-
-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lots of duplicate auth stuff in the store #350
Comments
Could you give me some more context on how these values are being added again and again? For instance, is this a script being re-run? Is there a way we could avoid re-adding things? Unfortunately, content addressed storage would allow someone with access to I considered encrypting the addresses, but as values need to be encrypted with a new initialisation vector each time the encrypted address always comes out differently, making it impossible to check for its presence in one call. |
Mhm, pretty much just naive usage of the apis - my test server is starting up with I guess I could do a So I guess it would just be a convenience thing, if these methods were idempotent? I guess the above logic could be implemented inside the method, instead of in the caller.
Ahh, I see, we're also trying to cover someone stealing the local encrypted auth store.. |
The reason I'm hesitant to do this is also to do with all the keys being encrypted: to find a keypair, we need to iterate over all them until we find what we're looking for. This might not be so bad with keypairs, but there could be many caps. |
🤔 What about using If you don't use nonces with aes-gcm-siv, the only thing an attacker can observe is if the same plaintext is encrypted multiple times - but that doesn't matter for this use-case because that's kinda the point of making it the key in the key-value store, we want it to be encrypted the same way each time. |
That could work! As this algorithm is not available in Webcrypto, we'd need to consider how much weight the added dependency (e.g. https://github.com/paulmillr/noble-ciphers) would add on top of the Earthstar web bundle. I'd be more than happy to do that investigation if a PR with the actual change to aes-gcm-siv was added! |
What's the problem you want solved?
If I call
mintCap
, oraddExistingIdentity
etc - these get added into the local indexeddb, even if they already exist.Is there a solution you'd like to recommend?
Instead of storing at a random location - use content addressed storage?
Or for identities, store by the public key etc
The text was updated successfully, but these errors were encountered: