bdk icon indicating copy to clipboard operation
bdk copied to clipboard
verified publisher icon bitcoindevkit

Encrypted DB Implementation

Open i5hi opened this issue 3 years ago • 7 comments

Currently all DB implementations in BDK do not encrypt data at rest AFAIK.

This leads to privacy concerns in leaking public wallet data to other apps on the device.

As such, MemoryDB is the most private, but also the slowest because every sync has to start from 0.

Since SQLite is the most 'cross-platform' db implementation, I am assessing the value in creating a new EncryptedSQLiteDb implementation.

Any thoughts on this?

i5hi avatar Jul 29 '22 06:07 i5hi

I suppose you'd have to use database or OS specific technology for this? Does SQLite have this feature?

LLFourn avatar Aug 01 '22 02:08 LLFourn

Standard SQLite does not support authentication OR encryption.

There is a SQLiteCipher in C.

I've only been able to find this crate which supports it in Rust

https://docs.rs/sqlcrypto/latest/sqlcrypto/

Would it be feasible to create an encryption middleware that encrypts the Rust types that get stored in the DB? This way it could plug into all the existing DB implementations.

i5hi avatar Aug 01 '22 06:08 i5hi

@i5hi you can also create custom Database implementations outside of BDK.

evanlinjin avatar Aug 01 '22 07:08 evanlinjin

I was thinking about encrypting the actual .db file (that bdk creates) at the application level and decrypting it when the app starts - for bdk to use. However, even this leaves the db open to other apps while the app is running.

OR decrypt before every bdk call and encrypt it again after the function returns and UI updates. Which leaves it open only for the duration of that specific function call.

The problem with doing it outside bdk is that it makes bdk 'bad for privacy' by default. Which has pros and cons to it.

Desktop clients wont face much of an issue if their app is containerized and the db data is within a container. Mobile clients are the ones that really need a solution.

If not from bdk itself then as you mention @evanlinjin some external lib dedicated to solving this problem. This would essentially be just a simple encryption library that supports file encryption like chacha20poly1305. Then we would need just need some standard usage examples.

i5hi avatar Aug 01 '22 07:08 i5hi

Maybe this can exist as an external library, that only needs to implement the Database trait, and can handle encryption decryption on its own?? I feel that could be something useful..

rajarshimaitra avatar Aug 15 '22 15:08 rajarshimaitra

I've been looking into Android File System...still a bit new to it.

From what I understand, apps get a dedicated directory which other apps cannot access without specific permissions - which Play store does not allow for most apps - its usually reserved for advanced file manager apps, malware scanners etc.

So to an extent it is still safe to use an unencrypted SQLite for just public wallet data that bdk stores.

i5hi avatar Aug 16 '22 18:08 i5hi

Maybe this can exist as an external library, that only needs to implement the Database trait, and can handle encryption decryption on its own?? I feel that could be something useful..

I'm not sure how that works. I'll DM you to get a better idea.

i5hi avatar Aug 16 '22 18:08 i5hi