You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hypercore has an associated static Public / Private key pair. Private keys should never migrate between devices for security. When device is replaced, new keypair is created. Need
Proposed solution
Use Hypercore-multi-key module which allows to switch this Hypercore to a new keypair. We need to add code to sign the new key with the old one to establish safe handoff.
We need to verify this signature on receiving nodes so that they can prove to themselves the legality of key rotation. Perhaps this can be added as a hypercore extension?
After key is rotated, old key is revoked.
Not covered by this issue
Key loss and recovery schemes. This will be addressed by another issue
The text was updated successfully, but these errors were encountered:
Problem
Hypercore has an associated static Public / Private key pair. Private keys should never migrate between devices for security. When device is replaced, new keypair is created. Need
Proposed solution
Use Hypercore-multi-key module which allows to switch this Hypercore to a new keypair. We need to add code to sign the new key with the old one to establish safe handoff.
We need to verify this signature on receiving nodes so that they can prove to themselves the legality of key rotation. Perhaps this can be added as a hypercore extension?
After key is rotated, old key is revoked.
Not covered by this issue
Key loss and recovery schemes. This will be addressed by another issue
The text was updated successfully, but these errors were encountered: