Open holiman opened 4 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Don't close. I think it's an important improvement.
The
clef
binary is meant to be a secure key management tool, which can be used to separate key management from the actual node operation.It inherently uses the same data model that's already in the go-ethereum library, which is,
However, there is one usecase which doesn't really fit; when a user has millions of keys. The problem with the keystore is,
Primary problem
json
for theaddress
element, andThis works fine for a handful of addresses, but does not scale.
In order to cater for this type of usecase, we would need an additional data storage format -- not based on keystore files. A problem with keystore files, is that although the actual address is commonly in the actual filename, this has never been mandated.
Secondary problem
There is also a secondary problem: apart from the actual key data,
clef
maintains a separate database of metadata, contaiingIf a user has 5M keystores, it should also be possible to have 5M passwords. Currently, this would probably not scale well. Although each password is individually encrypted in an aes-gcm container (so the entire thing doesn't need to be decrypted), I suspect that it might be pretty slow to access one of them, since the whole thing is loaded into memory first.
Possible solutions
Add a generic backend for database-backed keystore, where a somewhat generic database can be configured. The database should be able to answer queries about what addresses exist, and delivery encrypted keystore json. Users can then configure this with arbitrary SQL database, either locally or remote. This has the upside that it's totally up to
clef
to maintain integrity and robustness of the database -- it will be up to the user to manage the database.Add a non-generic database, e.g. leveldb or sqlite or something custom. If we do something custom, it's highly important that the db is robust. Database corruption, resulting in the loss of keystore data is not acceptable.