mirrors/bitcoin-s
1
0
Fork 0
mirror of https://github.com/bitcoin-s/bitcoin-s.git synced 2024-11-19 09:52:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add disclaimers to the wallet/key-manager around API breaking changes… (#1237)

Browse Source 
* Add disclaimers to the wallet/key-manager around API breaking changes and limitations of the current iteration of the wallet

* Reword as Ben suggests
This commit is contained in:
Chris Stewart 2020-03-15 12:39:01 -05:00 committed by GitHub
parent 6964768292
commit 6a76f5c543
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/key-manager/key-manager.md
View File

@ -18,6 +18,18 @@ This means that ALL SIGNING should be done inside of the key-manager, and privat
This makes it easier to reason about the security characteristics of our private keys, and a way to provide a uniform interface for alternative key storage systems (hsm, cloud based key storage, etc) to be plugged into the bitcoin-s library.
### Disclaimer
Currently bip39 password is supported at the library level, but is not supported for end users using the server project.
[You can see that the bip39 password is hard coded to `None` here](https://github.com/bitcoin-s/bitcoin-s/blob/e387d075b0ff2e0a0fec15788fcb48e4ddc4d9d5/app/server/src/main/scala/org/bitcoins/server/Main.scala#L53).
There is a password that is used to encrypt your mnemonic seed on disk, but that password is hard coded to a default value.
THIS MEANS THAT YOUR MNEMONIC SEED CAN TRIVIALLY BE STOLEN IF AN ATTACKER CAN ACCESS YOUR HARD DRIVE.
TAKE PROPER OPSEC PRECAUTIONS.
Overall the key manager module should be considered insecure. For this release, it is more about setting up the module
as a logical distinction for further development in subsequent releases.
#### Creating a key manager
The first thing you need create a key manager is some entropy.

4
docs/wallet/wallet.md
View File

@ -13,6 +13,10 @@ This wallet is currently only released as a library, and not as a binary.
This is because it (nor the documentation) is not deemed production
ready. Use at your own risk, and without too much money depending on it.
### Disclaimer
The wallet api will changing significantly in the next release of bitcoin-s. EXPECT API BREAKING CHANGES and
surprising behavior from the current wallet..
### How is the bitcoin-s wallet implemented
The bitcoin-s wallet is a scalable way for individuals up to large bitcoin exchanges to safely and securely store their bitcoin in a scalable way.