# wallet-security-solution

[cdcdx]

Related Issues

• Some time ago, many miners’ wallet private keys were stolen, and the owner was tampered with. Now the wallet encryption part is sorted out and open sourced. Welcome to integrate;

Security Advice

• This solution uses AES encryption, which guarantees the security of funds and private keys to a certain extent, but there is still a risk of leakage, please be aware;
• While encrypting the private key of the wallet, it is necessary to strengthen internal management and control device access rights;
• Remember to modify walletSaltPwd variable before compiling;

Proposed Changes

• compatible adaptations:
  • Compatible with the official lotus node api;
  • Adapt to lotus and lotus-wallet;
• Wallet token management:
  • Add, delete, clear wallet flags
• Wallet password management:
  • Add, reset, clear wallet password
  • Normal wallet and crypto wallet swap;
• Wallet message management:
  • Guarantee the security of funds: password verification is required for encrypted wallet transfer operations;
  • Protect the security of the private key: encrypt the wallet to export the private key and delete the password that needs to be verified;
  • Sealed messages are not affected: Encrypted wallets seal messages without verifying passwords;

Additional Info

• Wallet mark management:

    lotus wallet mark add    ##Add/update wallet mark
    lotus wallet mark del    ##Delete wallet mark
    lotus wallet mark clear  ##clear wallet mark

• Wallet password management:

    lotus wallet passwd add    ##Add password
    lotus wallet passwd reset  ##Change password
    lotus wallet passwd clear  ##Clear password
    lotus wallet encrypt <f1xxx/f3xxx/all>  ##Ordinary wallet->encrypted wallet
    lotus wallet decrypt <f1xxx/f3xxx/all>  ##encryption wallet->ordinary wallet