Wallet handing staking key to block production should be end-to-end encrypted #801
Assignees
Labels
block-production
Block-production related issues
rpc
Everything related to RPC
security
Security-related issues
Milestone
Comments
TheQuantumPhysicist
added
rpc
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The initial plan for testnet is to hand the private key without encryption from the wallet to the block production (on every block). This isn't a huge risk on a single machine unless someone is sniffing connections with something like wireshark, though it's good practice to never hand keys with clear connection. Also, we have to be ready for dumb people who will do dumb things and pass the wallet connection directly over network with no ssh tunnel or encryption of any kind. Better be ready for that.
Consider using this library to create the facility of end-to-end encryption shared key with Diffie-Hellman protocol: https://crates.io/crates/x25519-dalek
Then use our Chacha20-Poly1305 encryption tools that we already wrote in the crypto crate.
The text was updated successfully, but these errors were encountered: