search

cosmos / cosmos-sdk

:chains: A Framework for Building High Value Public Blockchains :sparkles:
https://cosmos.network/
Apache License 2.0
6.08k stars 3.5k forks source link

Recommendations for User Key Management? #1286

Closed ttmc closed 5 years ago

ttmc commented 6 years ago

Is this a BUG REPORT or FEATURE REQUEST?

It's more of a documentation request.

End users of an app developed using Cosmos SDK will need some way to manage their keys. In particular, they want to keep their private keys extra safe, maybe inside a small HSM that never reveals them; it just signs stuff. In the blockchain space, these things are often called "wallets," but that name gets weird if the app is managing things that aren't cryptocurrencies.

It would be great to document some recommendations or best practices for user key management. Maybe there are apps or hardware devices that work well with certain kinds of keys (e.g. ed25519 keys)? If so, which ones? Maybe there are some good websites that review key management options / wallets? If so, maybe link to those.

There's already a page in the Cosmos SDK docs about Key Management.

Note: This issue began its life as tendermint/tendermint#1750 but I closed it there because it's more of a concern for application developers, including anyone using Cosmos SDK.

ValarDragon commented 6 years ago

To my knowledge, we're planning on doing ledger integration. (You can see whats going on on that front here) Additionally the command line interface has another key management service, wherein keys are created via BIP 32 HD (also supports the fundraiser spec), and symmetrically encrypted on disk. I believe that voyager is going to use the command line interface's keys by default? (I'm not sure at all on this point)

zmanian commented 5 years ago

@jessysaurusrex For awareness.

faboweb commented 5 years ago

Currently Voyager uses the "CLI" key management via the binary.

Dev Ojha notifications@github.com schrieb am Sa., 16. Juni 2018, 07:33:

To my knowledge, we're planning on doing ledger integration. (You can see whats going on on that front here https://github.com/cosmos/ledger-cosmos) Additionally the command line interface has another key management service, wherein keys are created via BIP 32 HD (also supports the fundraiser spec), and symmetrically encrypted on disk. I believe that voyager is going to use the command line interface's keys by default? (I'm not sure at all on this point) @faboweb https://github.com/faboweb do you know?

I don't know of any partnerships with current wallet creators.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/cosmos/cosmos-sdk/issues/1286#issuecomment-397816279, or mute the thread https://github.com/notifications/unsubscribe-auth/AFmO2R7g7VSrAjYMQvLdUKZ8yHCP-Oklks5t9Rc7gaJpZM4UqY3x .

jackzampolin commented 5 years ago

Going to close this issue as having a non specific recommendations. We have also since this was opened merged ledger support, created a library for supporting HSMs for validators, produced associated docs, and other work.