Kirill Pimenov

icon indicating a website link https://pimenov.cc/ icon indicating an email [email protected]

icon location Berlin, Germany

Results 24 comments of Kirill Pimenov

HDKD

For future reference, this is [the spec for SLIP-0010](https://github.com/satoshilabs/slips/blob/master/slip-0010.md), which is indeed used in Ledger (and, consequently, in current implementations of relevant cryptowallets, like [ledger-kusama](https://github.com/Zondax/ledger-kusama)).

auth0 support

If we are to pick yet another centralized solution for _consumer_ auth, it makes more sense to rely on something widely-deployed like Github (or Google) as an auth provider, and...

Get rid of VueJS

This will also allow for configs to be brought closer to the ones of our other relevant JS projects, for example with https://github.com/polkadot-js/dev/blob/master/packages/dev/config/jest.js

proposal: encrypt "t"/"What is this thing?" with the secret

Well, does this actually make any sense? The same title is printed in the open on the page, in the largest possible font. And if a user wants to have...

Find a way to fit more info into QR codes

@prybalko well, the actual export of `gpg --export-secret-keys` is quite redundant, and there's an option which is intended to limit it: `--export-options export-minimal`. Unfortunately, [there's a bug](https://dev.gnupg.org/T2973) and that option...

Find a way to fit more info into QR codes

@burdges do you mean the length of our plaintext leaking via the length of the cyphertext, or some other leak vector I don't get at 8pm on Friday? If it's...

Find a way to fit more info into QR codes

@prybalko those are valid places to _lose_ the compression rate — but neither sounds like something which cannot be solved. For example, we might detect if the secret's contents are...

Find a way to fit more info into QR codes

@burdges oh, I like the trick with RS-encoding the encrypted data. funnily enough, we already symmetrically-encrypt the shard data (https://github.com/paritytech/banana_split/blob/19bc8b3da7726e6f4ae11573742d2a0c10619c66/src/util/crypto.ts#L110), just to protect against malicious printers (which are in our...

Find a way to fit more info into QR codes

Unfortunately, it's borderline impossible to embed webassembly bytecode directly into our `.html` file (and being a single file is one of the important design constraints for BananaSplit). So we're confined...

Add option to never show the seed again

I'm also a bit concerned about having too many potentially destructive opt-in features in Signer. I am also not 100% sure there's a big security gain in not storing the...