Wallet Encryption

From VeriBlock Wiki
Jump to: navigation, search

See: Technical Articles

Introduction

Transactions in NodeCore are built on the foundations of asymmetric cryptography. Each address in NodeCore is associated with a private and public key. The wallet.dat file produced by NodeCore is the store for holding your keys. VeriBlock is rolling out an update to the format of the wallet.dat file that enables a user to institute an additional layer of protection on their private keys via encryption.

Format Changes

It should be noted that the format of the wallet.dat file changes in version 0.3.11. That version of NodeCore is backwards-compatible in that it will still read in an existing wallet.dat file. It will, however, upgrade the format of the file. Once upgraded, that wallet.dat will no longer work with NodeCore v0.3.10 or lower. NOTE: It is highly recommended to make a backup of your wallet.dat file prior to updating NodeCore!

By default, new wallets are created unencrypted. It is the same if loading from an existing wallet.dat file.

Encrypting the Wallet

Normal usage (wallets are created unencrypted):

  1. encryptwallet --> Physically encrypt the wallet.dat file. Run once for setup.
  2. unlockwallet --> When a command requires it, unlock the wallet. This takes a passphrase and temporarily decrypts the wallet to read the private keys into memory.
  3. lockwallet --> Once done with that command, lock the wallet back up. The lockwallet command clear those private keys from memory
  4. decryptwallet --> Physically decrypt the wallet.dat file (only run if need to revert wallet to plain text)

Detail:

To facilitate encryption of the wallet, 4 new CLI commands are introduced.

encryptwallet

The encryptwallet command takes no arguments, but will prompt for a passphrase (which will be hidden from view). Running this command will alter the wallet.dat file so that private keys are encrypted. Additionally, the loaded wallet in NodeCore enters a "locked" state. While in the "locked" state, any commands that require a private key (transaction creation, generating new addresses, signing messages) will fail.

unlockwallet

The unlockwallet command takes no arguments, but will prompt for a passphrase (which will be hidden from view). This command "unlocks" the loaded wallet in NodeCore, allowing NodeCore access to the private keys, thereby enabling commands dependent on private keys. The passphrase supplied should be the same as what was used to encrypt the wallet. This command has no effect on the wallet.dat file on disk. The loaded wallet remains unlocked until the wallet is explicitly locked again.

lockwallet

The lockwallet command takes no arguments. This command returns the loaded wallet in NodeCore to a "locked" state. This command has no effect on the wallet.dat file on disk.

decryptwallet

The decryptwallet command takes no arguments, but will prompt for a passphrase (which will be hidden from view). The command decrypts the wallet.dat file and returns the private key to a plain-text representation in the file on disk. The passphrase supplied should be the same as what was used to encrypt the wallet.

A user looking to change the password used to encrypt their wallet file would first run decryptwallet with their old passphrase, then run encryptwallet with their new passphrase.

Changes to NodeCore CLI

The following commands require that a wallet has been "unlocked" or they will fail immediately:

getnewaddress
signmessage
signhexmessage
importwallet
send
dumpprivatekey
importprivatekey

An additional <passphrase> parameter has been added to the importwallet command. That parameter is needed if the wallet you are importing is also encrypted. It is the passphrase associated with the wallet to be imported (not the loaded wallet in NodeCore). The wallet in NodeCore also needs to have been unlocked via the unlockwallet command.

Changes to PoP Miner

Because Proof-of-Proof mining involves the creation of a transaction, the NodeCore wallet must be "unlocked" in order to do proof-of-proof mining. The unlockwallet and lockwallet commands have been replicated in the proof-of-proof miner. A mining operation will fail immediately getting PoP instructions if the wallet is "locked".