docs: comprehensive RPC Overview#70
Conversation
Replace the minimal API Overview with a full RPC Overview covering: - Endpoint format and transport details - JSON-RPC 2.0 request/response structure - RPC modules overview - Biscuit authentication flow and permission model - Configuration examples (YAML, env vars, CLI flags) - Concrete curl examples for node_info and send_payment - WebSocket subscription notes - Security checklist Closes RET-42 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
@humble-little-bear is attempting to deploy a commit to the CKBA-2026 Team on Vercel. A member of the Team first needs to authorize it. |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
| Each method is protected by a Datalog rule that checks for a specific permission fact in the token. Permissions are scoped by resource and access level: | ||
|
|
||
| - `read("<resource>")` — grants read-only access to that resource. | ||
| - `write("<resource>")` — grants read and write access. |
There was a problem hiding this comment.
According to https://github.com/nervosnetwork/fiber/blob/v0.8.1/crates/fiber-lib/src/rpc/biscuit.rs#L293-L297, it seems that read and write appear to be separate permissions, so write doesn't imply read access.
|
|
||
| ### When is auth required? | ||
|
|
||
| - **Private addresses** (loopback, LAN, unspecified interfaces like `127.0.0.1`, `[::1]`, `192.168.x.x`): Authentication is optional. If no `biscuit_public_key` is configured, the server accepts all local requests. |
There was a problem hiding this comment.
According to https://github.com/nervosnetwork/fiber/blob/v0.8.1/crates/fiber-lib/src/rpc/mod.rs#L252-L254, unspecified bind addresses are treated as public addresses. So 0.0.0.0 / [::] should not be grouped with local/private addresses such as 127.0.0.1 / [::1].
|
|
||
| ## RPC Modules | ||
|
|
||
| Functionality is grouped into **modules**. You can selectively enable or disable modules via the `rpc.enabled_modules` config field. By default, all stable modules are enabled. |
There was a problem hiding this comment.
According to https://github.com/nervosnetwork/fiber/blob/v0.8.1/crates/fiber-lib/src/rpc/config.rs#L3-L6, I don't think pubsub, dev, prof are enabled by default.
| export RPC_LISTENING_ADDR="127.0.0.1:8227" | ||
|
|
||
| # CLI flag | ||
| fiber-bin --rpc-listening-addr "127.0.0.1:8227" --rpc-biscuit-public-key "ed25519/..." |
There was a problem hiding this comment.
Should this be fnn instead of fiber-bin?
yfeng2824
left a comment
yfeng2824
left a comment
There was a problem hiding this comment.
@HappySonnyDev Broken links: Node, watchtower.
- Clarify that write permissions do not imply read permissions. - Classify unspecified bind addresses (0.0.0.0 / [::]) as public. - Correct default enabled modules (pubsub/dev/prof are off by default). - Use fnn binary name in CLI flag example. - Fix glossary auto-link URL. - Fix broken Watchtower API reference link. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
| Each method is protected by a Datalog rule that checks for a specific permission fact in the token. Permissions are scoped by resource and access level: | ||
|
|
||
| - `read("<resource>")` — grants read-only access to that resource. | ||
| - `write("<resource>")` — grants write access to that resource only; it does **not** imply read access. |
There was a problem hiding this comment.
我看 subscribe_store_changes 方法用的是 internal 权限
| - `read("<resource>")` — grants read-only access to that resource. | ||
| - `write("<resource>")` — grants write access to that resource only; it does **not** imply read access. | ||
|
|
||
| Resources map roughly to modules: `node`, `peers`, `channels`, `payments`, `invoices`, `graph`, `cch`, `watchtower`, `chain`, `messages`, `pprof`. |
There was a problem hiding this comment.
目前左侧没有 chain、messages 这两个分类
3 participants
This PR replaces the minimal API Overview with a full RPC Overview document.
What's covered
node_infoandsend_paymentSource verification
All facts are based on the Fiber v0.8.1 source code:
crates/fiber-lib/src/rpc/mod.rscrates/fiber-lib/src/rpc/config.rscrates/fiber-lib/src/rpc/middleware.rs🤖 Generated with Claude Code