Open MaxHillebrand opened 5 years ago
When the wallet is closed, encrypt the sensitive data [zpub, labels, anonset etc, probably everything other than wallet name and fingerprint] with the password the user set at wallet creation.
This is not possible because Wasabi doesn't store the user password (passphrase).
Problem
Wasabi is a privacy focused wallet, and it is succeeding on many fronts already. However, for every wallet, the master public key - the information needed for COMPLETE deanonymization of the transaction history - is in clear text within the
.walletwasabi
folder. An attacker would need access to the disk, and yes, when that is the case, we assume that everything is screwed, but we should do our best to defend as much as possible.Solution
When the wallet is closed, encrypt the sensitive data [zpub, labels, anonset etc, probably everything other than wallet name and fingerprint] with the
password
the user set at wallet creation.When loading a wallet, the password is required to decrypt this sensitive information, and then load the wallet.
Advantages