Macaroons Escalated Quickly

263 点作者 mkeeter超过 1 年前

27 条评论

tptacek超过 1 年前

Back in 2021, when I wrote the API token survey post, I had some, uh, caveats about Macaroons, and linked to a talk from a developer at Chain who had gone through the experience of deploying them. Don't get me wrong, it's still an excellent talk†, but after working on implementing them for a year or two I find it much less damning than I did at the time.One problem Chain seemed to run into was coupling between their services. They had a fast Golang "ledger" and a slow Rails "dashboard", and found that Macaroons forced all their requests to loop through the "dashboard". This was because they'd opted to do short-lived Macaroon tokens that needed to be reissued every 5 minutes (eminently sane), and only their dashboard could generate the proper token?Another problem they had with Macaroons: their Rails dashboard has an RBAC permissons interface. But once they've issued a Macaroon, users can't change permissions with the interface anymore. But that's a problem with all stateless tokens, not just Macaroons; in fact, Macaroons probably help here, because if you're presenting a Macaroon to the dashboard interface in the first place, the RBAC interface can just attenuate it for you and hand it back to you.I still think this is a design that mostly makes sense only if you have a problem domain for which both attenuation and delegation make sense. Most basic CRUD apps don't have these problems, and using Macaroons would be a mistake for them.† <a href="https://www.youtube.com/watch?v=MZFv62qz8RU" rel="nofollow">https://www.youtube.com/watch?v=MZFv62qz8RU</a>

评论 #39210764 未加载

评论 #39207538 未加载

评论 #39207604 未加载

评论 #39220346 未加载

windlep超过 1 年前

I remember when I saw a presentation by the macaroon authors a few years back, there were pending patents that Google filed around them. While the authors claimed Google wouldn't sue anyone, I'm always a bit skeptical about such claims. I thought macaroons would be helpful for some of my use-cases, but since I now knew there were patents that'd be wilful infringement so I didn't bother.I can't find the patents now, so perhaps they were rejected or withdrawn. I had assumed that was why macaroons hadn't caught on more widely.Edit: Found the patent: <a href="https://patents.google.com/patent/US9397990B1/" rel="nofollow">https://patents.google.com/patent/US9397990B1/</a>

评论 #39207978 未加载

评论 #39208230 未加载

评论 #39206893 未加载

评论 #39206596 未加载

djha-skin超过 1 年前

Macaroons are a cookie[1], Macarons are a French dessert[2].I have a pet peeve about this mix-up in particular, and they seem to have mixed them up, calling the French thing macaroons.1: <a href="https://www.savoryexperiments.com/almond-coconut-macaroons/" rel="nofollow">https://www.savoryexperiments.com/almond-coconut-macaroons/</a>2: <a href="https://sallysbakingaddiction.com/french-macarons/" rel="nofollow">https://sallysbakingaddiction.com/french-macarons/</a>

评论 #39211297 未加载

评论 #39212545 未加载

评论 #39212289 未加载

评论 #39221754 未加载

ijustwanttovote超过 1 年前

Small detail, there's a picture of macarons and not macaroons.A macaron is a sandwich-like cookie that's filled with jam, ganache, or buttercream. A macaroon is a drop cookie made using shredded coconut.

评论 #39209376 未加载

评论 #39210204 未加载

sergioisidoro超过 1 年前

So, are Macaroons are like a "blockchain", where each block is an attenuation (ie reducing permission and scopes) of the permission of the original token? So a bearer can get a token, reduce its scope (without talking to the server) and pass it down to other less privileged entities. That's cool!I kind of had to look into the paper linked to really understand what they are. I feel the article could have given a bit more context on it :)

评论 #39205868 未加载

评论 #39206300 未加载

评论 #39219532 未加载

X-Istence超过 1 年前

Macaroons are also implemented and used by pypi.org's implementation named Warehouse:<a href="https://warehouse.pypa.io/development/token-scanning.html" rel="nofollow">https://warehouse.pypa.io/development/token-scanning.html</a>Also see:<a href="https://pypitoken.readthedocs.io/en/latest/" rel="nofollow">https://pypitoken.readthedocs.io/en/latest/</a>

评论 #39205692 未加载

RustyRussell超过 1 年前

Compulsory plug when someone uses macaroons: using an HMAC is overkill.See <a href="https://github.com/rustyrussell/runes">https://github.com/rustyrussell/runes</a> for a simpler alternative and implementation (this has C and Python, but there's also a Rust implementation because why not?)However, the "no db access" property has proven to be untenable in practice. Users end up wanting to see what runes are issued, blacklist them, know when they were last used, and have rate limits. The last two are a killer, requiring some state to be kept (unless your system allows you to return a modified rune to the user, which is a different workflow from normal bearer creds).

评论 #39227324 未加载

评论 #39211035 未加载

evancordell超过 1 年前

> The community that formed around building open source “standard” Macaroons decided to use untyped opaque blobs to represent candidates.I assume "candidates" was supposed to be "caveats" - and as an author of a "standard" macaroon implementation, I completely agree that this is the biggest downfall of Macaroons. With no common caveat language (and no independent "dischargers") it really limits their use to within a single org. And at that point you're basically asking everyone to invent their own token format anyway.Though I don't personally use them much anymore - I think the use-cases for Macaroons are much more limited if you have a Zanzibar! - I appreciate seeing Macaroon discussions pop up and this post and the related discussions it linked out to were a great read.

评论 #39212236 未加载

Arelius超过 1 年前

These look pretty useful cool...I'm curious a bit though, here, and in other posts in HN, I often see that HMAC, a symmetric key is preferred, going as far as suggesting, in JWT, that other algorithms should not be implemented. Why is that? What are the problems with say RSA? (Ignorning that I'm not sure Asymmetric keys work with Macaroons design at all)From my perspective, Asymmetric keys have been a great boon, in that I can keep the private key, secured on my single auth server, but then freely distribute the public key to the edge, greatly increasing responsiveness, and reducing the bottleneck on the Auth server.Is there some security concern I've been missing?

jszymborski超过 1 年前

This post was written exceedingly well. Few posts execute humour and whimsy without coming off as insincere or just not very funny (I'm guilty myself).Bravo!

评论 #39206750 未加载

jzelinskie超过 1 年前

It's probably more relevant to your previous blog post that did a survey of technologies, but I'm curious if y'all ever considered a fully centralized approach. Is there something about Fly that benefits from a decentralized approach?Disclosure: I work on SpiceDB alongside maintainers like the pymacaroons author

评论 #39205185 未加载

alexissantos超过 1 年前

Off topic, but related: The art you see on Fly posts? It's made by the inimitable Annie Rugyt: <a href="https://annieruygtillustration.com/" rel="nofollow">https://annieruygtillustration.com/</a> She's wonderful, and has a knack for making brands come alive with illustration.Remember the RethinkDB mascot? That was her too!

评论 #39212793 未加载

matthewaveryusa超过 1 年前

>and escape hatches like Mutation (for our GraphQL API).Can you explain in a bit more detail what you mean by escape hatches (sounds dangerously fun)

评论 #39204994 未加载

michelpp超过 1 年前

I like the "solve the now" perspective here, and having code examples is very helpful to understand some of the rational behind the approach. Having read your previous "tedious survey"[0] post on various token formats, I generally agree with a lot of your conclusions. Curious though about your thought process wrt macaroons vs biscuits.To me the one major downside of macaroons has always been the single shared root symmetric key. Many use cases are addressed by third party attenuation, but then there are the problems like key rotation, having to do online verification, no built in encryption, no peer-to-peer support through an "untrusted" fly.io, and no third party token verification without decryption like in signcryption[1] schemes. Of course this is traded off by having to do PK issuance and management so I can see the simplicity of it.Is fly.io scoping this pretty hard to just auth tokens with third party attenuation, or do you see further development and maybe moving to other token systems like biscuit when/if the need arises to address those known issues?fwiw I've done a bit of research work myself on a token format using signcryption [2] where I explored addressing some of these ideas (but not the attenuation side of it yet, which I get is a big deal here).[0] <a href="https://fly.io/blog/api-tokens-a-tedious-survey/">https://fly.io/blog/api-tokens-a-tedious-survey/</a>[1] <a href="https://github.com/jedisct1/libsodium-signcryption">https://github.com/jedisct1/libsodium-signcryption</a>[2] <a href="https://github.com/michelp/pgsodium/blob/feat/signcryption-tokens/sql/pgsodium--3.1.7--3.2.0.sql">https://github.com/michelp/pgsodium/blob/feat/signcryption-t...</a>

评论 #39205661 未加载

xyzzy_plugh超过 1 年前

> Until now! I dragged Fly.io into implementing them. Suckers!Let's be real: they knew you would do this eventually. It was inevitable.

