react-native-mmkv
react-native-mmkv copied to clipboard
mrousavy
Need help to understand to understand encryption.
Thanks a lot for creating this super-fast storage library.
I was exploring encryption with MMKV and have some doubts, would be really grateful if you can help me with the same.
While creating an instance of MMKV we give one encryption key, and we provide a unique key which is 99% the same throughout app lifecycle
const encryptionKey=NativeFunctionToRetrieveUniqueID();
// for ex encryptionKey value is mmkv-is-great
export const Storage = new MMKV({
id: `storage`,
encryptionKey: encryptionKey,
})
now if by any chance NativeFunctionToRetrieveUniqueID gives another key which is not the same key which was used to create the instance.
const encryptionKey=NativeFunctionToRetrieveUniqueID();
// for ex encryptionKey value is 'mmkv-is-fast' instead of last used key which was 'mmkv-is-great'
export const Storage = new MMKV({
id: `storage`,
encryptionKey: 'encryptionKey',
})
As the encryption key is changed would it do any harm? like data is getting failed to read or any possible harm?
I think if the encryption key is not the same it simply cannot read the data and will overwrite it if you try writing to it. So your data will be lost if you lose your encryption key.
@mrousavy I was hoping that it would work as you suggested, but it looks like it doesn't work at all. I initialized the MMKV storage with one encryption key, then wrote to it. Then close the app, and open it initializing MMKV with different encryption key, but I was still able to read data from previous instance.
So i found where does my MMKV storage stores the files inside my iphone simulator and the encryption works! :)
The way I understand how this works is, that the mmkv storage needs the secret key from us only for starting the encryption. Then we can lost it, because mmkv storage stores the key inside phones keychain. So when we use the storage next time with different secretKey, the storage, I guess, retrieve the old data with an old key and then rewrite them with new key?
Anyway thank you for the awesome library. It is a big relieve to have sync storage that is so fast.
@MCervenka To check MMKV file, you can do this
// open terminal // adb shell // cd /data/<packageName>/files/mmkv // ls // cat fileName
@mrousavy I checked it and @MCervenka is correct, storage works the same if keys changed on the fly
@AdityaPahilwani Can you explain how you change the key on the fly, please?
Is this issue still outstanding, or do updated encryption keys work as intended now?
This is related to the core MMKV library, not my react-native-mmkv wrapper.
So i found where does my MMKV storage stores the files inside my iphone simulator and the encryption works! :)
The way I understand how this works is, that the mmkv storage needs the secret key from us only for starting the encryption. Then we can lost it, because mmkv storage stores the key inside phones keychain. So when we use the storage next time with different secretKey, the storage, I guess, retrieve the old data with an old key and then rewrite them with new key?
Anyway thank you for the awesome library. It is a big relieve to have sync storage that is so fast.
Hi, @MCervenka Could you share where I can find MMKV storage files? I can't check does my encryption works.
xcrun simctl get_app_container booted your.package.name data if you are running on an iOS simulator, then go to that directory. Inside of Documents you can see mmkv and inside of there are files. Doing cat ___ on an unencrypted file will show u the contents.
I'm using 2.5.1 (I can't upgrade RN quite yet), and this isn't what happens to me at all. Instead, I have a separate issue: If I write with one encryption key and try to instantiate MMKV with a different key, an error is thrown. I can't recover from this, because I have no way to clear the previously encrypted file, since I can't instantiate MMKV.
