BTCPrivate
/
BitcoinPrivate-legacy
mirror of https://github.com/BTCPrivate/BitcoinPrivate-legacy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Document another wallet encryption concern

This commit is contained in:
Jack Grigg 2016-10-20 13:33:58 -05:00
parent 750d4e07dd
commit 35cf6ee26d
No known key found for this signature in database
GPG Key ID: 6A6914DAFBEA00DA
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/security-warnings.md
View File

@ -29,6 +29,12 @@ Wallet encryption is disabled, for several reasons:
your entire transaction graph (other than newly-detected spends, which suffer
from the earlier issue).
- We were concerned about the resistance of the algorithm used to derive wallet
encryption keys (inherited from Bitcoin) to dictionary attacks by a powerful
attacker. If and when we re-enable wallet encryption, it is likely to be with
a modern passphrase-based key derivation algorithm designed for greater
resistance to dictionary attack, such as Argon2i.
You should use full-disk encryption (or encryption of your home directory) to
protect your wallet at rest, and should assume (even unprivileged) users who are
runnng on your OS can read your wallet.dat file.