Further work on whitelisting attachments by public key

Description

The PR that describes the current design of whitelisting attachments by public keys, and the proposed changes for Corda 5, can be found here: https://github.com/corda/enterprise/pull/2191.

A summary of the proposed changes:

  • Update the logic that establishes what attachments are trusted to remove the distinction between contract and non-contract attachments.

  • Ensure that no "chains of trust" can be established, i.e. only those attachments uploaded by a trusted installer can be used to check if a new attachment should be trusted (this should already be the case, so may just need a little testing)

  • Add some tooling to allow the operator to view precisely what attachments are trusted (further described in the PR, under "Second Phase Design"

 

Status

Assignee

Dan Newton

Reporter

Shams Asari

Labels

Feature Team

Corda Core

Story Points

5

Fix versions

Ported to...

Corda 4.3
Corda Enterprise 4.3

Priority

Highest

Sprint

None
Configure