Skip to content

gRPC API exposed without authentication #138

New issue
New issue
Open
#145
Open
gRPC API exposed without authentication#138
#145
@kwsantiago

Description

@kwsantiago
kwsantiago
opened on Nov 25, 2025

Description

  • gRPC server binds to 0.0.0.0:3030 without any authentication
  • All wallet and contract operations exposed

Fix

  • Add API key authentication middleware
  • Allow configurable bind address (default to 127.0.0.1)
  • Document authentication setup

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions