From 8ecf6ccfefff0877ec20725313308ca2d5a739ea Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Thu, 20 Oct 2016 13:41:00 -0500 Subject: [PATCH] Improve security documentation --- doc/security-warnings.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/doc/security-warnings.md b/doc/security-warnings.md index b610364d6..2e40e92fe 100644 --- a/doc/security-warnings.md +++ b/doc/security-warnings.md @@ -20,8 +20,11 @@ Wallet Encryption Wallet encryption is disabled, for several reasons: - Encrypted wallets are unable to correctly detect shielded spends (due to the - nature of unlinkability of JoinSplits) and will incorrectly show much larger - available shielded balances until the next time the wallet is unlocked. + nature of unlinkability of JoinSplits) and can incorrectly show larger + available shielded balances until the next time the wallet is unlocked. This + problem was not limited to failing to recognize the spend; it was possible for + the shown balance to increase by the amount of change from a spend, without + deducting the spent amount. - While encrypted wallets prevent spending of funds, they do not maintain the shielding properties of JoinSplits (due to the need to detect spends). That