The wallet.db file located in mainnet folder (the path depends on os ) contains all the information about your decred wallet. Can anyone explain which kind of information this file have inside? - seed ? - dcr wallet psw (the one used in wallet creation )? - only encrypted information related to the software functionality but not accessible. - other.. This information is important because this file can be easly accessible!
The seed is not in the database (currently, it might be in the future), but even if it were it would definitely be encrypted with the private crypto key. The following is a basic overview of how the crypto inside wallet.db works. I assume by psw you mean password? No, the private passphrase is used to derive the private master key (and the public passphrase is used to derive the public master key) as per the diagram above. As far as the specific key derivation and crypto algorithms used, we can see those from the feature overview of the waddrmgr package: Scrypt-based key derivation NaCl-based secretbox cryptography (XSalsa20 and Poly1305) Perhaps it's also important to note from the diagram that the public crypto key is used to encrypt to account extended public keys and other public keys. These can NOT be used to spend coins, but they can be used to generate all of the addresses you will ever use for that account which of course means it would allow whoever is in possession of them to calculate your exact balances. This is why public encryption is offered as an optional feature for the security conscious. Finally, the database contains the transactions which involve your addresses, a bit of account information, the current chain state, and some other minor state-related things. --- TL;DR Nobody can steal your coins if they get access to the wallet.db file unless they also have your private passphrase. If you chose to use public encryption, they also can't get access to any of your extended public keys or addresses.
dcrwallet changed this. The seed is saved in the db, encrypted along with the rest of your private keys.
Ok, good to know. I did caveat that with an it might be in the future, so it seems that already happened.
Thanks for the clarification, this is an important security information. Always be careful about his backup and safe location.