waxwing75d agoQuestion for @ccac436a…d4fad715 : why is the mnemonic stored unencrypted on the hard disk?
💬 4 replies
Replies (4)
waxwing75d agoI agree that an unencrypted wallet is a defensible *option* - e.g. Electrum iirc allow you to not set a password (many wallet don't allow it). But I can't see a rational reason to just not offer the option? It's not like the user is warned that their mnemonic is sitting in plaintext on disk.
0000 sats
waxwing75d agoAlso, on reflection, I don't really agree with the characterization "only defends against a narrow set of attacks". To me, it's a broad and significant set of attacks that are defended against with encryption at rest: the most likely way to get your secrets stolen is for someone to get access to your physical hardware (stolen laptop; evil maid attack), or perhaps getting access to backups of your filesystem. True that someone actually taking control remotely is a big risk too, especially on Windows, but that is such a catastrophic failure mode that nothing matters .. not a good excuse to have zero defences imo - people regularly assume some level of security at least on MacOS and Linux and they should be able to, I think. A desktop is not a phone.
Anyway all arguable I guess. But not giving the option or any warning - I don't see a justification of it, really.
000
waxwing74d agoRight, understood. I think it's enough to just document the choice, though personally I think desktop wallets should always have an encryption option, I do understand that Liana is principally targeting HW signing, right.
0000 sats