1. 2017/06/21 - Decred v1.0.5 released! → Release Notes  → Downloads
    Dismiss Notice

2fa On Dcrwallet/paymentheus/decredition

Discussion in 'Technical Development' started by mathx, Jun 15, 2017.

  1. mathx

    mathx
    Expand Collapse
    New Member

    Joined:
    Feb 22, 2016
    Messages:
    9
    Likes Received:
    0
    Hello,

    Would there be any interest in implementing a 2FA solution for the dcrwallet/paymetheus/decredtion wallets?

    Main defense would be against an attacker that can steal your wallet files and possibly your password (through a virus) but not your physical 2FA.

    Some alternatives for implementing 2FA would be:

    1- Software TOTP (Google Authenticator on Phone)
    2- U2F keys (yubikeys)
    3- PKCS#11 tokens & smartcarts
    4- Hardware TOTP

    The main use for this feature would be on your hot, non-voting wallet. Every operation on the wallet would require both the password (see concerns on the other security thread https://forum.decred.org/threads/security-concerns-that-need-somewhat-urgent-attention.5219/) and the 2FA token to proceed.

    This would probably (haven't checked the dcrwallet source yet to confirm) involve a significant change on the wallets software to make sure that stealing the combination of wallet file + password cannot compromise the original wallet seed. Either decoding the wallet's private key or the private key itself would need to be somehow related to the 2FA device.

    I'm writing this to get a feel for whether this would be a feature the decred community would be interested in and if developed would accept patches for, before possibly starting to develop it myself.
     
  2. jcv

    jcv
    Expand Collapse
    Full Member
    Developer

    Joined:
    Dec 7, 2015
    Messages:
    221
    Likes Received:
    125
    I'm generally very pro 2FA, but I don't really see the point of 2FA for something that you run on your local machine. If your local machine with your wallet is compromised then unless you are already doing something very special (Qubes app/task specific VMs for example) it is game over for security.
     
  3. jcv

    jcv
    Expand Collapse
    Full Member
    Developer

    Joined:
    Dec 7, 2015
    Messages:
    221
    Likes Received:
    125
    I think I already commented on the security concerns from the thread you are mentioning and I don't really agree with the threat model in it. Or more accurately, I think that thread (and 2FA on a local wallet) is addressing the wrong part of security so it would be adding unnecessary complication without really adding the security it hops to add.
     
    David likes this.
  4. mathx

    mathx
    Expand Collapse
    New Member

    Joined:
    Feb 22, 2016
    Messages:
    9
    Likes Received:
    0
    Thank you for the reply!

    What if (part of or the full) private key of the wallet resides in the 2FA token? This would be feasible with a pkcs#11 or yubikey.

    Another idea: what if for the webwallet, instead of saving the key on the localStorage space of the browser it is saved on a pkcs#11 token as a client certificate?
     
  5. jcv

    jcv
    Expand Collapse
    Full Member
    Developer

    Joined:
    Dec 7, 2015
    Messages:
    221
    Likes Received:
    125
    I do have a couple of yubikey's around so I can always test things, but I'm not likely to actually do any work on any of the 2FA ideas.

    So as for the webwallet, I agree it would be nice to have things on a token rather than in the localStorage space of the browser (which is way too easy to delete). That said, I have no idea how that would be to implement in copay. It would be interesting if you wanted to try though.

    In terms of the other wallets, they all come down to dcrwallet and for the same reasons for before, I'm not super interested in that. I worry that it would complicate the wallet database format too much or would require basically effectively creating a new wallet from scratch each startup which would be terrible performance wise.
     
  6. mathx

    mathx
    Expand Collapse
    New Member

    Joined:
    Feb 22, 2016
    Messages:
    9
    Likes Received:
    0
    Thanks for the input, I was actually asking these things because I may have some free programming time I'd like to spend on the decred ecosystem and I thought of working on something along those lines (I've been involved in some other pkcs#11 projects so I thought of using some of that knowledge).

    Anyway, thanks for the replies!
     

Share This Page