LBRYCommunity/wallet-sync-server
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases 2 Packages Wiki Activity

Confirm scrypt parameters; remove comment

Browse source
This commit is contained in:
Daniel Krol 2022-07-13 06:44:42 -04:00
parent ed8b22363e
commit dbfdff167b
1 changed files with 4 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
test_client/test_client.py
View file

@ -201,14 +201,11 @@ def derive_secrets(root_password, salt):
# TODO - wallet_id in the salt? (with domain etc if we go that way) # TODO - wallet_id in the salt? (with domain etc if we go that way)
# But, we probably want random salt anyway for each domain, who cares # But, we probably want random salt anyway for each domain, who cares
# #
# TODO - save scrypt parameters with the keys so we can change parameters # 2017 Scrypt parameters: https://words.filippo.io/the-scrypt-parameters/
# and still read old keys?
# #
# https://stackoverflow.com/a/12581268 # There's recommendations for interactive use, and stronger recommendations
# Per this, there's an optimal for interactive use, and there's a stronger # for sensitive storage. Going with the latter since we're storing
# optimal for sensitive storage. Going with the latter since we're storing # encrypted stuff on a server.
# encrypted stuff on a server. That said, that's based on presentation
# slides from 2009. Maybe I should go even more secure?
scrypt_n = 1<<20 scrypt_n = 1<<20
scrypt_r = 8 scrypt_r = 8
scrypt_p = 1 scrypt_p = 1