Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Confirm that RFC-0153 - Stage 1b is implemented correctly #4954

Closed
stringhandler opened this issue Nov 24, 2022 · 3 comments · Fixed by #4999
Closed

Confirm that RFC-0153 - Stage 1b is implemented correctly #4954

stringhandler opened this issue Nov 24, 2022 · 3 comments · Fixed by #4999
Assignees
@SWvheerden
Labels
A-mobile_wallet Area - related to Aurora, the mobile wallet C-question Category - Further information is requested
Milestone
Stagenet Freeze

Comments

@stringhandler
Copy link
Collaborator

In the RFC, stage 1b says:

The seed phrase MUST NOT be stored on the cloud in Stage 1b. Doing so would result in all future funds of the user being lost if the backup were ever compromised. Since the backup is unencrypted in Stage 1b, we store the minimum amount of data needed to recover the funds and limit the potential loss of funds in case of a breach to just that found in the commitments in the backup, which should not be more than $50.

We need to confirm that the wallet code does this correctly
@stringhandler
Copy link
Collaborator Author

Also need to confirm whether onesided payments private keys are stored in the backup

@stringhandler
Copy link
Collaborator Author

There should be covering integration tests checking these stages

@stringhandler stringhandler added C-question Category - Further information is requested A-mobile_wallet Area - related to Aurora, the mobile wallet labels Nov 28, 2022
@stringhandler stringhandler moved this to Selected for development in Tari Esme Testnet Nov 28, 2022
@stringhandler stringhandler added this to the Stagenet Freeze milestone Nov 28, 2022
@SWvheerden SWvheerden moved this from Selected for development to In Progress in Tari Esme Testnet Nov 29, 2022
@SWvheerden SWvheerden self-assigned this Nov 29, 2022
@SWvheerden
Copy link
Collaborator

The wallet code definitely does not do this correctly.

Seed phrase is decrypted and stored in the wallet SQL file.

We need to re-architecture how we do this.
Currently, the mobile wallets on recovery just dumps the database in place,

This was referenced Nov 29, 2022
Closed
Merged
@SWvheerden SWvheerden moved this from In Progress to In Review in Tari Esme Testnet Dec 6, 2022
stringhandler pushed a commit that referenced this issue Dec 8, 2022
@SWvheerden
feat: add utxo import and export for ffi (#4999)
9cda0bb 
Description
---
Add the ability to export and import utxos to the faucet

Motivation and Context
---
We need to be able to backup the utxo's without exposing all private information from the wallet. 
This only exposes the limited selection of private keys that are exported

How Has This Been Tested?
---
Unit tests. 

Fixes: #4954

Open question:
Do we only export the unspent set, or do we export the spent and unspent?
Repository owner moved this from In Review to Done in Tari Esme Testnet Dec 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SWvheerden SWvheerden

Labels
A-mobile_wallet Area - related to Aurora, the mobile wallet C-question Category - Further information is requested
Projects
Tari Esme Testnet
Archived in project
Milestone
Stagenet Freeze
Development

Successfully merging a pull request may close this issue.

feat: add utxo import and export for ffi SWvheerden/tari
2 participants
@SWvheerden @stringhandler