Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

eth-wallet: password flow based on the hash stored on the fs #15027

Merged
merged 1 commit into from
Aug 15, 2018
Merged

eth-wallet: password flow based on the hash stored on the fs #15027

merged 1 commit into from
Aug 15, 2018

Conversation

Slava
Copy link
Contributor

@Slava Slava commented Aug 15, 2018

Versioning of the eth-wallet app is difficult so this update includes:

ryanml
ryanml reviewed Aug 15, 2018
View reviewed changes
app/ethWallet-geth.js Outdated

ipcMain.on('eth-wallet-store-password-hash', (e, str) => {
bcrypt.genSalt(10, (err, salt) => {
if (err) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In any case we are checking for if (err), let's go ahead and output it via console.error

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@Slava Slava force-pushed the eth-wallet-password branch from 535e858 to e16edc8 Compare August 15, 2018 01:21
ryanml
ryanml reviewed Aug 15, 2018
View reviewed changes
Copy link
Contributor

@ryanml ryanml left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine by me, let's have the sec team take a look

diracdeltas
diracdeltas reviewed Aug 15, 2018
View reviewed changes
app/ethWallet-geth.js Outdated
})

ipcMain.on('eth-wallet-store-password-hash', (e, str) => {
bcrypt.genSalt(10, (err, salt) => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

10 is kind of a small factor. did you benchmark this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bumping it to 14, on my macbook it take 1.320s.

diracdeltas
diracdeltas suggested changes Aug 15, 2018
View reviewed changes
Copy link
Member

@diracdeltas diracdeltas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good except the bcrypt rounds seems kind of small

@Slava Slava force-pushed the eth-wallet-password branch from e16edc8 to 919d900 Compare August 15, 2018 17:19
@Slava Slava merged commit 9a22ba4 into brave:master Aug 15, 2018
Slava added a commit that referenced this pull request Aug 15, 2018
@Slava
Merge pull request #15027 from Slava/eth-wallet-password
c1d1fe9 
eth-wallet: password flow based on the hash stored on the fs
Slava added a commit that referenced this pull request Aug 15, 2018
@Slava
Merge pull request #15027 from Slava/eth-wallet-password
4df3efd 
eth-wallet: password flow based on the hash stored on the fs
@Slava
Copy link
Contributor Author

Slava commented Aug 15, 2018

Cherry-picked to 0.23.x in 4df3efd
Cherry-picked to 0.24.x in c1d1fe9

@bsclifton bsclifton mentioned this pull request Aug 16, 2018
Merged
10 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ryanml ryanml ryanml left review comments

@diracdeltas diracdeltas diracdeltas approved these changes

@riastradh-brave riastradh-brave Awaiting requested review from riastradh-brave

Assignees

@Slava Slava

Labels
feature/ETH-Wallet
Projects
None yet
Milestone
ETH Wallet
Development

Successfully merging this pull request may close these issues.
4 participants
@Slava @diracdeltas @ryanml @bsclifton