browser-passworder

browser-passworder copied to clipboard

Thoughts on dropping this requirement?

patchthecode

Thanks to PR https://github.com/MetaMask/browser-passworder/pull/49, it can now support various algorithm with different cost factor. However, just increasing pbkdf2 iteration might not be the best option to secure encrypt logic. The...

ChrisCho-H

Hello MetaMask team, I am writing to request the addition of an ECMAScript Module (ESM) version of the `browser-passworder` module. As the JavaScript ecosystem continues to evolve, ESM has become...

szokeptr

Before #29, the `decrypt` function would return a `Promise` with a generic `R`. It was changed to return `Promise` instead, which breaks the implementation in `snaps-monorepo`, because `unknown` is not...

Mrtenz

Export key derivation options

3

Key derivation options are now exported from the functions `keyFromPassword` and `encryptWithDetail`. This can allow the project using this package to store the key derivation options alongside the vault, allowing...

Gudahtt

See this comment for details: https://github.com/MetaMask/browser-passworder/pull/28/files#r1013365391

Gudahtt

Store key derivation function used and iteration count in payload

3

The KDF used and iteration count should be included in the payload returned from `encrypt` to facilitate upgrades over time. This makes it possible to change the work factor or...

federicobond