The Pactus Blockchain offers a gRPC interface, enabling users to interact with both the blockchain and its native wallet. To enhance the security of gRPC APIs, we have implemented a Basic Authentication mechanism. This approach aims to provide a straightforward yet effective means for authenticating clients accessing the APIs.
Note: This mechanism secures gRPC, gRPC gateway, and HTTP communications.
To enable basic authentication, you need to generate basic authentication credentials using an online tool or a predefined utility.
Example Format:
username: foo
password: bar
result: foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda
htpasswd tool from Apache.htpasswd command-line tool to generate a bcrypt-hashed password. Here’s the general syntax:htpasswd -bnBC 10 <username> <password>
-b: Use the command line to provide the password.-n: Output the hashed password to the console rather than updating a file.-B: Force the use of the bcrypt encryption algorithm.-C cost: Set the cost factor for the bcrypt algorithm. Higher values result in slower hashing but are more secure.username: The username for which you are generating the password.password: The password you wish to hash.Example:
htpasswd -bnBC 10 user pass
This process results in a bcrypt-hashed password that can be used for basic authentication.
To generate basic authentication credentials, you can use the following form to create a hashed credential.
config.toml file in your Pactus directory.C:\Users\{user}\pactus/home/{user}/pactusbasic_auth_credential field in the config file.[grpc]
enable = true
enable_wallet = false
listen = "127.0.0.1:50051"
basic_auth_credential = "foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda"