Confirm scrypt parameters; remove comment

2022-07-13 06:44:42 -04:00 · 2022-07-13 06:44:42 -04:00 · dbfdff167b
commit dbfdff167b
parent ed8b22363e
1 changed files with 4 additions and 7 deletions
--- a/test_client/test_client.py
+++ b/test_client/test_client.py
@ -201,14 +201,11 @@ def derive_secrets(root_password, salt):
    # TODO - wallet_id in the salt? (with domain etc if we go that way)
    # But, we probably want random salt anyway for each domain, who cares
    #
-    # TODO - save scrypt parameters with the keys so we can change parameters
-    # and still read old keys?
+    # 2017 Scrypt parameters: https://words.filippo.io/the-scrypt-parameters/
    #
-    # https://stackoverflow.com/a/12581268
-    # Per this, there's an optimal for interactive use, and there's a stronger
-    # optimal for sensitive storage. Going with the latter since we're storing
-    # encrypted stuff on a server. That said, that's based on presentation
-    # slides from 2009. Maybe I should go even more secure?
+    # There's recommendations for interactive use, and stronger recommendations
+    # for sensitive storage. Going with the latter since we're storing
+    # encrypted stuff on a server.
    scrypt_n = 1<<20
    scrypt_r = 8
    scrypt_p = 1