Skip to content

fix(onchain): allow no-auth remote signer for the local demo#17

Merged
rickstaa merged 1 commit into
mainfrom
rs/signer-noauth
Jul 6, 2026
Merged

fix(onchain): allow no-auth remote signer for the local demo#17
rickstaa merged 1 commit into
mainfrom
rs/signer-noauth

Conversation

@rickstaa

@rickstaa rickstaa commented Jul 6, 2026

Copy link
Copy Markdown
Member

go-livepeer#3959 makes the remote signer fail-closed: a -remoteSigner on a public (non-loopback) -httpAddr now refuses to start unless -remoteSignerWebhookUrl is set or -remoteSignerAllowNoAuth is passed. Our signer binds to 0.0.0.0:7936 so the host can reach it, so it now won't boot.

Adds -remoteSignerAllowNoAuth to compose.onchain.yml with a comment flagging it as local-demo only — production should authorize callers via -remoteSignerWebhookUrl instead.

Error this fixes:

Refusing to start: remote signer on public -httpAddr 0.0.0.0:7936 with no
-remoteSignerWebhookUrl signs payments from this node's deposit for any caller.

go-livepeer now refuses to start a -remoteSigner on a public -httpAddr without
-remoteSignerWebhookUrl (livepeer/go-livepeer#3959). The signer binds to
0.0.0.0 so the host can reach it, so add -remoteSignerAllowNoAuth to boot the
local demo, with a comment that production should authorize callers via the
webhook instead.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@rickstaa rickstaa merged commit 4e963dd into main Jul 6, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant