Closed dwalintukan closed 6 years ago
cool 👍 just so were on the same page:
@dwalintukan The new version of qtumjs-wallet (0.0.7) has been released:
network. fromEncryptedPrivateKey
you can use these methods to encrypt/decrypt wallet private key.
@scriptfans awesome, will implement this soon! thanks.
@dwalintukan we set the parameters s.t. it takes about 3 seconds to decrypt.
@hayeah got it. we will account for the lag with the loading screen.
hmm. also considering unlocked session https://github.com/bodhiproject/qrypto/issues/68, we'll want to store the password (in fact, hash of the password) in memory so until timeout user can use the session without having to re-enter the password.
i thiiiink the password hash in memory could be bip38.encrypt(userPassword, "qrypto")
, where "qrypto" is a fixed string. This should be enough to avoid rainbow table attack.
It turns out that the web wallet does not store private keys.
But we can use BIP38: http://cryptocoinjs.com/modules/currency/bip38/
https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki