Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PrivateKey are not encrypted in storage plus visible in log #22

Open
cheme opened this issue Mar 20, 2015 · 0 comments
Open

PrivateKey are not encrypted in storage plus visible in log #22

cheme opened this issue Mar 20, 2015 · 0 comments
Labels
MAJOR trustkeyval

Comments

@cheme
Copy link
Owner

cheme commented Mar 20, 2015

Private Keys should be subject to decryption from a master password.

Currently private key are stored without encryption, yet they are not send, plus debug should log them.

TODO

  • have a private key specific type which does not display on debug (masked), and stored encrypted, plus look for NaCl memory protected crate
    Question
  • input of master password, it should at some time be send to the api, and all is pretty static right now when using decodable so we may need to add the master password as parameter of truster and trustedval methods (storage in wotstore then use in params of methods??).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
MAJOR trustkeyval
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cheme