Document another wallet encryption concern
This commit is contained in:
parent
750d4e07dd
commit
35cf6ee26d
|
@ -29,6 +29,12 @@ Wallet encryption is disabled, for several reasons:
|
||||||
your entire transaction graph (other than newly-detected spends, which suffer
|
your entire transaction graph (other than newly-detected spends, which suffer
|
||||||
from the earlier issue).
|
from the earlier issue).
|
||||||
|
|
||||||
|
- We were concerned about the resistance of the algorithm used to derive wallet
|
||||||
|
encryption keys (inherited from Bitcoin) to dictionary attacks by a powerful
|
||||||
|
attacker. If and when we re-enable wallet encryption, it is likely to be with
|
||||||
|
a modern passphrase-based key derivation algorithm designed for greater
|
||||||
|
resistance to dictionary attack, such as Argon2i.
|
||||||
|
|
||||||
You should use full-disk encryption (or encryption of your home directory) to
|
You should use full-disk encryption (or encryption of your home directory) to
|
||||||
protect your wallet at rest, and should assume (even unprivileged) users who are
|
protect your wallet at rest, and should assume (even unprivileged) users who are
|
||||||
runnng on your OS can read your wallet.dat file.
|
runnng on your OS can read your wallet.dat file.
|
||||||
|
|
Loading…
Reference in New Issue