Added database encryption #46
Conversation
|
I think encryption should be limited to wallet.dat, so one could have multiple wallets with different passwords. This patch seems to encrypt blkindex.dat and addr.dat, too. Also, a GUI prompt to enter the password would be useful. |
|
It is not possible to selectively encrypt parts of the database environment with Berkeley DB. There is several possible solutions but the best long term is to encrypt everything and add a export/import wallet feature. The gui prompt was a good idea, remember to add a non-GUI prompt for running headless. |
|
First, unless I'm reading the bdb docs wrong, you specify a password at database creation time. And then can't change it. So, at the very least, somebody would have to write code that (safely) rewrote wallet.dat when you set or unset or changed the password. Second, encrypting everything in wallet.dat means you'd have to enter your wallet password as soon as you started bitcoin (because user preference are stored in there right now), when ideally you should only enter the password as you're sending coins. And third, there are all sorts of usability issues with passwords. Users forget their passwords. They mis-type them. I wouldn't be terribly surprised if doing the simple thing and just encrypting the whole wallet with one password resulted in more lost bitcoins due to forgotten passwords than wallets stolen by trojans. I think creating a safe, useful wallet protection feature isn't easy, and there a lot of wrong ways to do it. |
|
Gnonthgol: if you're motivated to solve this right, please jump onto the forums and work out a good approach; I think this is a very important feature to get right. |
|
Also, database encryption can currently be accomplished using something like encfs or Truecrypt to encrypt the whole .bitcoin directory. That's probably a better workaround until we know how to get this right. Closed. Further discussion should happen on the forums as Gavin suggested. |
First RPC calls for SP
3ab1178 build: grab full paths to host tools (Cory Fields)
fix -prune arg comment; enable wallet is possible now
Cleanup thinblocks in flight on socket disconnect
SCDB hashMerkleRoot commits & network updates
Update instructions and some fixes for Ubuntu building
* fix the net propagation * Remove seeds from regtest Co-authored-by: Bohdan <[email protected]>
Ensure backward compatibility for mining-related methods using new rpcbackcompatible option which will be enabled by default.
…cale{Short,Long}Date
86b1ab6 refactor: Replace deprecated Qt::SystemLocale{Short,Long}Date (Hennadii Stepanov)
Pull request description:
As all deprecated warning in Qt 5.15.0 were eliminated in #46, Qt 5.15.1 introduced another one that is fixed in this PR.
Required for #20182.
Details in Qt docs:
- https://doc.qt.io/qt-5/qdatetime.html#toString-1
- https://doc.qt.io/qt-5/qdate.html#toString-1
ACKs for top commit:
jarolrod:
Tested ACK 86b1ab6 on MacOS 10.15.7 and Arch Linux both with Qt 5.15.1
jonasschnelli:
Tested ACK 86b1ab6
Tree-SHA512: 1dbba8ee70c895bf58317172a9901cdbe5503b1d6258f51caaae88d88d332d9fbd4697c995192d31e3618ddfd532c5f5881289b3af1184422e5a9263a1224115
ElGamal encryption
3 participants
Simple code to enable encryption of the database. Uses Berkeley DB built in AES encryption with a password from the new dbpassword option.
1FabZdhzEQJC7qJxb3k1RHVMf5gctB8qbh