Connect permisson delima

+3 votes

I've been experimenting with MC and I encountered this scenario: Any of the admin nodes on a a network can solely throttle it by just revoking the connect permission to all the other nodes.

I tried to look for a way to limit such a behaviour (something like admin-consensus-connect) but I couldn't find any, and in the scenario I am trying to build, I require multiple admin nodes in order to avoid a single point of failure.

Looking forward to your thoughts on the matter
asked Nov 27 by SDVII

2 Answers

0 votes
Best answer

Yes, we're aware of this issue, and will be releasing a maintenance fix shortly in which any address with admin permission automatically also has connect permission. That will resolve the dilemma you raise.

answered Dec 3 by MultiChain
selected Dec 3 by SDVII
That would be great, thanks for the reply.
If you could reply to this thread once the fix is in, I'd appreciate it.

Thanks again
–1 vote

The admin consensus should be able to help you. Let's say you have 5 admin nodes running and you set the 

anyone-can-admin to 1, all the admins has to agree to any grant/revoke permission. You would have to adjust that parameter according to your requirement and anticipating the failure scenarios.
answered Nov 28 by jeshocarmel
I am afraid that won't do for multiple reasons.

First of all, in the scenario, I have a specific set of admins. I think giving the admin permission to all nodes can create a slew of problems.

Secondly, even if the all nodes have admin permission, there are no restrictions to changing some permissions like connect. The ones that you can control are mentioned in the blockchain params: