[c-lightning] rpc command whitelist

William Casarin jb55 at jb55.com
Thu Jan 3 00:31:44 AEDT 2019

ZmnSCPxj <ZmnSCPxj at protonmail.com> writes:

> It seems to me that a proxy would do much better here. In theory, a
> good part of our plugin work could be done via such a proxy instead.
> It may be useful to isolate the command bus as a separate component or
> process, that we could spawn multiple of, with various policies.

Yeah after throwing around some ideas with Christian and others I think
we determined some type of macaroon-based authentication scheme might be
best. I also realized in the meantime that I am going to need more than
a whitelist. To isolate withdrawals the pay command will need to
authenticate the user's password and two-factor token.



More information about the c-lightning mailing list