-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NFC backup. can store wallet address, spend key ,view key, seed, block height in NFC(Authenticated by the NFC default key now) #282
base: master
Are you sure you want to change the base?
Conversation
add nfc backup ui
Add Input NFC Password
http://www.docjar.com/jar_detail/sunjce_provider.jar.html ? has a different sha256sum than the commited file http://jacksum.net/en/download.html ? has the same sha256sum as the commited file but when you read the legals it is imo blocking the addition:
not sure if this is Apache compatible From a first code skim it is visible that this library is only used to create a crc: suggestions:
is messing with the reviewer.
I like the idea to move the wallet off the phone to a different device. Can you point out compatible vendors? How does this differ from #133? and how can the restore code be shared? |
ok, I will replace Jacksum.jar, and lint the code , etc.. |
@jenniferberger Yes, the NFC Backup is similar to #133. but it is more convenient and security I think. they can use the same restore code. |
|
also, maybe NFC functions should only be shown if NFC is enabled? |
@m2049r com.sun.crypto.provider.SunJCE is in lib/sunjce_provider.jar |
When reading it again (thanks for the lint) with a bit distance it feels like a patch that enables leaking the most sensitive information over an unsecured wireless interface. There should be no code that does that in the app. Its hard to audit and physically verify. |
@jenniferberger Thanks for reply. The NFC reading/writing distance is very short (less than 5 cm),so it 's hard to leak any information. Acturelly there are some similar NFC key storage devices now. see https://www.youtube.com/watch?v=5nOzobRr4kc. And we also have most secure NFC chips (the space wave is encrypted) for the most secure levels. We can use these kind of chip if necessary. |
@jianjunchu after spending over 12 hours with this code and rewriting most of it I still can't figure out what the memory layout of the NFC tags is. On the one hand you have AUTH0/AUTH1 at pages 241/242 and on the other you have the key stored in pages 0x2C-0x2F which is in the middle of where you are storing the viewkey! Also the tag authenticates any(!) key. I could not find any code you have which actually sets the tag's keys. Please post a spec of the tags used. Also, I am not really sure what the purpose of the authentication is in this scenario. Unless we create a key from user input it seems pointless, as all devices would have the same code. |
TODO: