Skip to content

feat(gateway): Authentication RPC#267

Open
Karrq wants to merge 10 commits intorefactor/devexfrom
feat/portal-auth
Open

feat(gateway): Authentication RPC#267
Karrq wants to merge 10 commits intorefactor/devexfrom
feat/portal-auth

Conversation

@Karrq
Copy link
Collaborator

@Karrq Karrq commented Dec 17, 2025

This PR aims to add an authentication RPC endpoint to the gateway, allowing the Portal to communicate to it without sharing a JWT thru external services.

This is done using based_authenticateProposer (name pending) which simply releases a JWT which can be used to access the rest of the endpoints of the gateway.

The gateway supports multiple active JWTs, to allow multiple portals to talk to it, and the portal also supports a JWT per gateway, imposing no restrictions on the number of authenticated gateways to which the portal is connected.

TODO:

  • Tests

Karrq added 3 commits December 17, 2025 21:03
@Karrq
feat(gateway): portal authentication
045c768 
feat(portal): gateway authentication
fix(registry): remove JWT
feat(gateway): HTTP & RPC auth layers
refactor(portal): dedicated gateway client module
@Karrq
chore: fmt
5f89bfe
@Karrq
chore: clippy
8053316
mempirate
mempirate reviewed Dec 18, 2025
View reviewed changes
mempirate
mempirate requested changes Dec 18, 2025
View reviewed changes
Copy link
Collaborator

@mempirate mempirate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, first pass

@Karrq Karrq requested a review from mempirate December 18, 2025 15:33
mempirate
mempirate approved these changes Dec 18, 2025
View reviewed changes
Copy link
Collaborator

@mempirate mempirate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mempirate mempirate linked an issue Dec 19, 2025 that may be closed by this pull request
Gateway: Add Portal authentication RPC #263
Open
BrycePy
BrycePy reviewed Dec 23, 2025
View reviewed changes
based/crates/rpc/src/auth.rs
let valid_from = Duration::from_secs(valid_from);
let valid_from = SystemTime::UNIX_EPOCH + valid_from;

// TODO: add authorization logic, verifying challenger may authenticate with this gateway
Copy link
Contributor

@BrycePy BrycePy Dec 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be a check against an address in the GatewayArgs for now. something like auth_allowed_challenger.

@BrycePy BrycePy mentioned this pull request Dec 23, 2025
Open
@BrycePy BrycePy linked an issue Dec 23, 2025 that may be closed by this pull request
Authentication RPC Failed after a few block #276
Open
Karrq added 2 commits December 31, 2025 14:34
@Karrq
Merge branch 'refactor/devex' into feat/portal-auth
21fd9c0
@Karrq
fix: use custom jwt validation
3e9bd61 
fix: remove gateway.address arg, use gossip key as "gateway address"
refactor: cleanup scripts and compose files
@Karrq Karrq mentioned this pull request Dec 31, 2025
Draft
@Karrq
fix(portal): automatic gateway reauth
5214612 
deps: portal-auth based-op-node
chore: fmt and unused imports
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BrycePy BrycePy BrycePy left review comments

@mempirate mempirate mempirate approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Authentication RPC Failed after a few block Gateway: Add Portal authentication RPC

3 participants

@Karrq @mempirate @BrycePy