sakia issueshttps://git.duniter.org/clients/python/sakia/-/issues2018-09-05T11:56:51+02:00https://git.duniter.org/clients/python/sakia/-/issues/223Add ability to store the password on disk, encrypted with a passphrase that c...2018-09-05T11:56:51+02:00insoAdd ability to store the password on disk, encrypted with a passphrase that can be changed*Created by: mildred*
The problem with the current behaviour (you have a non modifiable passphrase from which the key pair is derived) is that you can't change your passphrase. The problem is that:
- the user will choose a short passphr...*Created by: mildred*
The problem with the current behaviour (you have a non modifiable passphrase from which the key pair is derived) is that you can't change your passphrase. The problem is that:
- the user will choose a short passphrase that could be guessed by an attacker if he has to type is frequently
- if the passphrase is leaked (keylogger for example) then there is no option to change it
What I propose is a different approach: Upon account creation, generate a long and very random secret string that would be stored on disk, and use the user provided passphrase to encrypt it.
The problem is that you'd have to backup this secret. You could print it as a QR code and store it in a safe somewhere. If that is too inconvenient, the user provided passphrase could be used as a secret instead. The user should be clearly informed that the passphrase would not be able to be changed.
futurehttps://git.duniter.org/clients/python/sakia/-/issues/720Double entry when "connect with an existing identity"2018-03-05T04:06:40+01:00insoDouble entry when "connect with an existing identity"*Created by: Nartagnan*
When connecting with an existing identity, Sakia ask 2 times each parameter (salt & password) and the identity.
In practice, as Sakia always ask for the private key (and don't store it if I'm right) why not just...*Created by: Nartagnan*
When connecting with an existing identity, Sakia ask 2 times each parameter (salt & password) and the identity.
In practice, as Sakia always ask for the private key (and don't store it if I'm right) why not just ask for the identity ?
It's a detail, not urgent, but could make Sakia more user-friendly ?https://git.duniter.org/clients/python/sakia/-/issues/796Support ScuttleButt keypair as credentials2020-03-23T11:23:17+01:00Vincent TexierSupport ScuttleButt keypair as credentials[ScuttleButt is a p2p social network of a new kind](https://scuttlebutt.nz/).
The ScuttleButt keypair created in $HOME/.ssb folder use the same elliptic algorithm than Duniter Ğ1.
So it is easy to handle an account using the ssb keypai...[ScuttleButt is a p2p social network of a new kind](https://scuttlebutt.nz/).
The ScuttleButt keypair created in $HOME/.ssb folder use the same elliptic algorithm than Duniter Ğ1.
So it is easy to handle an account using the ssb keypair as credentials.
For a start, just add a "Add account from scuttlebut account" button.futureVincent TexierVincent Texierhttps://git.duniter.org/clients/python/sakia/-/issues/812HD Wallet feature2020-07-07T21:38:28+02:00Vincent TexierHD Wallet featureAdd HD wallet generation feature.
https://coinsutra.com/hd-wallets-deterministic-wallet/
wait for DuniterPy issue to be implemented.Add HD wallet generation feature.
https://coinsutra.com/hd-wallets-deterministic-wallet/
wait for DuniterPy issue to be implemented.futureVincent TexierVincent Texier