Great work!
Very interesting security point regarding the Umbrel App Store being a security risk.
Doesn't the Dockerisation provide isolation between the BTC node and Apps?
You are viewing a single comment's thread from:
Great work!
Very interesting security point regarding the Umbrel App Store being a security risk.
Doesn't the Dockerisation provide isolation between the BTC node and Apps?
It does to some extent but the keys to the api which controls Lightning are available as environment variables which point to files that any app can find.
This is necessary and by design so that a utility like Ride The Lightning can make changes like open and close channels (which is an on chain bitcoin transaction) and moving sats which requires the admin access to the Lightning node.