I have a secure canister which calls a function in a different canister by importing that canister.
For security reasons, I want this function canister to ONLY be able to be called from the secure canister, and reject all other requests. In particular, this function should not be callable from an API call and not callable from any other canister on the IC other than that specific canister.
Are you sure it is the principal ID? It would not make sense to hard-code the principal ID in, especially since if you consider that, if the canisters are being deployed together (dfx deploy), you cannot know the principal ID before deploying.
Somewhat related… is there a way to make a canister be callable only by a frontend client?
The catch is that client could represent any number of logged-in users. I could put some application ID in both the frontend code and the backend canister code, and verify the application ID on every request… but someone could read the JS and extract the application ID.
Basically, I want to prevent malicious users from calling the backend canister directly… but maybe that’s an impossible goal?