How to authenticate API calls to make sure they are from specific remote contracts #1430
-
I have 1 master reach contract and multiple remote contracts that run independently and report back to main contact by calling API afterwards. currently, it works but there isn't any security enforced on the contracts itself (main contract doesn't restrict the api calls only to the remote contracts). |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
The token idea is clever. You could have the child pay and then get paid back. It is easy to have 1 thing authenticate TO many, because they can know its address and check it with It is hard to have many authenticate TO one, because someone trusted needs to tell the one about the many individually and have the one record it. The one could record with a |
Beta Was this translation helpful? Give feedback.
The token idea is clever. You could have the child pay and then get paid back.
It is easy to have 1 thing authenticate TO many, because they can know its address and check it with
this
.It is hard to have many authenticate TO one, because someone trusted needs to tell the one about the many individually and have the one record it. The one could record with a
Map
.