Connect permisson delima

Question

Hello,

I've been experimenting with MC and I encountered this scenario: Any of the admin nodes on a a network can solely throttle it by just revoking the connect permission to all the other nodes.

I tried to look for a way to limit such a behaviour (something like admin-consensus-connect) but I couldn't find any, and in the scenario I am trying to build, I require multiple admin nodes in order to avoid a single point of failure.

Looking forward to your thoughts on the matter

Answer 1

Yes, we're aware of this issue, and will be releasing a maintenance fix shortly in which any address with admin permission automatically also has connect permission. That will resolve the dilemma you raise.

Comments

That would be great, thanks for the reply.
If you could reply to this thread once the fix is in, I'd appreciate it.

Thanks again

Answer 2

The admin consensus should be able to help you. Let's say you have 5 admin nodes running and you set the 

anyone-can-admin to 1, all the admins has to agree to any grant/revoke permission. You would have to adjust that parameter according to your requirement and anticipating the failure scenarios.

Comments

I am afraid that won't do for multiple reasons.

First of all, in the scenario, I have a specific set of admins. I think giving the admin permission to all nodes can create a slew of problems.

Secondly, even if the all nodes have admin permission, there are no restrictions to changing some permissions like connect. The ones that you can control are mentioned in the blockchain params: https://www.multichain.com/developers/blockchain-parameters/

Answer 3

This has been fixed in MultiChain 1.0.7, and will also be fixed in the next 2.0 alpha.

Comments

Thanks! I am currently using 2.0 alpha 5 because of build issues with v8 on later versions. Looking forward for trying it out

---

Has this issue been resolved in the new beta?

---

Yes, 2.0 beta 1 also fixes this.