huskies: create 480_story_cryptographic_node_auth_for_distributed_mesh
This commit is contained in:
dave
@@ -0,0 +1,21 @@
|
||||
---
|
||||
name: "Cryptographic node auth for distributed mesh"
|
||||
---
|
||||
|
||||
# Story 480: Cryptographic node auth for distributed mesh
|
||||
|
||||
## User Story
|
||||
|
||||
As a user running a distributed huskies mesh, I want nodes authenticated by Ed25519 keypairs so only trusted machines can join and see pipeline state.
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- [ ] Each node has an Ed25519 keypair (generated on first run or via CLI command)
|
||||
- [ ] Trusted nodes defined by a list of known public keys in config
|
||||
- [ ] Nodes authenticate on WebSocket connect by signing a challenge
|
||||
- [ ] CRDT node ID derived from public key (already built into bft-json-crdt crate)
|
||||
- [ ] Unauthorised nodes rejected on connect
|
||||
|
||||
## Out of Scope
|
||||
|
||||
- TBD
|
||||
Reference in New Issue
Block a user