Resto security layer

Nomadic Labs

Dec 3rd, 2022

REST is a software architecture style that describes an interface between decoupled
software components in a Client-Server architecture. It is widely used in the industry
and more specifically in web development as a set of guidelines for creating stateless,
reliable web APIs (also called web services).
As REST mainly defines constraints to identify and manipulate resources, RESTful web
APIs are usually based on the HTTP protocol to access resources via URL-encoded
parameters and the use of JSON or XML to encode transmitted data.
Cornerstone of the Tezos blockchain, Tezos nodes are exposing a RESTful API that
mainly permits a client to perform transactions and query its internal state in regard
to the chain. The security of these web services is an important aspect to consider
as it reduces the risk of malicious acts that could impact both the node behavior, and
its eco-system integrity.

Internships goals


The goal of this internship is to improve Tezos node’s web services security in order
to consolidate its robustness against hostile environments. Building upon existing
work, and guided by some documentation and research papers related to the subject,
the intern will design countermeasures for specific and predetermined scenarios of
attacks. As an optional part and beside this work, the intern can identify and address
other webservices vulnerabilities.
In order to validate its approach, the intern will develop reproducible scenarios of
attacks and demonstrate the solidity of its work by measuring its impact on a working
Tezos node.

Requirements


The successful applicant should have a good knowledge of the OCaml programming
language, be able to work independently and understand academic papers. Having a
good knowledge of the network and the HTTP protocol can be helpful. The purpose
of its work will be to propose solutions to the different problems they will encounter
and implementing these solutions.

Internship Context


You will work at the Nomadic Labs’ offices in Paris.
Participating in a large scale open-source project you will have to rapidly learn to
use collaborative tools (Git, merge request, issues, gitlab, continuous integration,
documentation) and to communicate about your work. The final results might be
presented at an international conference or workshop.
You will have a designated advisor at Nomadic Labs and will have to work indepen-
dently and to propose thoroughly-considered solutions to the different problems you
will have to solve. You will be encouraged to seek advice from members of the team.

Intellectual Property


All material produced (essays, documentation, code, etc.) will be released under an
open source license (e.g. MIT or CC).

If you require alternative methods of application or screening, you must approach Nomadic Labs directly to request this, as we're not responsible for the employer's application process.

RedHired TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.

By applying to a job using RedHired you are agreeing to comply with and be subject to the RedHired Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

RedHired

All job types
Contract
Full-time
Part-time
Permanent
Temporary
Other

All locations
A2
A5
A8
Auvergne-Rhône-Alpes
B5
B8
Bourgogne-Franche-Comté
Centre-Val de Loire
DTM
GE
Hauts-de-France
N
NA
O