Where is the private key stored ?

[mwid2020]

Hi,
could you include in the description/documentation where the private keys are stored and how access to them is secured ? It's quite sensitive to upload a private key, without knowing where it is going ...

Great job anyway ! Thanks !

[lucanaef]

All the data is stored locally using Apple's native Core Data framework. Therefore the keys are stored encrypted and on your device only.

Does this clarify your question?

[mwid2020]

Yes, thanks. Good to add it to the documentation, as it is a central question for such an app.
--> I am no expert at all in iOS dev nor in security, but I came across this post: https://security.stackexchange.com/questions/147312/is-data-stored-in-core-data-on-ios-secure
and wonder if storing the private key in the keychain would be more appropriate ?

[lucanaef]

I did consider storing the private keys in the iOS Keychain. What made me decide against it, is that Apple encourages users (maybe it's even the default?) to sync the Keychain via iCloud.
While this happens end-to-end encrypted, one cannot be certain that Apple doesn't (have to) have a master key.

(This is also the reason why there is currently no option to "remember" the passphrases for private keys.)

That said, I am open for discussion on this topic.

[mwid2020]

Indeed, the 'weak' point will be if and when data is stored on iCloud, either the Keychain or CoreData database.
It would be interesting to compare how other crypto apps did address this (e.g. https://github.com/status-im).

[mwid2020]

It seems that status-im they is using the Keychain and bind the keychain to the device, so to prevent that it can be accessed on iCloud at all:
https://github.com/status-im/status-react/blob/develop/src/status_im/utils/keychain/core.cljs
--> https://developer.apple.com/documentation/security/ksecattraccessiblewhenpasscodesetthisdeviceonly