A configurable Ethereum JSON-RPC gateway to regulate requests by authorization rules
Ethereum implementations such as go-ethereum supports a number of API namespaces that are considered “management APIs“:
admin: node management
debug: node debugging
personal: Account management
txpool: Transaction pool inspection
In an enterprise context, these APIs are typically considered privileged and should be reserved for special users in the administrative roles.
EthFirewall is a service that filters on incoming JSON-RPC requests and determines whether the request should be allowed through or rejected based on the configuration. A Kaleido organization can configure EthFirewall services based on specific authorizations associated to roles. This way, instead of exposing the node itself which would make the entire API surface available, the organization can pass out credentials to the EthFirewall service and prevent the users from accessing the privileged APIs.
Ethereum JSON-RPC Gateway
Provides an API surface for the Ethereum JSON-RPC requests. Supports the implementation-specific management APIs of go-ethereum, Quorum and Pantheon.
Configurable Endpoint Rules
On a per API endpoint basis, or per namespace basis, turn the API on or off so that JSON-RPC requests will be accepted to rejected according to the rules.