-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Private keys should be encrypted #826
Comments
We are going to move the key out of the config file and encrypt it at some point. |
related #783 |
This should be addressed once the keystore is implemented |
My proposal for multikey was embedding key protection schema in to the multikey itself, I don't know if we want to go with it, but it would be nice thing to have. |
@Kubuxu can you explain more?
|
ipfs/specs#58 |
While on my work on the #5947, which I am now porting to Is this desired way how to approach this? To my understanding, it does not use multikey/linked-data key, but it implements encrypted keys handling. |
Hmmm it seems like they follow this spec: https://github.com/ipfs/specs/tree/master/keystore |
Eventually, yes. I have a PR that I never really finished to add pluggable keystore support to enable use-cases like this: #6069. However, go-ipfs doesn't currently have a way to prompt the user for a passphrase. |
Hmm. From what I see What do you think is currently the right way to approach this? Or should this be postponed for now? |
I'd rather not go that route. Any password passed with
That just shuffles the problem around a bit. |
Same as with
|
Yeah, I figured that this might be a problem and I have guessed right that similar approach to Only I am a bit worried about the UX implications of this. As for every invocation of a command that needs keystore access, there would have to be this prompt (eq. reentering passphrase all the time). What sort of commands require keystore access? What about |
Any updates on this problem? Don't know if it is relevant, but maybe for inspiration, you can also have a look at how ethsigner solves this problem: https://consensys.net/docs/ethsigner/en/latest/Concepts/Overview/ |
You could encrypt the entire config file, but by default ipfs should password protect the private key (setup during init process) and not store the private key in the clear on disk (or ideally in memory that could be leaked, but that is a lot harder).
The text was updated successfully, but these errors were encountered: