Security in Electric_IMP

When we say that “IMP-OS’s open API calls are secure” then what exact security is provided here.


Which API calls are you talking about, exactly?

All comms with the device are encrypted, and the device itself has hardware protection/encryption (depending on the model of imp) to prevent tampering/modification/extraction of code.

API calls you implement in agents are generally protected with HTTPS; you can validate the full certificate chain and also implement your own secondary security (eg request signing) on top of this.