Parity-ethereum: Trusted Signer overflows with unknown transactions
I'm running:
- Which Parity version?: 1.8.6
- Which operating system?: Linux
- How installed?: via installer
- Are you fully synchronized?: yes
- Which network are you connected to?: ethereum
- Did you try to restart the node?: yes
Hello, my Trusted Signer contains 51 request, but this is not my tranactions (not from my accounts or to my accounts). And I can't reject it all, because when I reject one, parity receive new transactions...
famfamfam
All 3 comments
What settings are you running with? Are you using any dapps? Do you have Parity Chrome Extension?
In the Signer you can see the origin of the request can you post what you see there?
tomusdrw
on 18 Jan 2018
parity --geth --force-ui --tracing off --min-peers 50 --max-peers 100 --ws-origins all
--ws-hosts all --no-ancient-blocks --no-serve-light --jsonrpc-port 8545 --pruning fast --db-compaction ssd
--jsonrpc-apis all --ws-interface all --jsonrpc-interface all --ui-interface all --cache-size 1024
sync with --fast-and-loose
No dapps
No extension
Now I start resync with tracing=on, so can't copy request...
famfamfam
on 18 Jan 2018
By using --jsonrpc-interface all and --{ws,ui}-interface all and (the worst) --jsonrpc-apis all you are exposing all of your node RPCs to the external network.
Anyone in the same network (or if you have public IP - on the entire Internet) can submit a transaction to your node (actually with --jsonrpc-apis all, they can do way more).
Please don't use those options, follow https://github.com/paritytech/parity/wiki/Wallet-Remote-Access guide or protect yourself with a firewall.
tomusdrw
on 18 Jan 2018
Related issues
jurijbajzelj
·
3Comments
Michael2008S
·
3Comments
m-thomson
·
3Comments
mr-older
·
3Comments
vmenond
·
3Comments
Most helpful comment
By using
--jsonrpc-interface alland--{ws,ui}-interface alland (the worst)--jsonrpc-apis allyou are exposing all of your node RPCs to the external network.Anyone in the same network (or if you have public IP - on the entire Internet) can submit a transaction to your node (actually with
--jsonrpc-apis all, they can do way more).Please don't use those options, follow https://github.com/paritytech/parity/wiki/Wallet-Remote-Access guide or protect yourself with a firewall.