Skip to content
This repository was archived by the owner on Aug 23, 2020. It is now read-only.

IRI should behave according to API specs to allow validation of commands #853

Closed
georgmittendorfer opened this issue Jul 7, 2018 · 2 comments
Closed

IRI should behave according to API specs to allow validation of commands #853

georgmittendorfer opened this issue Jul 7, 2018 · 2 comments

Comments

@georgmittendorfer
Copy link
Contributor

georgmittendorfer commented Jul 7, 2018
edited
Loading

Bug description

IRI should behave according to API specs to allow validation of commands and make (D)DOS and accidental API misuse harder and punish clients that do not adhere to the API contract.

There are API docs but IRI does not follow the contract of this API and allows commands that are invalid according to docs. Furthermore the API docs are not accurate and not complete.

Motivation

On one hand the missing validation allows to (D)DOS IRI.

On the other hand clients (light-wallet, trinity) that rely on the current reference implementation do not need to make 'correct' requests and that leads to the problem that factual behavior differs from specification. 3rd party software isn't able to create an implementation that is compatible with these clients and does input validation.

Actual behavior

IRI does not punish input that violates the contract and/or doesn't make sense.

Expected behaviour

To make validation possible it is necessary to

  • Fix the API docs
    • Partly wrong
    • Not complete (some commands missing)
    • Inaccurate (does required mean not null or not empty?)
  • Do not allow certain commands that do not make sense, e.g. empty getTrytes command.
  • Make IRI validate some commands or document what validations should be done in a proxy in front of IRI.

To make some types of (D)DOS (distribution is not even necessary) harder it might be useful to

  • Find reasonable limits for parameters of certain commands. E.g. the number of values that can be passed as an array.

Am I planning to do it myself with a PR?

As this is a strategical issue I cannot make a PR for this without a lot of communication. Change needs to be synchronized with wallet development. Therefore I guess it would be better to solve this within the development team. But I am willing to help, if required/wanted.

Comment

I already tried to validate some input in my private proxy in front of my nodes but couldn't do it because of the gap between the API docs, IRI behaviour and wallet behaviour. My current validation can be found there: command package - from some comments in the code you can infer the gaps between wallet behaviour and API docs. Most invalid requests are made from wallets with new seeds.
@georgmittendorfer
Copy link
Contributor Author

georgmittendorfer commented Jul 10, 2018
edited
Loading

Related/solving some of the issues: #760, #854, #823

@georgmittendorfer
Copy link
Contributor Author

Closed issue as it is too broad

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@georgmittendorfer