henryboldi/felony

Rework felony.json

Open

#80 opened on Aug 19, 2016

View on GitHub
 (2 comments) (0 reactions) (0 assignees)JavaScript (3,486 stars) (155 forks)batch import
enhancementhacktoberfesthelp wanted

Description

Right now felony.json stores all keys added. This creates a problem since the User's private key is also stored in that file.

Some ways to go about this:

  1. We need to think of a more secure way of storing the private key
  2. not storing it and forcing the user to input it.

Definitely open to suggestions.

I could see this getting worked on with (#9)

Contributor guide

Tech stack
javascriptnodejs
Domain
securitycli
Issue type
security
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
4
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
half day
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
mostly clear
Prerequisites
basic PGP conceptsfamiliarity with felony codebase
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
30
Research direction
Investigate how private keys are currently stored in felony.json and evaluate alternative secure storage methods like encrypted key files or OS keychain integration. Review comments in the issue and linked issue #9 for additional context. Look into existing PGP tools' approaches to key storage.