Don't store encrypted seed entropy

jolocom / smartwallet-app

A decentralized self sovereign identity solution developed by Jolocom.

https://jolocom.io

Other

80 stars 38 forks source link

Don't store encrypted seed entropy #1486

Open mnzaki opened 4 years ago

mnzaki commented 4 years ago

Description

Don't store the seed entropy, even if encrypted (password is in OS keystore). Instead store the derived key pairs directly. This will provide for added security (phone compromise is not necessarily a seed compromise any more). It will also make #1427 trivial

Current idea is to use the persona table to store the generated keys (encrypting the privateKey of course) and DID.

chunningham commented 4 years ago

@mnzaki this is something we should look at in the typeorm sdk storage stuff

mnzaki commented 4 years ago

Is this even in the notion backlog?