You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In chapter two / getting started we currently write: The most common components of lightning wallet software include: A keystore that securely holds secrets, such as private keys.
I am not sure how secure the keystore currently is on LN nodes.
I believe in early days there was no way to encrypt wallet.dat and wallet.dat has been stolen leaked. in a same way for example in c-lightning we have hsm_secret that stores the private master key in plain binary format and the entire state is stored in plain text in a sql database. For state information it will be even more tricky to encrypt this as the state will / should change without user interaction. while hsm_secret could be encrypted the decrypted version would have to be in main memory and could be found with a full memory dump. there are not too many variables to check in a full mem copy.
I am not sure how comfortable I feel suggesting that lighting implementations have a secure keystore.
The text was updated successfully, but these errors were encountered:
C-lightning also support hsm_secret encryption, just start lightningd with --encrypted-hsm.
while hsm_secret could be encrypted the decrypted version would have to be in main memory and could be found with a full memory dump. there are not too many variables to check in a full mem copy.
The specific content of hsm_secret is read in non-swapable (mlocked) memory. However, most of the secrets are still stored in swapable memory as of today.
In chapter two / getting started we currently write:
The most common components of lightning wallet software include: A keystore that securely holds secrets, such as private keys.
I am not sure how secure the keystore currently is on LN nodes.
I believe in early days there was no way to encrypt wallet.dat and wallet.dat has been stolen leaked. in a same way for example in c-lightning we have
hsm_secret
that stores the private master key in plain binary format and the entire state is stored in plain text in a sql database. For state information it will be even more tricky to encrypt this as the state will / should change without user interaction. while hsm_secret could be encrypted the decrypted version would have to be in main memory and could be found with a full memory dump. there are not too many variables to check in a full mem copy.I am not sure how comfortable I feel suggesting that lighting implementations have a secure keystore.
The text was updated successfully, but these errors were encountered: