tomastiminskas
commented
2 years ago Just to clarify, the encrypted Android preferences are used to store:
- Public and Private encryption keys
- Relay Url and Authentication Token
- Relay Transport key and HMac signing key (recently implemented)
All those items and some others are stored after being encrypted using the 6 digits PIN (symmetric encryption), but the PIN is not stored. When authenticating user will enter his PIN and it will be use to try to decrypt the encryption keys stored on shared preferences. If this action success then user is logged, otherwise it's not.
This can be replaced by a encrypted sqlite instance as suggested in the ticket
The kotlin android app used encrypted Android preferences to store the user PIN. Since this isn't multiplatform we could more easily create encrypted sqlite instance on the user device to store user preferences like PINs and such. This would help keep the pin management logic multiplatform.