Hi @NHS,
As Zoltan said, we don’t perform reviews of smart contracts for companies outside our grant programme. However, if you have more concrete concerns about specific sections in your smart contract, then we can certainly take a look. If you choose to do so, then please also include some context about what the expected behaviour is and how it fits into the bigger picture of the smart contract or system.
As for the security of a node on mainnet, there are a few things to be aware of regarding the gRPC interfaces.
The node currently supports two gRPC interfaces, the old, v1, and the new, v2.
The old interface is still used by several of our tools, including the NodeJS SDK and Concordium Client, but we are working on migrating them to v2.
The primary concern here is that the node can be shut down via either of the gRPC interfaces and the node can also be DDOS’ed if either of the gRPC interfaces is made public.
By default, the node only runs the gRPC v1 interface. gRPCv2 can be enabled with the --grpc2-*
named arguments to the node binary (or CONCORDIUM_NODE_GRPC2_*
environment variables). You can run concordium-node --help
for more info.
Protecting the gRPC v1 interface
Here are some different options, some of which can be combined:
- Disable the interface with
--no-rpc-server
if you don’t need it. (The Rust SDK can use the v2 interface)
- Don’t make the interface publicly accessible (you could also protect it behind a VPN)
- Limit the number of requests via a proxy or similar. (Protects against DDOS but not the node shutdown).
We recently added a feature that allows you just to disable the node management endpoints in gRPC v1 (including the shutdown). We have not made a release with this feature yet, but it will be included in the next release. If you urgently need it, you can build the node yourself, or we can build it for you.
Protecting the gRPC v2 interface
Here are some different options, some of which can be combined:
- Don’t enable the v2 interface (the default behaviour of the node).
- Don’t make the interface publicly accessible (you could also protect it behind a VPN)
- Limit the number of requests via a proxy or similar. (Protects against DDOS but not the node shutdown).
- The specific endpoints available in v2 can be configured easily, as described in this document.
I hope this clarifies what steps you may take towards a more secure setup. Feel free to ask more questions or, as I said, ask specific questions regarding your smart contract.
Have a pleasant day.
Best regards,
/ Kasper