0

I would like to create a Bitcoin Wallet.

Part of the process is to store public and private keys in encrypted form in server database.

All keys I am storing is encrypted using user's passcode.

1) Is it safe to store user's passcode in encrypted form in server database. (Thinking that User might forget his passcode so considering one recovery option)

2) Is there any kind of future possibility that I get in trouble if any kind of attack happens or by action of some intruder/admin itself(worst possibility) - the key reveal to the attacker which will lead access and open up all the pub/priv keys from database of that specific User? This way I can not give forget pass-code option to user.

So considering both option Shall I store User's pass-code or not?

What is the best practice to implement this security feature in bitcoin wallet ?


Update

This question is not duplicate of How to securely hash passwords?

as the question reveals ways of doing hashing of password and Here What I am asking is to find a best practise to decrypt pass-code and it's related impact on the system.

For eg. What If user wants to recover his forget password?

Sagar Shah
  • 101
  • 3
  • 1
    Possible duplicate of [How to securely hash passwords?](https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords) – NH. Oct 19 '18 at 15:09
  • 2
    "Is there any kind of future possibility" There is *always* a possibility. – 0xSheepdog Oct 19 '18 at 16:38
  • 2
    I would suggest users write the password down and keep it in safe in a secure location ( if they are super paranoid they could store first half at home in a safe and second half at a bank safety deposit box or some such ^^). – DarkMatter Oct 19 '18 at 17:20

1 Answers1

1

1) No. If you have a way to bypass the user's password, then you have a way in their wallet. Thus, if a user forget his password, they lose access to their money (and any attacker too). That's the point of a password.

2) Yes. That is more likely than you might think.

The best practice is for users to use an offline wallet that do not upload their data to a server.

Also, do not forget to backup (and test the backups) the server's data, because that's also your users' money that you have to reimburse in case of hardware failure or natural disaster. Before you start to develop this system (software and hardware), you must do a (security) risk assessment and discuss with your insurer. Do it again before releasing your service. There might also be legal obligations related to handling money and users' sensitive information, depending on where you live and to whom to will provide this service.

Take care not to roll your own cryptography. Depending on what you mean by “pass-code”, this scheme can be inherently insecure.

A. Hersean
  • 10,173
  • 3
  • 29
  • 42