onionltd
/
monero-multisig-broker
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Generate secret for the manager account

Browse Source 
The secret contains a token which the manager can send anyone who will
be in position of moderating the "discussion" but remain without access
to the manager credentials.
master
Onion Ltd 4 years ago
parent 70e1dafeaa
commit c4566b07e2
Signed by: onionltd
GPG Key ID: E4B6CAC49B242A44
3 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File

7
README.md
Unescape View File

@ -23,6 +23,13 @@ The script uses hardcoded ("admin:pass" credentials), if you changed it, do the
```
$ ./utils/create_topic.sh bob_buyer vendy_vendor
{
"admin": {
"host": "localhost:8080",
"topic": "6b7d9e1e-17be-17af-cbfd-0277f5fce77e",
"token": "2H1ke56p4LFoGvflS0"
}
}
{
"bob_buyer": {
"host": "localhost:8080",

10
server.go
Unescape View File

@ -3,6 +3,7 @@ package main
import (
"encoding/base32"
"encoding/json"
"fmt"
"git.wownero.com/onionltd/monero-multisig-broker/members"
"git.wownero.com/onionltd/monero-multisig-broker/messagelog"
"github.com/hashicorp/go-uuid"
@ -80,6 +81,15 @@ func (s *server) handleInitMultisig() echo.HandlerFunc {
// TODO: validate input!
// Check if input contains manager's username
managerNickname := s.config.ManagementCredentials.Username()
if _, ok := in.Members[managerNickname]; ok {
return c.JSON(http.StatusBadRequest, map[string]interface{}{
"error": fmt.Sprintf("username %s already taken", managerNickname),
})
}
in.Members[managerNickname] = member{}
topic, err := uuid.GenerateUUID()
if err != nil {
return c.JSON(http.StatusInternalServerError, map[string]interface{}{

6
utils/create_topic.sh
Unescape View File

@ -1,13 +1,17 @@
#!/bin/bash
USERNAME="admin"
PASSWORD="pass"
if [ $# -lt 2 ]; then
echo "Usage: $0 <nickname> <nickname>"
exit 1
fi
response="$(curl -u admin:pass -s -X POST -H "Content-Type: application/json" \
response="$(curl -u $USERNAME:$PASSWORD -s -X POST -H "Content-Type: application/json" \
--data '{"members": {"'$1'":{}, "'$2'":{}}}' \
http://localhost:8080/api/v1/multisig)"
echo $response | jq -r .secrets.$USERNAME | base32 -d | jq '. | {"'$USERNAME'": .}'
echo $response | jq -r .secrets.$1 | base32 -d | jq '. | {"'$1'": .}'
echo $response | jq -r .secrets.$2 | base32 -d | jq '. | {"'$2'": .}'

Write Preview
Loading…
Cancel
Save