atomicDEX-API icon indicating copy to clipboard operation
atomicDEX-API copied to clipboard
verified publisher icon KomodoPlatform

Seed generation, encryption and storage support

Open shamardy opened this issue 2 years ago • 2 comments

Cryptographic operations shouldn't be the frontend/GUIs responsibility. Instead, they should be handled by the DeFi framework. To achieve this we should:

  • Allow initialization of the framework without a seed, in this case, a seed must be generated, encrypted and saved for reuse in a secure manner. It would also be good to create encrypt/decrypt APIs that GUIs can use to send files/data to the defi framework to encrypt before they can save it on their side or to decrypt after loading it from storage.
  • Seed generation should support BIP39 standard plus any other used/known standards.
  • This can be part of the crypto crate which includes the crypto context for HD/HW/Metamask/etc.. or a new crate can be created specifically for this. The idea is to separate this critical code from other non-critical parts.
  • We already use tiny-bip39 lib to create the HD wallet seed/secret from the Mnemonic phrase passed on initialization. This lib contains implementations for creating a new Mnemonic phrase from entropy. We need to check the library for any known issues before using it for this purpose.

ref: https://github.com/KomodoPlatform/komodo_encryption_tool/pull/1#issuecomment-1651230832, https://github.com/KomodoPlatform/komodo_encryption_tool/pull/1#issuecomment-1678687099 C.C. @ca333 @Alrighttt @yurii-khi

shamardy avatar Aug 15 '23 15:08 shamardy

For the library to use for mnemonic phrase generation I suggest rust-bip39, it's actively maintained unlike tiny-bip39 which we currently use for converting the phrase to bytes. rust-bip39 is also part of the Rust Bitcoin Community which is maintained by blockstream and the bitcoin community. It also includes pbkdf2 implementation if we decided to use it for seed encryption/hashing, if we decided to use Argon2 instead I suggest this library https://github.com/RustCrypto/password-hashes/tree/master/argon2, Argon2 is slower or more resource-intensive on mobiles or embedded systems though since it requires a large amount of memory.

@Alrighttt @ca333 @DeckerSU I would like your opinion on the above and which of pbkdf2, Argon2d, Argon2i and Argon2id should we use. I also think rust-bip39 should be checked from security perspective before using it, but it's ok for me if you check it on the PR instead since switching libraries shouldn't be a big problem.

shamardy avatar Nov 10 '23 11:11 shamardy

Checklist

  • [ ] Research Web Crypto APIs and if I should go back to using openssl for non-wasm and Web Crypto APIs for wasm.
  • [ ] APIs to encrypt and save, decrypt, encrypt and return data. https://github.com/KomodoPlatform/komodo-defi-framework/pull/2014#discussion_r1489424568
  • [ ] Update adex-cli with the changes here.
    • [ ] Also remove tiny-bip39 crate and use bip39 instead in adex-cli.
    • [ ] Zeroize sensitive data in CLI too
    • [ ] Seed generation shouldn't be done from CLI anymore
  • [ ] Covering more test cases.
  • [ ] Complete zeroization of sensitive data and disabling memory swapping for them https://github.com/KomodoPlatform/komodo-defi-framework/pull/1933#discussion_r1298188011
  • [ ] Explore newly used crates features more to optimize performance, e.g. aes has some features to optimize compilation size vs performance on certain architectures.

Future:

  • [ ] Support different key derivations and encryption algorithms for the framework (SDK)

shamardy avatar Apr 08 '24 19:04 shamardy