New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ability to disable Encryption #201
Comments
This is not super important feature, so cant promise we will make it right away. Yes the storage is really encrypted, you can check the source code. If youll manage to extract data from jailbroken iphone or from rooted android you should see only encrypted gibberish that can be decrypted only with your password |
But this is not like a 25th word on Trezor for example - still a nice option to have |
Implemented! |
AFAIK app data should be encrypted with a cryptographically strong key that is stored in secure storage by default. The password should only be an app level encryption if anything. So if someone extracted data from my rooted android, they should only be able to decrypt if they can extract the key from secure storage. |
a pin/passphrase can be added to the secure storage key - which would at most buy some time incase someone managed to wipe your data AND secure storage*. generally, its easier to sweep data from a phone if you are running an app with high privilege - like a file manager, but even that cannot access secure storage*. so a malicious file manager could dump wallet data and brute force it - if the only key is a weak password. |
at this moment (v 3.4.x) there is no way to disable the encryption option.
Another question: the wallet is really encrypted or it's just behind a password/pin?
The text was updated successfully, but these errors were encountered: