-
Notifications
You must be signed in to change notification settings - Fork 422
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: Remove seed and password from full node config #76
Comments
Ran across this in other cryptos. A temporary solution is to delete the seed and password from the config file after the node is running. Of course if for some reason the node is stopped, the seed and password has to be added to the config file before starting. |
Hello!
So, while In this case, you need to enter And according this definition private key or seed must be in memory, for working node, Also, addresses on the node, you can see here http://127.0.0.1:6869/addresses |
This is an old request, but there isn't really any suggestions on how to secure this, Pretty much its just start the node and then delete sensitive information... which obviously means needing the wallet data every time you want to restart... not an optimal solution. I would propose a change in the way that mining works. My suggestion is something like this: A node that generates its own wallet address and private key that is stored in memory but not shared with the node owner. A node owner adds their private wallet address (a unique address not attached to their node) to their config file. A new transaction type (mining_transaction) that has a zero send fee. Upon a successful rolled block, the node automatically sends the transaction to the node owners private wallet using the new transaction type 0 thus no added fees. In this case if anyone ever hacked the node server or if some hosting employee decides its time to steel crypto and quit their job there is nothing in the node config - just a single address with no keys, passwords, or details. Just an idea that I hope might add some ideas behind this very old suggestion. |
for security reasons I would propose to remove the seed and the password from the config file.
If there is a zero day exploit in java / waves an attacker could get access to the wave daemon / waves user. as waves user he get access to the wallet, the seed and the password via the config.file
From my understanding the wallet is created using the seed. the Seed may be used to recover the wallet but with a wallet in place there is no need to have the seed anymore.
The process of encrypting and unlocking the wallet should be moved to runtime which could be triggered by a new action "/wallet/encrypt" and "/wallet/unlock" similar to well known qt-wallets. The encrypted wallet could remain in memory.
If the seed is needed for address generation it could also be stored in the encrypted wallet.
seed and password in cleartext in a (on default install) world readable file should be avoided.
regards
The text was updated successfully, but these errors were encountered: