Web3 Keystore compatibility

[youngjoon-lee]

There is already a TODO:

panacea-js/src/crypto/index.js

Line 167 in 960607d

// TODO @ggomma check compatibility with old panacea-js

This code uses

• key derivation function: pbkdf2
• cipher algorithm: aes-256-ctr

However, Web3 Secret Storage Definition says the cipher algorithm should be aes-128-ctr, not aes-256-ctr.

All minimally-compliant implementations must support the AES-128-CTR algorithm

On the contrary, panacea-core uses

• key derivation function: scrypt
• cipher algorithm: aes-128-ctr

I would suggest that the cipher algorithm of panacea-js should be replaced with aes-128-ctr.
Also, for the compatibility with panacea-core, we need to decided the KDF (pbkdf2 vs scrypt).

If panacea-js has being used for many services, the backward-compatibility would be a critical issue.
If it's the problem, I can modify panacea-core because the keystore is used only for DID in panacea-core. There's no backward-compatibility issue. But still, the cipher algorithm should be aes-128-ctr.

[youngjoon-lee]

After discussing with @cl9200 in Slack, we decided to use PBKDF2. I will change the panacea-core: medibloc/panacea-core#38.

About the cipher algorithm, the aes-256-ctr has already being used in https://wallet.gopanacea.org/#/.
So, let's take the following strategy:

• Storing: Use aes-128-ctr according to the Web3 Secret Storage Definition.
• Loading: Support both aes-256-ctr and aes-128-ctr for backward-compatibility.