fix: Enforce strict tier-based access control for node endpoints
Access control hierarchy:
- Anonymous (free): db-sync read-only ONLY, no node access
- Standard (≥50 TRP): db-sync + node read (UTxOs, protocol-params)
- Elevated (≥500 TRP): everything + tx submit
- Master: unrestricted
Node endpoints now return HTTP 403 for insufficient tier:
- GET /v1/address/{addr}/utxos → requires standard+
- GET /v1/protocol-params → requires standard+
- POST /v1/tx/submit → requires elevated+ (403 for standard/anonymous)
Added require_standard_tier and require_elevated_tier dependencies.
This commit is contained in:
parent
163de03322
commit
d5fbec496f
2 changed files with 61 additions and 14 deletions
|
|
@ -5,7 +5,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
|||
curl \
|
||||
ca-certificates \
|
||||
libsodium23 \
|
||||
libsecp256k1-1 \
|
||||
libnuma1 \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue