Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix typos #43

Merged
merged 2 commits into from
Sep 23, 2023
Merged

Fix typos #43

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7f419af
fix typos
omahs Sep 22, 2023
0cfce7d
fix typos
omahs Sep 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions API.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,11 +97,11 @@ register_provider: (RegisterProvider) -> ();
The `RegisterProvider` record defines the details about the service to register, including the API key for the service.
* `chain_id`: The id of the Ethereum chain this provider allows to connect to. The ids refer to the chain ids as defined for EVM-compatible blockchains, see, e.g., [ChainList](https://chainlist.org/?testnets=true).
* `base_url`: The URLs of the Web2 service provider that is used by the canister when using this provider.
* `credential_path`: A path containing API key for authorizing requests to this service provider. This part of the path is private to the entity registering it and the canister. It is not exposed in the response of the `get_providers` method. The URL used to access the service is constructed by concatenating the `base_url` and the `credential_path` (without a seperator), e.g., `"https://cloudflare-eth.com"` and `"/my-api-key"`.
* `credential_path`: A path containing API key for authorizing requests to this service provider. This part of the path is private to the entity registering it and the canister. It is not exposed in the response of the `get_providers` method. The URL used to access the service is constructed by concatenating the `base_url` and the `credential_path` (without a separator), e.g., `"https://cloudflare-eth.com"` and `"/my-api-key"`.
* `cycles_per_call`: Cycles charged per call by the canister in addition to the base charges when using this provider.
* `cycles_per_message_byte`: Cycles charged per payload byte by the canister in addition to the base charges when using this provider.

The cycles charged can, for example, be used by the entity providing the API key to amortize the API key costs in the case of commercial API keys. A provider record can be removed by its owner principal or a pricipal with administrative permissions.
The cycles charged can, for example, be used by the entity providing the API key to amortize the API key costs in the case of commercial API keys. A provider record can be removed by its owner principal or a principal with administrative permissions.


### `unregister_provider`
Expand Down
4 changes: 2 additions & 2 deletions DeepDive.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ The API of the canister is specified through a [Candid interface specification](

### API Keys are stored in the canister

Registered API keys are available to IC nodes in plaintext. While the canister memory is not exposed generallly to users, it is available to node providers and to canister controllers. In the future features such as SEV-SNP will enable privacy of canister memory, but until we have those features the API keys should not be considered to be entirely safe from leakage and potential misuse. API key providers should limit the scope of their API keys and monitor usage to detect any misuse.
Registered API keys are available to IC nodes in plaintext. While the canister memory is not exposed generally to users, it is available to node providers and to canister controllers. In the future features such as SEV-SNP will enable privacy of canister memory, but until we have those features the API keys should not be considered to be entirely safe from leakage and potential misuse. API key providers should limit the scope of their API keys and monitor usage to detect any misuse.

### Registered API providers should be aware that each API call will result in one service provider call per node in the subnet and that costs (and payment) is scaled accordingly

Expand All @@ -36,7 +36,7 @@ This canister takes pre-signed transactions e.g. for `eth_sendRawTransaction` an

### JSON is not validated

This canister does not validate the JSON passed to the ETH service. Registered API key providers should be aware of this in case the back end service is vulnerable to a bad JSON request body. Registered API providers should be aware that there are methods in the Ethereum RPC API specification which give access to the ETH node keys. Public service providers tend to block these, but registered API providers should ensure that they are not giving access to private keys or other proviledged operations.
This canister does not validate the JSON passed to the ETH service. Registered API key providers should be aware of this in case the back end service is vulnerable to a bad JSON request body. Registered API providers should be aware that there are methods in the Ethereum RPC API specification which give access to the ETH node keys. Public service providers tend to block these, but registered API providers should ensure that they are not giving access to private keys or other privileged operations.

### Requests sent to service providers are subject to the service provider's privacy policy

Expand Down
Loading