Encrypt secrets with libsodium, password required to send
All checks were successful
check / check (push) Successful in 14s
All checks were successful
check / check (push) Successful in 14s
vault.js: Argon2id key derivation + XSalsa20-Poly1305 encryption via libsodium-wrappers-sumo. No raw crypto primitives. Wallet creation now requires a password. The mnemonic or private key is encrypted before storage — only the ciphertext blob (salt, nonce, ciphertext) is persisted. The plaintext secret is never stored. Sending requires the password to decrypt the secret, derive the signing key, and construct the transaction. Wrong password is caught and reported.
This commit is contained in:
@@ -476,9 +476,9 @@ Everything needed for a minimal working wallet that can send and receive ETH.
|
||||
|
||||
### Sending
|
||||
|
||||
- [ ] Encrypt recovery phrase / private key with password via libsodium
|
||||
- [x] Encrypt recovery phrase / private key with password via libsodium
|
||||
(Argon2id + XSalsa20-Poly1305)
|
||||
- [ ] Password prompt on Send (decrypt private key to construct transaction)
|
||||
- [x] Password prompt on Send (decrypt private key to construct transaction)
|
||||
- [x] Transaction construction via ethers.js (to, value, gasLimit, gasPrice)
|
||||
- [ ] Gas estimation and fee display before confirming
|
||||
- [x] Broadcast transaction via `eth_sendRawTransaction`
|
||||
|
||||
Reference in New Issue
Block a user