motoras
commented
6 years ago Tony, what is this all about? It is the first time I heard about it. I had no idea that this was assigned to me.
Open tonygonzalezuk opened 6 years ago
motoras
commented
6 years ago Tony, what is this all about? It is the first time I heard about it. I had no idea that this was assigned to me.
UI - database - encrypt columns holding user private data Encrypt user private columns in the database using the Sodium encryption library - use the chacha20 encryption method. Do not encrypt data that is needed for searches or data that is already publicly available in the blockchain.
we should encrypt everything that might identify a user eg a user's email address we use the user's password to encrypt the data
the user provides the user email address and the password and then you encrypt the email address using the password as the key
it should be impossible to read the email address using simple SQL
we need to add an encrypted store to map sendCompId and password to the (an encrypted form of ) the secret key (encrypted using chacha20)