pm-idm icon indicating copy to clipboard operation
pm-idm copied to clipboard

Published 20 hours ago verified publisher icon ipfs-shipyard

Ensure locker is unlocked in certain actions

Open satazor opened this issue 5 years ago • 0 comments

Description

The storage is encrypted with the locker secret, which is great. Nevertheless, when performing certain actions, such as when updating the profile, we should guarantee that the locker is unlocked. The reason is that it might be easy to an attacker to to obtain a reference to the current instance of the idmWallet and start messing around with it. Along the way, we might need to make every instance sealed with Object.seal.

This is somewhat related to #190

Acceptance Criteria

  • [ ] Gather a list of all the actions that should have this check
  • [ ] Implement the check of every action

satazor avatar Jun 13 '19 12:06 satazor