nikolafon
commented
7 years ago Another approach would be that user would enter only email and passphrase and backup link would be sent to the users email address. This link is the key to all the user assets and it can easily be activated at any time on any browser and start spending assets. When user opens a link the authentication screen will be show where user needs to enter passphrase to access the wallet funds. With this approach a user is responsible for the wallet funds and doesn't need to trust the app to store the encrypted keys online. This could be less secure because someone can get into possession of the encrypted keys more easily because they are in the link itself. Consider using window.location.replace() when link is opened to prevent the browser to store the backup link in the browser history.
User will be able to sign in with different authentication providers. Authentication will be provided by Google Firebase so it should be fairly secure. Two factor authentication will be supported as well. All communication with the Firebase will be over secure HTTPS connection.
Upon creating account user will be able to create wallet which will be encrypted with strong encryption algorithm like AES256 based on passphrase as encryption key. Wallet file will contain SHA256 hash of the passphrase and AES256 encrypted private key of the given crypto currency. Javascript library https://www.npmjs.com/package/crypto-js looks like one of the choices.
User will be able to choose to store the wallet file offline in which case anytime user signs in another browser wallet file must be imported into browser local storage in order to spend cryptocurrency amount, or online in the cloud in which case the wallet file will be synced with all devices where user is logged in.
In both cases user MUST enter passphrase prior to sending money to another address from the Coinsack wallet.
User should be able to download wallet file and store it locally in case online backup was chosen. I must also be possible to remove the wallet file from the online storage on demand from the web app itself. Wallet is secure as much as users passphrase is strong so creation of strong passphrase must be enforced.
Usage of mnemonic passphrase is discouraged as malicious screen capture malware or key logger can get into position of the the phrase and therefore they have users private key.
Usage of QR code of the private key as paper storage is also discouraged for the same reasons as above although it has some benefits that every time instead of entering username password to send funds user can just scan QR code.
Coinsack wallet should have at least two attack vectors. A attacker must have both user credentials and the wallet file in order to steal funds.
Downside is that user must enter passphrase every time funds are to be send. To make this easier for the user we can store private key in the session store which will be invalidated after user closes the browser window but that has further security implications.