Skip to content

fix: remove hardcoded Engine API JWT secret and require explicit configuration#1147

Open
erhnysr wants to merge 1 commit into
base:mainfrom
erhnysr:fix/hardcoded-jwt-secret
Open

fix: remove hardcoded Engine API JWT secret and require explicit configuration#1147
erhnysr wants to merge 1 commit into
base:mainfrom
erhnysr:fix/hardcoded-jwt-secret

Conversation

@erhnysr

@erhnysr erhnysr commented Jul 15, 2026

Copy link
Copy Markdown

Reopening this contribution (previously #1087, closed by stale-bot without review) — removes a hardcoded Engine API JWT secret that exposes authrpc to unauthenticated access when operators use the default .env files. This is a real security gap for node operators running fresh setups. Rebased on latest main, no conflicts. Happy to address any review feedback.

…iguration

The default BASE_NODE_L2_ENGINE_AUTH_RAW value was a well-known public hex
string committed in the repository. Because authrpc binds to 0.0.0.0, any
operator using host networking, Kubernetes, custom port mappings, or shared
Docker networks was exposed to unauthenticated Engine API access.

- Replace hardcoded secret in .env.mainnet and .env.sepolia with a
  placeholder that instructs operators to generate their own value
  with `openssl rand -hex 32`
- Add validation in execution-entrypoint that exits with a clear error
  message if BASE_NODE_L2_ENGINE_AUTH_RAW is unset or still holds the
  placeholder value
- Upgrade the existing empty-check in consensus-entrypoint to also catch
  the placeholder value
- Document BASE_NODE_L2_ENGINE_AUTH_RAW as a required field in README.md

Fixes base#1086

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@cb-heimdall

Copy link
Copy Markdown
Collaborator

🟡 Heimdall Review Status

Requirement Status More Info
Reviews 🟡 0/1
Denominator calculation
Show calculation
1 if user is bot 0
1 if user is external 0
2 if repo is sensitive 0
From .codeflow.yml 1
Additional review requirements
Show calculation
Max 0
0
From CODEOWNERS 0
Global minimum 0
Max 1
1
1 if commit is unverified 0
Sum 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants