Hi, I would like to create an application that behaves very similar to how the GPG split works. I am developing a 'signer' for Ethereum (https://github.com/holiman/go-ethereum/tree/signer_mhs/cmd/signer), which is basically a wallet.
The signer exposes an external API, which can be either RPC-based or HTTP-based. The external API is considered untrusted, and all requests to that API are handled via sign-what-you-see on the 'internal' side via a UI of the users choice. The user can either start the signer with a native CLI ui, or use a GUI to start the signer (in the trusted environment), e.g the proof-of-concept QT-based poc implementation at https://github.com/holiman/qtsigner. Now, I would like to use a similar mechanism as gpg-split uses, in order to have the signer running in a separate 'vault' which does not have external networking, but does expose either RPC or HTTP to other VM:s. So I'm curious about the different options that exist for implementing this, and if anyone can point me towards what resources I should read up on to understand what I need to do to accomplish this. Do I need to build a modified Qubes in order to put this together, or is it enough to allow RPC interaction via rules? Cheers, Martin Holst Swende -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/aed416f7-1225-c592-15f6-f2b492f59479%40swende.se. For more options, visit https://groups.google.com/d/optout.
0x05A5DDF0.asc
Description: application/pgp-keys
