Authorization and Authentication #3170
Replies: 2 comments 2 replies
-
@MOHANKUMAR-IT Limit peer connections to a known allowlist based on PeerIDs, rather than relying solely on certificates and implement basic certificate revocation by maintaining a blocklist of revoked PeerIDs that your nodes check before accepting connections. If you want extra security without overcomplicating things, you can introduce a simple pre-shared secret (PSK) check before establishing secure connections. I hope it helps :) |
Beta Was this translation helpful? Give feedback.
-
I think what you need is PNet: https://github.com/libp2p/go-libp2p/blob/master/options.go#L210 Though all such methods will depend on not leaking the private keys ever. |
Beta Was this translation helpful? Give feedback.
-
im building p2p for private network, have implemented custom SecureTransport that uses certificate signed by self signed certificate and check if other peers certificate contains this self signed certificate in its chains i.e RootCA else it denies the connection.
Now the certificates still needs to kept safe else some actor with a compromised system can get the certificate and get into the network.
any ideas how i can secure the network here , we should secure both internal (compromised system) and external attacks .
Beta Was this translation helpful? Give feedback.
All reactions