geebotron
commented
3 years ago I think the point I'm trying to make here is that if the exported backup of your OpenPGP keys is encrypted with only the 24 bip words, then anyone who can obtain these words and a backup of the keys can have full access to the private key.
Perhaps it would be nice to encrypt the key backups with something beyond just the 24 bip words? Or give the option to do so?
For "hidden wallets" the additional passphrase (25th word) provides this additional security.
I guess you could simply encrypt the backup file with some other key, to achieve the same ends ...
cedelavergne-ledger
I had added a temporary passphrase to my Ledger Nano S.
I used the python scripts to backup my keys with the temporary passphrase present (randomly generated keys - not seed mode).
The documentation says: "The private keys are stored encrypted with a key derived from your seed i.e. from your 24 BIP words"
Using the file I generated I restored the keys etc. using the restore feature, during the same session. This worked fine.
I unplugged and re-attached the ledger device to erase the temporary passphrase.
I did a restore from the original back-up file ... which also seemed to be successful!
I was expecting the restore to fail using this backup file, when the temporary passphrase had not been input to the Ledger.
Does the back-up script ignore the 25th word when encrypting the backup file, and subsequently restoring, whether this word is present or not, when the back-up is created?
(I created another backup without any passphrase installed on the Ledger: The 2 backup files seem to have identical sha256sums - so I assume the presence of a passphrase does not affect the encryption output of the backup files?)
Thanks.