Encrypt private key by passpharse

Question

Encrypt private key by passpharse

thanhson1085 opened this issue 6 years ago · 4 comments

The private key is stored in masternode, it should be encrypted by passpharse.
It will improve the security

Answer 1 · 2018-09-27T04:52:53.000Z

This issue is actually related to the tomochain/tomochain repo. I created BuildOnViction/victionchain#193 .

I do not think we should keep the pkey at all (it's not required as the account is already created).
It is the responsibility of the user to keep track of the private key.

Answer 2 · 2018-09-28T02:46:28.000Z

Yes, not only remove private_key file, but tmn also should provide --password option. So use can input they password to encrypt the private key
https://github.com/tomochain/tomochain/blob/e20d9797fff6af3d655bd648f53c2c2bd7a74959/docker/tomochain/entrypoint.sh#L100

Answer 3 · 2018-09-28T03:25:43.000Z

@thanhson1085 Ah I see what you mean.
For now a random one is assigned:

tomochain/tomochain entrypoint.sh#L87

Is it not enough? I can't see the scenario when the user would need to use the password or need to know it.

Or do you mean that the password should not be stored in the container?
If it's not stored in the container we have two option:

store it on the host in tmn's configuration. (security wise it's kind of same same)
not store it at all, user have to input it on each tmn start

Answer 4 · 2018-09-28T04:09:36.000Z

I think that is enough, should close this issue.