Skip to content
This repository has been archived by the owner on May 13, 2022. It is now read-only.

server: Improve Raiden identifier #16

Open
ezdac opened this issue Oct 27, 2020 · 0 comments
Open

server: Improve Raiden identifier #16

ezdac opened this issue Oct 27, 2020 · 0 comments
Labels
enhancement New feature or request wontfix This will not be worked on

Comments

@ezdac
Copy link
Contributor

ezdac commented Oct 27, 2020

The usage of Raiden identifier as unique secret tokens is flawed in two ways:

  • first, it is in bruteforce reach, since 64 bit does not provide enough entropy
  • second, the currently used SQLite DB backend does not support unsigned 64 bit integers natively - as a hotfix we restrict the int's to be signed and only chose values in the 63 bit positive range

https://github.com/raiden-network/paywall/blob/c84e5407f60e5316dd477ca4a9bbf89ad2749c00/server/src/raiden_paywall/flask_raiden.py#L382-L395
@ezdac ezdac added enhancement New feature or request wontfix This will not be worked on labels Oct 27, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ezdac