ryansheh
commented
2 years ago Managing keys through a service (Google, Dropbox, etc) or passing keys from the custodial to standalone wallet share the requirement of encrypting text, whether it be the private key or mnemonic phrase. To reduce exposure, not all wallets allow it, as the most reliable way to securely hold an account is physically storing your mnemonic phrase.
If we were to secure a document, with the text, that's importable/exportable, there are several existing encryption methods out there.
Recommendation is involving PBKDF2 and ChaChaPoly, handling like BRD does.
BRD - 2 Step Encryption PBKDF2, ChaChaPoly, Pin Encryption.
- Create keyData with pin and salt with pbkdf2 encryption algorithm.
- Convert keyData into a CryptoKit's (Apple Native) SymmetricKey with mnemonic, pin and salt (length 64) and "seal" data using ChaChaPoly with SymmetricKey.
- In order to decrypt, get symmetric key with pin and salt, and "open" encrypted data with ChaChaPoly using said symmetric key.
VivoPay is similar to BRD except strictly relies on password protecting with ChaChaPoly.
Nova/Fearless exports keystoreData(address, keys), encrypts with Scrypt and password, and then encoded into JSON data to be exported to keychain. However this only seems to be importable/exportable within the same wallet (saved within keychain), and not others.
Narrative: As a user, I would like to be able to backup my seedphrase securely on my device, so that I can retrieve it in the event I need to make changes or transfer my keys.
Overview: This story is to support backing up a users seedphrase securely on device.
Requirements: