Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wallet Encryption is Bypassed with using the Mneumonic Phrase #214

Open
Github-420 opened this issue Apr 11, 2023 · 4 comments
Open

Wallet Encryption is Bypassed with using the Mneumonic Phrase #214

Github-420 opened this issue Apr 11, 2023 · 4 comments

Comments

@Github-420
Copy link

Wallet Encryption is Bypassed with using the Mneumonic Phrase

It's still useful to prevent LIVE attacks against getting to the Mneumonic Phrase using Wallet Encryption

The Mneumonic Phrase should be upgraded to 100 WORDS to allow for more Repeated Words which increases the BRUTE-FORCE prevention abilities of the Mneumonic Phrase

This should be done along with upgrading the Wallet Encryption to Post-Quantum Encryption FALCON1024 if Possible to be adapted for this purpose along with making Private keys FALCON1024

The 0.00000420 Minimal Fee would pay the FEE for this extra BLOCKCHAIN SIZE cost using FALCON1024 Private KEYS

As Hard Drives are rapidly becoming larger than Blockchain size especially if KARBO stays away from becoming a SMART-CONTRACT Blockchain

FALCON1024 should be very good even with KARBO OPTIMIZATION transactions on overall Blockchain size due to the Rapid Growth in Hard Drive Size M.2 price and size comparison that is rapidly in favor of large Blockchain sizes

Even Bitcoins 500GB Size (2023)

Karbo Blockchain around 7GB (2023)

@Github-420
Copy link
Author

The cheap and easy way to get Post-Quantum Encryption is to upgrade the Whole-Wallet Encryption to FALCON1024 and COUPLED all the Private Keys to the Whole-Wallet Encryption

How this would work using Mneumonic Phrases or Physical Wallet.dat files IDK

To start the Mneumonic Phrase should be upgraded to 100 Words and Tied to the FALCON1024 Whole Wallet Encryption

If you have to completely remove Karbo Wallet.dat Files would be IDEAL for Long-Term maintaining of the Code

Maybe keep legacy support for Wallet.dat files for a couple years to expire at the same time as the Old Encryption Private Keys of the Post-Quantum KARBO PQ Private Keys Replacing them

Remove Old Private Key Encryption support at the same time removing support for Karbo Wallet.dat files

This will make Karbo more of a Similar to Nexus Tritium Blockchain user Login System replacing Wallet.dat files

@Github-420
Copy link
Author

But Karbo Login is ANON where as Nexus is neither ANON nor Distributed as the Mining is dominated by Pools

@NamecoinGithub
Copy link

I have considered this problem!

If the Wallet.dat system is removed than keeping this Loop hole open would be ideal if someone loses the Wallet Encryption Passphrase but can still remember the Passphrase for the OpenSSL Encrypted Notepad

This will cut down on the coding a lot if the only thing that is needed is removing the Wallet.dat file system and upgrading the Encryption to Falcon1024

But this only works if the Wallet Encryption is upgraded as well to prevent the Mneumonic Phrase inside the wallet getting leaked during LIVE wallet attacks

So I guess this is a good feature to keep bypassing Wallet Encryption, and there is no need to worry about hard coding the Wallet Encryption to anything as it's still going to be the same basic function as before Guarding the Mneumonic Phrase

@NamecoinGithub
Copy link

I changed my mind actually as the Loophole for encrypted Notepad file is ChaCha20 currently using OpenSSL until they adopt PQ-E standards!

So tying the Whole-Wallet Encryption to the Falcon1024 would be what a hacker would need to break or steal!

Although that makes it more difficult for someone to remember 2 Encryption Passwords 1 for Whole-Wallet and 1 for OpenSSL protecting the COLD-STORAGE Pneumonic Phrase saved!

It's worth to think about, maybe it depends on how soon OpenSSL adopts new OpenSSL ENC PQ-E standards

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants