Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to disable Encryption #201

Closed
albertobissacco opened this issue Jan 3, 2019 · 5 comments
Closed

Ability to disable Encryption #201

albertobissacco opened this issue Jan 3, 2019 · 5 comments
Labels
roadmap

Comments

@albertobissacco
Copy link

at this moment (v 3.4.x) there is no way to disable the encryption option.

Another question: the wallet is really encrypted or it's just behind a password/pin?
@Overtorment
Copy link
Member

This is not super important feature, so cant promise we will make it right away.
Encryption can be disabled if you backup all wallets, delete & reinstall the app.
Unlike other wallets, it should wipe data completely and it is intentionally for the sake of physical privacy.

Yes the storage is really encrypted, you can check the source code. If youll manage to extract data from jailbroken iphone or from rooted android you should see only encrypted gibberish that can be decrypted only with your password

@klauslovgreen
Copy link
Contributor

But this is not like a 25th word on Trezor for example - still a nice option to have

@snyk-bot snyk-bot mentioned this issue Mar 6, 2020
Merged
@ncoelho
Copy link
Member

ncoelho commented May 11, 2020

Implemented!

@ncoelho ncoelho closed this as completed May 11, 2020
@i5hi
Copy link

i5hi commented Oct 28, 2022

This is not super important feature, so cant promise we will make it right away. Encryption can be disabled if you backup all wallets, delete & reinstall the app. Unlike other wallets, it should wipe data completely and it is intentionally for the sake of physical privacy.

Yes the storage is really encrypted, you can check the source code. If youll manage to extract data from jailbroken iphone or from rooted android you should see only encrypted gibberish that can be decrypted only with your password

@Overtorment

AFAIK app data should be encrypted with a cryptographically strong key that is stored in secure storage by default. The password should only be an app level encryption if anything. So if someone extracted data from my rooted android, they should only be able to decrypt if they can extract the key from secure storage.

@i5hi
Copy link

i5hi commented Oct 28, 2022

a pin/passphrase can be added to the secure storage key - which would at most buy some time incase someone managed to wipe your data AND secure storage*.

generally, its easier to sweep data from a phone if you are running an app with high privilege - like a file manager, but even that cannot access secure storage*. so a malicious file manager could dump wallet data and brute force it - if the only key is a weak password.

@i5hi i5hi mentioned this issue Oct 28, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
roadmap
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@albertobissacco @ncoelho @Overtorment @klauslovgreen @i5hi