Open neruthes opened 5 years ago
This will need reviews by @yisiliu and @Jack-Works
The rest looks fine. Can @Jack-Works estimate how large the database to be transferred will be. A rough number should be fine.
- an ephemeral private key - shouldn't it be public?
- regarding the keystore conflicts. Why would there be conflicting AES keys for a post?
The rest looks fine. Can @Jack-Works estimate how large the database to be transferred will be. A rough number should be fine.
The session-only private key is being optically presented via QR. This is hardly safe, but might be an acceptable tradeoff with UX operation simplification, since the major threat is always Facebook instead of surrounding attackers in the Corpospace.
Post-specific AES keys may not conflict. I might overstated the necessity of handling this.
This article specifically focuses on the scenarios for mobile devices.
Data
The data object being subject to transferring is the keystore, which includes basically all persisting data, e.g. private keys, public keys, friends list, and certificates list.
Transference Media
AirDrop
With AirDrop, the keystore backup file can be transferred to an iOS device and be received by the Maskbook app on it. In this case, the keystore will be automatically imported.
In handling these conflicts, Maskbook shall retrieve latest information of the user or the post in order to determine which is correct; and this process should be asynchronous hence it will not suspend any on-surface operations.
QR
By transferring with QR code, the QR actually consist of an ephemeral private key, to which the whole keystore is ECDHE encrypted. As the receiving device acquires the ephemeral private key, it will be able to retrieve the ECDHE encrypted keystore file from a remote node in GUN. If we happen to move away from GUN in future, the same relay system should be employed.
This procedure includes several steps to be taken by the user:
Rome and Paris are names of the two devices.
Edge Cases
It is possible that the incoming keystore has conflicts with the current keystore. Conflicts may include: