Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure deletion of keyshares #1121

Open
ameba23 opened this issue Oct 21, 2024 · 1 comment
Open

Secure deletion of keyshares #1121

ameba23 opened this issue Oct 21, 2024 · 1 comment
Labels
Enhancement

Comments

@ameba23
Copy link
Contributor

ameba23 commented Oct 21, 2024
edited
Loading

When we delete our keyshare because we are leaving the signer set, we want to be sure it no longer exists on disk, rather than just being removed as an entry in the key-value database. That is - it should be overwritten by zero bytes.

My hunch is that we can achieve this by overwriting the value with a vector of zero bytes of the same length. We could do this in our wrapper to sled's remove method in the entropy-kvdb crate:

entropy-core/crates/kvdb/src/encrypted_sled/kv.rs

Line 191 in 3e87482

let prev_val = self.kv.remove(&key)?;

But without knowing how sled represents values internally, we cannot be sure that this will reliably overwrite the original value.

I have made an issue in the sled repo asking this question, and if we don't hear back i would write a test and / or read the code to investigate.
@ameba23
Copy link
Contributor Author

ameba23 commented Oct 22, 2024

Related issue: spacejam/sled#1512

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
Entropy Core
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ameba23 @HCastano