Open shamardy opened 10 months ago
For the library to use for mnemonic phrase generation I suggest rust-bip39, it's actively maintained unlike tiny-bip39 which we currently use for converting the phrase to bytes. rust-bip39
is also part of the Rust Bitcoin Community which is maintained by blockstream and the bitcoin community. It also includes pbkdf2 implementation if we decided to use it for seed encryption/hashing, if we decided to use Argon2 instead I suggest this library https://github.com/RustCrypto/password-hashes/tree/master/argon2, Argon2 is slower or more resource-intensive on mobiles or embedded systems though since it requires a large amount of memory.
@Alrighttt @ca333 @DeckerSU I would like your opinion on the above and which of pbkdf2, Argon2d, Argon2i and Argon2id should we use. I also think rust-bip39
should be checked from security perspective before using it, but it's ok for me if you check it on the PR instead since switching libraries shouldn't be a big problem.
Checklist
tiny-bip39
crate and use bip39
instead in adex-cli.aes
has some features to optimize compilation size vs performance on certain architectures.Future:
Cryptographic operations shouldn't be the frontend/GUIs responsibility. Instead, they should be handled by the DeFi framework. To achieve this we should:
ref: https://github.com/KomodoPlatform/komodo_encryption_tool/pull/1#issuecomment-1651230832, https://github.com/KomodoPlatform/komodo_encryption_tool/pull/1#issuecomment-1678687099 C.C. @ca333 @Alrighttt @yurii-khi