Password Protected LNDConnect

[JimmyMow]

I propose an update of lndconnect that allows a user to add a password before outputting the QRCode or string. Then the QRCode data or string data is encrypted using the user's password.

The reasons for this are:

1. The data is no longer sensitive
2. The data will not be so long, resulting in easier to scan QRCodes

I think we should add an additional field such as password=true to keep backwards compatibility. When clients parse the lndconnect strings, they should parse the password field, knowing whether this lndconnect data is hashed with a password or not. Then clients can prompt users for their password and decrypt the lndconnect string.

[ottosuess]

1. I still don't see a threat that can be avoided by encrypting the lndconnect uri. (that might be just because i'm lacking imagination).

   • If your attacker has access to your machine or physical access to you, you're fucked anyway.
   • If you want to share your code over the internet you still have to share the password over a secure channel. Instead could just share the lndconnect uri over that secure channel and you get the same level of security.
   • If you need anything more sophisticated you're also sophisticated enough to just encrypt the uri yourself. (lndconnect -j | rot13 😉)

2. I would expect encrypting the data would rather increase the size of the uri than shortening it. At least if we're using a popular block cipher like AES.

• Passwords suck. Especially those you have to enter on mobile devices. Everybody will just use 12341234.