Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lack of Host Ownership Verification in Deployments #282

Open
ygrishajev opened this issue Feb 5, 2025 · 0 comments
Open

Lack of Host Ownership Verification in Deployments #282

ygrishajev opened this issue Feb 5, 2025 · 0 comments

Comments

@ygrishajev
Copy link

Describe the Bug

Currently, when creating a deployment on Akash, a user can specify an accept host without any ownership verification. If another user attempts to deploy with the same accept on the same provider, they receive an "accept in use" error. This creates potential issues:

  • Namespace Hijacking: A user can claim an accept host for a domain they do not own.
  • Deployment Disruption: If someone knows an existing deployment’s accept host, they can attempt to deploy with the same accept, causing conflicts.
  • Security Risks: Without verification, a user could take over a hostname after another deployment is removed.

deploy.yaml

services:
  myapp:
    image: nginx
    expose:
      - port: 80
        accept:
          - myapp.example.com

To Reproduce

  1. Deploy a service with accept: myapp.example.com on an Akash provider.
  2. Attempt to deploy another service with the same accept on the same provider.
  3. The second deployment fails with an "accept in use" error.
  4. If the first deployment is removed, any user can now claim accept: myapp.example.com, potentially taking over a previously existing hostname.

Expected Behavior

Only the owner of a domain should be able to deploy using accept: myapp.example.com. Without verification, users can unintentionally or maliciously hijack hostnames, causing service disruption or preventing legitimate deployments. A verification mechanism should be in place to ensure only authorized users can claim a hostname.

Additional Context

Potential Solutions

  • DNS-Based Verification: Require a DNS TXT or CNAME record proving domain ownership before allowing accept usage.
  • TLS Certificate Check: Validate that a deployment serves a valid SSL certificate for the specified host.
  • Cloudflare-Like Proxy Requirement: Ensure that DNS records for the domain point to an Akash provider before allowing deployment.
  • On-Chain or Signed Proofs: Implement an optional on-chain domain verification mechanism.

This would prevent namespace hijacking, service disruption, and security risks while improving the integrity of Akash-hosted applications.

Would love to hear thoughts on possible mitigations! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant