Epic: Authorization #9128

iAmMichaelConnor · 2024-10-09T16:47:35Z

Areas for authentication:

The PXE should prevent apps from accessing other apps' secrets via oracle calls
The PXE should check whether the code about to be run actually does belong to a particular contract address
The PXE might need to call back to a user/wallet/dapp to ask "Hey, this contract address needs this capsule data to continue provide it at your own risk"
The PXE might need to convey to a dapp "Hey, I've simulated this tx and here are the details, here's what's going to be made public, and it's going to cost this much"
The dapp says to the wallet "Please sign this mysterious message".
The dapp says to the wallet "Please sign this mysterious transaction"

Give feedback

Preventing apps from accessing other apps' states.
Preventing apps from accessing other accounts' states.
Epic: Simulating Simulations #9133

0 of 5

C-aztec.js C-aztec.nr T-epic team-fairies
Securing secret data.
Using hardware wallet to seed keys' randomess.
feat(AuthWit): Allow generating authwits on the fly #3745

T-feedback team-fairies
Options

iAmMichaelConnor added the T-epic label Oct 9, 2024

iAmMichaelConnor added this to the TestNet milestone Oct 9, 2024

rahul-kothari removed this from the TestNet milestone Oct 11, 2024

iAmMichaelConnor added the A-security Area: Relates to security. Something is insecure. label Oct 23, 2024

iAmMichaelConnor added this to A3 Oct 28, 2024

github-project-automation bot moved this to Todo in A3 Oct 28, 2024

Provide feedback