Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Fast passphrase hashing #1986
Use the test config for the password hash to make it much faster.
The default config for the passphrase hashing is set to super-secure: the hashing algorithm is designed to take a serious amount of resources to prevent attacks against the keys if an attacker got hold of the encrypted keys but not the passphrase.
The problem with this is: starting Holoscape takes a long time. On slow machines it will trigger the 60 seconds timeout which then shows an error and opens the logs.
This means users have to re-create keys with the new version this change gets in.
Tried in Holoscape: makes booting and installing hApps much faster since decrypting keys is the most time consuming task in both workflows.
Ultimately we should find the right balance of security and usability. But for now, as long as we are in alpha at least, we can configure the passphrase hashing to be very simple.
- summary of change [PR#1234](https://github.com/holochain/holochain-rust/pull/1234)
neonphog left a comment
I'm cool with this so long as we have some presence in the tree for fixing it in the future. Couple thoughts: