Component: Admin front end
Description
The admin front end is responsible for changing various configuration options for the bridge. An admin is able to log in with their wallet, which lets them edit options like the daily quota limit as well as view the bridging history of all users.
Invariants
An unauthorized user should not be able to change options on the bridge via the admin API endpoints.
A non-admin user should not be able to log in and obtain an admin JSON Web Token (JWT).
Test coverage
Cases covered
Log in with an admin Mina wallet.
Log in with an admin Ethereum wallet.
Cases not covered
Log in with an invalid admin wallet.
Call admin API endpoints with an admin JWT, no JWT, or forged JWT.
Attack surface
The attack surface itself is limited in the log-in and config-update API endpoints. Admin wallets are in the environment file, and users trying to log in are compared to the values from the environment file; if they are not a match, the user is unable to log in. Admin API endpoints check that a valid admin JWT is present, making sure that no regular users are able to interact with them.