Author

Topic: Oauth2 // API : security issues (Read 166 times)

member
Activity: 60
Merit: 10
October 13, 2017, 08:40:03 PM
#3
this is a very pertinent question and I'd like to know more as well. I haven't had any luck finding information on it anywhere within the forum.  Security is becoming more of a recognized concern within blockchain.
staff
Activity: 3458
Merit: 6793
Just writing some code
October 13, 2017, 08:12:31 PM
#2
Those APIs are not Bitcoin's APIs but rather specific service APIs. This is a problem for services and something for them to deal with, not the Bitcoin network.
jr. member
Activity: 42
Merit: 2
October 13, 2017, 07:18:07 PM
#1
 We are evaluating security risks for our new bitcoin network.  My sense is that the API calls are a real weak point.  I don't see alternatives to Oauth2 and/or API keys. 

  Have others evaluated the relative risks for different protocols?  I'm curious if it makes sense to be more imaginative in our API security or whether there are other API security approaches that have been considered in the community.

  I'm looking over places like:
https://developers.coinbase.com/api/v2
https://www.luno.com/en/api
https://spectrocoin.com/en/integration/spectrocoin.html#/introduction/overview

 In searching the bitcointalk archives, there doesn't seem to have been an extensive discussion of this issue.  Is there a reason not to look more carefully at the entrance/exit of information from the network?
Jump to: