From bdd1600d9567d3add65d64c8da5ed73f96627d1b Mon Sep 17 00:00:00 2001 From: Alfredo Garcia Date: Thu, 24 Oct 2024 18:41:35 -0300 Subject: [PATCH 1/3] update documentation related auth cookie method for rpcs in the zebra book --- book/src/user/lightwalletd.md | 5 +++++ book/src/user/mining-testnet-s-nomp.md | 2 ++ book/src/user/mining.md | 10 +++++++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/book/src/user/lightwalletd.md b/book/src/user/lightwalletd.md index 1e6047280be..744ee7d93f9 100644 --- a/book/src/user/lightwalletd.md +++ b/book/src/user/lightwalletd.md @@ -46,6 +46,8 @@ for Zebra is: - `8232` for Mainnet, and - `18232` for Testnet. +Starting with Zebra v2.0.0, a cookie authentication method like the one used by the `zcashd` node is enabled by default. However, lightwalletd currently [does not support cookie authentication](https://github.com/zcash/lightwalletd/blob/master/docs/docker-compose-setup.md#edit-the-two-zcashconf-files), so we need to disable this authentication method to use Zebra as a backend for lightwalletd. + For example, to use Zebra as a `lightwalletd` backend on Mainnet, give it this `~/.config/zebrad.toml`: @@ -56,6 +58,9 @@ listen_addr = '127.0.0.1:8232' # automatically use multiple CPU threads parallel_cpu_threads = 0 + +# diable cookie auth +enable_cookie_auth = false ``` **WARNING:** This config allows multiple Zebra instances to share the same RPC port. diff --git a/book/src/user/mining-testnet-s-nomp.md b/book/src/user/mining-testnet-s-nomp.md index c33033ce718..61f236fbcb3 100644 --- a/book/src/user/mining-testnet-s-nomp.md +++ b/book/src/user/mining-testnet-s-nomp.md @@ -13,6 +13,7 @@ These fixes disable mining pool operator payments and miner payments: they just - change the `network.network` config to `Testnet` - add your testnet transparent address in `mining.miner_address`, or you can use the ZF testnet address `t27eWDgjFYJGVXmzrXeVjnb5J3uXDM9xH9v` - ensure that there is an `rpc.listen_addr` in the config to enable the RPC server + - disable the cookie auth system by changing `rpc.enable_cookie_auth` to `false` Example config:
@@ -48,6 +49,7 @@ These fixes disable mining pool operator payments and miner payments: they just debug_force_finished_sync = false parallel_cpu_threads = 1 listen_addr = '127.0.0.1:18232' + enable_cookie_auth = false [state] cache_dir = '/home/ar/.cache/zebra' diff --git a/book/src/user/mining.md b/book/src/user/mining.md index fd593096012..01bb9ad7dc7 100644 --- a/book/src/user/mining.md +++ b/book/src/user/mining.md @@ -80,8 +80,16 @@ Wait until zebra is in sync, you will see the sync at 100% when this happens: The easiest way to check your setup is to call the `getblocktemplate` RPC method and check the result. +Starting with Zebra v2.0.0, a cookie authentication method similar to the one used by the `zcashd` node is enabled by default. The cookie is stored in the default cache directory when the RPC endpoint starts and is deleted at shutdown. By default, the cookie is located in the cache directory; for example, on Linux, it may be found at `/home/user/.cache/zebra/.cookie`. You can change the cookie's location using the `rpc.cookie_dir` option in the configuration, or disable cookie authentication altogether by setting `rpc.enable_cookie_auth` to false. The contents of the cookie file look like this: + +``` +__cookie__:YwDDua GzvtEmWG6KWnhgd9gilo5mKdi6m38v__we3Ko= +``` + +The password is an encoded, randomly generated string. You can use it in your call as follows: + ```console -$ curl --silent --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getblocktemplate", "params": [] }' -H 'Content-type: application/json' http://127.0.0.1:8232/ | jq +$ curl --silent --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getblocktemplate", "params": [] }' -H 'Content-type: application/json' http://__cookie__:YwDDuaGzvtEmWG6KWnhgd9gilo5mKdi6m38v__we3Ko=@127.0.0.1:8232/ | jq ``` If you can see something similar to the following then you are good to go. From 292cfc354910a6d9633e72710cc10a4eb26be068 Mon Sep 17 00:00:00 2001 From: Arya Date: Thu, 24 Oct 2024 18:38:00 -0400 Subject: [PATCH 2/3] Update book/src/user/lightwalletd.md --- book/src/user/lightwalletd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/src/user/lightwalletd.md b/book/src/user/lightwalletd.md index 744ee7d93f9..59ce56c17e7 100644 --- a/book/src/user/lightwalletd.md +++ b/book/src/user/lightwalletd.md @@ -59,7 +59,7 @@ listen_addr = '127.0.0.1:8232' # automatically use multiple CPU threads parallel_cpu_threads = 0 -# diable cookie auth +# disable cookie auth enable_cookie_auth = false ``` From 6ddddf531b87104021c5c3c2cfdf5e8cbbeef63b Mon Sep 17 00:00:00 2001 From: Alfredo Garcia Date: Fri, 25 Oct 2024 09:36:32 -0300 Subject: [PATCH 3/3] update rpc auth statement --- book/src/user/lightwalletd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/book/src/user/lightwalletd.md b/book/src/user/lightwalletd.md index 59ce56c17e7..0d862747822 100644 --- a/book/src/user/lightwalletd.md +++ b/book/src/user/lightwalletd.md @@ -46,7 +46,7 @@ for Zebra is: - `8232` for Mainnet, and - `18232` for Testnet. -Starting with Zebra v2.0.0, a cookie authentication method like the one used by the `zcashd` node is enabled by default. However, lightwalletd currently [does not support cookie authentication](https://github.com/zcash/lightwalletd/blob/master/docs/docker-compose-setup.md#edit-the-two-zcashconf-files), so we need to disable this authentication method to use Zebra as a backend for lightwalletd. +Starting with Zebra v2.0.0, a cookie authentication method like the one used by the `zcashd` node is enabled by default for the RPC server. However, lightwalletd currently [does not support cookie authentication](https://github.com/zcash/lightwalletd/blob/master/docs/docker-compose-setup.md#edit-the-two-zcashconf-files), so we need to disable this authentication method to use Zebra as a backend for lightwalletd. For example, to use Zebra as a `lightwalletd` backend on Mainnet, give it this `~/.config/zebrad.toml`: