows either a command line argument, or if none is passed, invokes read_password. This will allow for scripted and remote unlock use-cases.
• [ ] Detects whether HTTPS protocol has been used to call this endpoint via the XFP header, fails if the connection is unencrypted.
• [ ] A separate port must be used, for security purposes.

Other information and links

• This can either be solved by starting a miniature, temporary, single method tide server and jsonrpc_v2 combination that's separate from the full-fledged RPC server, or, the entire RPC server can be started concurrently, with the assumption that no other RPC method will be called without the keystore being unlocked. This mini RPC server will have a single Forest.EncUnlock method, and stop it once the keystore is decrypted. It will also need to use a separate port than the regular RPC API, for security purposes.

Honestly, I'm not 100% sure how this can be implemented securely. That's because someone could try bruteforcing the endpoint. If a community member has an idea as to a use-case and a decent way for us to do it, I'd be interested in knowing more. For now, I'm gonna close this.

Wait, no, I thought of an idea. The mini-server could have a separate port, which can easily be firewalled.

We'll use a different architecture: https://github.com/ChainSafe/forest/discussions/2274