ramchip超过 1 年前

I'm curious why the connection from Rails is "mTLS-y" rather than actual mTLS. The macaroon repo mentions a Noise transport. Maybe to avoid dealing with X.509 certificates by distributing trusted public keys via LiteFS?> We didn’t use the pre-existing public implementation because we were warned not to. [...] Macaroons decided to use untyped opaque blobs to represent caveats. We need things to be as rigidly unambiguous as they can be.Another place where the implementations are limiting is in the nonce for discharge macaroons: it has to match the "challenge" exactly. I think the fly.io implementation makes the nonce a structured object that includes the challenge / key ID as a field, and extracts that field during third party caveat verification, which is nice. It makes it possible to include a random nonce (in the cryptographic sense) or revocation ID for instance.I experimented recently with discharges containing service-specific info, e.g. a discharge from an auth service could contain the user's name (for logging), etc. It felt dangerous though, because there's potential for confusion on which service is allowed to provide what info - if we have a 3P caveat for an auth service and a revocation checking service, we want to be sure that the user profile info comes from the auth service, not the other one, and it gets complicated to encode that in the token.Maybe this is what "proof" macaroons solve? They're not mentioned in the blog post or macaroon-thought.md, but seemed to be about making positive statements on something.

评论 #39216509 未加载

评论 #39214932 未加载

wereHamster超过 1 年前

I wonder why they went chose macaroons over biscuits. The later is only mentioned once in that article, but doesn't talk about why they were not selected.

评论 #39205537 未加载

评论 #39205722 未加载

fovc超过 1 年前

Surprised to see JSON here. I recall discussing JWT with tptacek a few years ago, and one of the concerns was the {a: x, a: y} ambiguity in JSON parsers. Was that a concern with this design?My other reaction was that this sounds scary:> a token with no caveats restricts nothing. It’s a god-mode token. Don’t honor it.I guess it's technically "fail closed" but seems kind of brittle

评论 #39206166 未加载

评论 #39206720 未加载

bethecloud超过 1 年前

Storj is also leveraging macaroons. Great write-up on decentralized access control here: <a href="https://medium.com/@kleffew/what-is-capability-based-security-227c6e5483a5" rel="nofollow">https://medium.com/@kleffew/what-is-capability-based-securit...</a>

8organicbits超过 1 年前

> we want Macaroon tokens to be safe to transmit between usersHow does this work for auditing? If user A gives user B a token (perhaps after adding a caveat) how does this system audit log determine who did what? Does that require a third party system?

评论 #39205866 未加载

评论 #39205947 未加载

xbar超过 1 年前

I am not a customer, but I do like the fly.io "voice."

asplake超过 1 年前

Typo/bug: pretty sure variable 'oldTag' should be 'oldTail'

评论 #39204849 未加载

beeks超过 1 年前

it seems to me that macaroons could get quite big in order to adequately describe allowed resources and permissions? Especially if the API is broad? Much bigger than JWTs.

评论 #39210030 未加载

ssl232超过 1 年前

TIL macarons [1] are also known as macaroons [2]. Where I'm from, macaroons are dense, sweet coconut treats and the French sweets are known as macarons. But from the Wikipedia article I see macaroons mean many different things to many different people.[1] <a href="https://en.wikipedia.org/wiki/Macaron" rel="nofollow">https://en.wikipedia.org/wiki/Macaron</a>[2] <a href="https://en.wikipedia.org/wiki/Macaroon" rel="nofollow">https://en.wikipedia.org/wiki/Macaroon</a>

评论 #39204789 未加载

评论 #39204995 未加载

评论 #39204830 未加载

评论 #39204681 未加载

评论 #39204616 未加载

评论 #39209659 未加载

评论 #39204700 未加载

评论 #39204695 未加载

DonsDiscountGas超过 1 年前

The title and graphic suggest an article about the most delicious treat known to humans, and the post is about software. My disappointment is immeasurable and my day is ruined.

评论 #39205965 未加载

评论 #39204906 未加载

评论 #39205114 未加载

评论 #39205015 未加载

评论 #39205050 未加载

评论 #39205354 未加载

elbasti超过 1 年前

What I really want to know is how fly.io has recruited such talent. @tptacek (who wrote this article), @chrismccord (creator of elixir Phoenix/Liveview), and others.Very impressive, but also slightly worrying since some parts of fly.io have such terrible DX/documentation. I've only recently started using them, but the documentation around billing and databases is shockingly bad for a team that is clearly so deeply stacked.

评论 #39206014 未加载

评论 #39205625 未加载

评论 #39206605 未加载

iou超过 1 年前

lol, the picture in the post is of a macaron, not a macaroon<a href="https://www.foodnetwork.com/recipes/packages/baking-guide/macarons-vs-macaroons-whats-the-difference" rel="nofollow">https://www.foodnetwork.com/recipes/packages/baking-guide/ma...</a>

评论 #39205360 未加载