unseal documentation incomplete

[jmls]

You need to pass a share to the unseal function on vault : there is no documentation of the parameters required to unseal

[jmls]

hmm, actually, looking at the code, it seems that you are passing an array of keys to the unseal, using sample .. this worries me on a couple of levels

primarily - I do not know all of the keys. I have 1 share. So when we need to unseal, several people have to post their share. How do I know when I have reached a threshold in order to call the unseal() ?

Secondly, what's the _.sample() function used for ?

Thirdly - I do not like the idea of the keys being stored in memory after the vault has been unsealed. This is a security risk

[kenjones-cisco]

I've been considering changing this myself as the intent is for multiple parties to work together to unseal the Vault. From a simplicity / ease of use, I'm assuming it was done this way to that you can call init and then chain unSeal and the initialization and unsealing happening for you. But as your rightly point out, this means all the keys are together in one place which is a security hole.

I will look at doing something along the lines of the following:

• [ ] Add options parameter to unSeal to accept a single key
• [ ] Make keys attribute obsolete or work on in DEV mode to aid in automated testing. (TBD)

The _.sample function from lodash basically says pick a random value from the Array such that only a single value is passed to the actual Vault API. That is why unSeal recursively calls itself until the Vault is unsealed.