[bisq-network/bisq] [WIP] Enable rpc TLS and macaroon authentication (#4129)

[Chris Beams]

@ghubstan, I've taken a look at this and run it for myself. At this point it seems like the macaroon approach is simply too complex for any benefit it might bring. I feared this might be the case. Incidentally, I overheard a conversation the other day that the LND team has never actually used any of the more advanced aspects of macaroons prior to the recent announcement of [Lightning Service Authentication Tokets (LSAT)](https://lightning.engineering/posts/2020-03-30-lsat/), which is something that Bisq would have no analog for.

I realize this was probably quite a bit of effort to put this PR together, but it confirms my fear that this kind of auth approach may simply be too heavy with little real benefit. It's not only heavy from an implementation point of view, but from a usage point of view. The `bitcoin-cli` basic auth model is familar to everyone, and doing things with certs in this kind of context is not obvious at all.

At this point I'd like to shift gears and try implementing basic auth in gRPC after all. Like with bitcoind, we should make it clear that Bisq's RPC API is not suitable for exposure to the open internet. Instead, we would assume and encourage that any non-localhost access of Bisq's RPC API should happen via Tor. This is natural enough, given that Bisq is Tor-based already.

Would you be willing to take a cut at implementing basic auth (in a separate PR)? I'm happy to get together and talk about this as well, if you have any concerns.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/pull/4129#issuecomment-616511150
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20200420/3e8c2294/attachment.html>