6656d2f1d9
Server-side session management with SHA-256 hashed tokens and HttpOnly cookies. Auth middleware gating all RPC/WS/proxy routes with method allowlist. Login rate limiting (5/60s per IP). CORS restricted to config origin. Docker registry allowlist. App ID and path validation. P2P message sanitization (HTML + log injection). Onion address and known-peer validation. Nginx security headers (CSP, X-Frame-Options, etc.) and AIUI proxy auth. Systemd hardening (non-root, NoNewPrivileges, ProtectSystem). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
72 lines
1.7 KiB
TOML
72 lines
1.7 KiB
TOML
[package]
|
|
name = "archipelago"
|
|
version = "0.1.0"
|
|
edition = "2021"
|
|
description = "Archipelago Bitcoin Node OS - Native backend"
|
|
authors = ["Archipelago Team"]
|
|
|
|
[[bin]]
|
|
name = "archipelago"
|
|
path = "src/main.rs"
|
|
|
|
[dependencies]
|
|
# Core dependencies
|
|
tokio = { version = "1", features = ["full"] }
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
anyhow = "1.0"
|
|
thiserror = "1.0"
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
|
|
|
# HTTP and WebSocket
|
|
hyper = { version = "0.14", features = ["full", "http1"] }
|
|
hyper-util = { version = "0.1", features = ["full", "http1"] }
|
|
http-body-util = "0.1"
|
|
http-body = "1.0"
|
|
tower = "0.5"
|
|
tower-http = { version = "0.6", features = ["cors", "trace"] }
|
|
hyper-ws-listener = "0.3.0"
|
|
tokio-tungstenite = "0.20"
|
|
futures-util = "0.3"
|
|
|
|
# Our modules
|
|
archipelago-container = { path = "../container" }
|
|
archipelago-security = { path = "../security" }
|
|
archipelago-performance = { path = "../performance" }
|
|
archipelago-parmanode = { path = "../parmanode" }
|
|
|
|
# Database (optional for now - can use SQLite or skip)
|
|
# sqlx = { version = "0.7", features = ["sqlite", "runtime-tokio-rustls"] }
|
|
|
|
# Authentication
|
|
bcrypt = "0.15"
|
|
sha2 = "0.10"
|
|
uuid = { version = "1.0", features = ["v4"] }
|
|
regex = "1.10"
|
|
|
|
# Node identity (Ed25519)
|
|
ed25519-dalek = { version = "2.1", features = ["rand_core"] }
|
|
rand = "0.8"
|
|
hex = "0.4"
|
|
bs58 = "0.5"
|
|
chrono = "0.4"
|
|
|
|
# Configuration
|
|
toml = "0.8"
|
|
serde_yaml = "0.9"
|
|
|
|
# HTTP client (for LND REST proxy, Tor SOCKS for peer messaging)
|
|
reqwest = { version = "0.11", features = ["json", "socks"] }
|
|
|
|
# Nostr (node discovery)
|
|
nostr-sdk = "0.44"
|
|
|
|
# Backup encryption (DID identity export)
|
|
argon2 = "0.5"
|
|
chacha20poly1305 = "0.10"
|
|
base64 = "0.21"
|
|
|
|
[dev-dependencies]
|
|
tokio-test = "0.4"
|