Labels Milestones

New Issue

Encrypt senttxstore #65

Open

opened 3 years ago by duke · 0 comments

duke commented 3 years ago

Owner

It stores a lot of metadata! Leaving it unencrypted in plaintext on disk does not seem to protect our users privacy by default.

This has become more important. Zaddrs and txids in this sentxstore are stored decrypted on disk, and another user on the same machine can easily use a bug to escalate permissions and read this file. It is not safe to have this senttxstore on a computer that it shared with others.

We could have users set a PIN which is required to open the wallet, which decrypts the senttxstore and maybe other config files. It's not perfect but moves the bar.

It stores a lot of metadata! Leaving it unencrypted in plaintext on disk does not seem to protect our users privacy by default. This has become more important. Zaddrs and txids in this sentxstore are stored decrypted on disk, and another user on the same machine can easily use a bug to escalate permissions and read this file. It is not safe to have this senttxstore on a computer that it shared with others. We could have users set a PIN which is required to open the wallet, which decrypts the senttxstore and maybe other config files. It's not perfect but moves the bar.

fekt referenced this issue 2 years ago

missing any form of indication that SD wallet sent a memo #84

duke referenced this issue 2 years ago

Encrypt on-disk metadata #96

duke added the

high priority

feature

labels 1 year ago

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

chat

custom_themes

danger

dev

duke

importviewkey

master

no_mining_until_synced

old_duke

onryo

recurring

0.4.0

0.4.1

0.4.2

0.4.3

0.5.0

0.5.1

0.5.10

0.5.11

0.5.3

0.5.4

0.5.5

0.6.0

0.6.1

0.6.10

0.6.11

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

0.6.7

0.6.8

0.6.9

0.7.0

0.7.1

0.7.2

0.7.3

0.7.4

0.7.5

0.7.6

0.7.7

0.7.9

1.4.2

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.3.0

v0.3.1

v0.3.2

v0.5.2

v0.5.6

v0.5.7

v0.5.8

v0.5.9

v0.7.5

v0.7.6

v0.7.7

v0.7.8

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.9.0

v0.9.1

v0.9.2

v1.0.0

v1.1.0

v1.2.0

v1.3.0

v1.3.1

v1.4.0

v1.4.1

v1.4.2

Labels

Apply labels

Clear labels

0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it tor
related to tor translation
translation update windows
related to windows wontfix
this won't be fixed

No Label 0-500 bounty 2001-5000 bounty 501-2000 bounty arm beginners bug build documentation feature high priority i2p low priority medium priority question release tor translation windows wontfix

Milestone

Set milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Assign users

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview

Loading…

Cancel

Save

There is no content yet.