search

vishalxl / nostr_console

Nostr console is an open-source twitter-like social network, direct chat app and group chat all bundled into one program. Built on the decentralized Nostr protocol.
GNU Affero General Public License v3.0
441 stars 33 forks source link

--prikey option should be removed #34

Open Lvceo opened 1 year ago

Lvceo commented 1 year ago

--prikey option should be removed as it's a security breach, IMHO.

What about having this shown to every user logged into the system?

$ ps ax | grep nostr
 553521 pts/1    Sl+    0:02 ./nostr_console_elf64 --prikey 680a0693d62e04198472d6def92b801d11fbd417f223000d45f4bbb1e6a3a851

Private key should be imperatively passed over a dotfile in HOME DIR.

vishalxl commented 1 year ago

good point. what about the idea of having a password encrypted dotfile? Would this be needed for example on windows ? Linux has file permissions, but do we still want files containing private keys to be encrypted by some other password?

Lvceo commented 1 year ago

IMO @vishalxl , this should be working like the SSH client (which use PKI more or less the same way as nostr). dotfile should not be encrypted, authorization is already done by user logging into his account, this user is already protected by the OS security implementation. Like referred in #35 having a file in 600 mode is enough to avoid other users accessing the same FS. Having a look to SSH man page, in the FILES section, you will see a quick description of private key storage (for instance ~/.ssh/id_dsa). If you respect this, you are OK. May be a dotdir would be preferable to provide more flexibility for the tool, like multi account feature (different priv/pub keys), and storing preferences for each of them separately.

jblachly commented 1 year ago

dotfile should not be encrypted

Concur 100%; dotfiles even with authorization credentails (example of .ssh config given, but also e.g. AWS credentials file) are just mode-protected