Comments (14)
Restricting all token creations operation to auditors makes sense. Even if it is to just initialize a request. See comment in issue637 for handling new carbon tracker requests from an oil & gas operator.
from blockchain-carbon-accounting.
Not sure we need to limit transactions to accounts that have opted to store their keys on the server side when signing up.
It is better practice for accounts to hold keys directly, in line with the principles of web3.0 transaction. But an auditor may prefer to use a key management service.
Server side key management was introduced to the user sign-up function to help with onboarding of consumers that don't have the experience operating a server side wallet.
Should NET provide its own internal cloud key management for signing transactions? It already does in the referenced video, but with limited security.
from blockchain-carbon-accounting.
What do you think of signing the transaction on the server, instead of transferring the private key to the client and signing it there?
from blockchain-carbon-accounting.
@sichen1234 I was just writing this up...
Here are some ideas for improving security.
Private keys never leave the server side to sign transactions, only when exporting keys and permanently deleting it from the server. This is structurally different from what was shown in the referenced video. Transaction messages could be sent encrypted to the server (using the public key) where the message is decrypted and signed. However, this requires creating a secure communication line between the client and server for a given signing session ....
from blockchain-carbon-accounting.
Use the window.Crypto object (a secure way to use javascript to access the DOM) to store privateKeys in the client browser when receiving them from the server during sign in.
from blockchain-carbon-accounting.
The Wallet interface with private key is loaded around here from the server on the sign in page
The private key should be sent by the server to the client's Wallet interface encrypted by a public key address generated by the clients window.Crypto object.
from blockchain-carbon-accounting.
As discussed at the end of this older post a variety of modern browser features can be used to securely store the keys with the client -- this is basically what browser extensions like Metamask achieve
from blockchain-carbon-accounting.
from blockchain-carbon-accounting.
both require similar security development.
Keeping keys on the server limits attack vectors to server breaches. The benefit of moving the signing to the client is probably the legal context in how the server uses the private keys.
If the server is setup to sign transactions on behalf of the client, but used in a malicious transaction, the company operating the server could be held accountable.
The user agrees to the terms associated with the key management service provided by the client interface. Assuming the server provider makes all precautions to deliver the key securely, the clients are accountable for signing transactions.
from blockchain-carbon-accounting.
A secure and legally sound client application should have baked in client key gen and storage (e.g., electron or mobile app).
Both of the above are patchy solutions at best.
from blockchain-carbon-accounting.
from blockchain-carbon-accounting.
Agree.
As long as the signed in user is only received retired tokens, no need to access the privateKey.
Minimize key management to the bare minimum, and rely on third party wallet party providers and custom built client applications.
Suggest putting private keys into a separate write only schema, with read access limited to key export and deletion.
Once transferable tokens are issued to the user (e.g., offset credits or carbon trackers), the keys must be exported to access the tokens.
Another more secure option is to instruct the server to use the keys once to transfer the tokens to a new public address generated by the users external wallet. This eliminates security risk from potential breach of the original private keys - but would come with additional transaction costs.
from blockchain-carbon-accounting.
Question, if a client has connected their external wallet to NET, is there a form they can use to register information about their public address with the Postgres server - e.g. organization, name, email... ?
I have started a separate discussion on handling user information using Distributed identity management tools. A topic of discussion for future development.
from blockchain-carbon-accounting.
from blockchain-carbon-accounting.
Related Issues (20)
- request emissions audit UI allow other request, supported by document HOT 1
- Add dataLoader scripts for product table HOT 1
- Calculation error for emission factor & unit consistency. HOT 2
- Dynamic loading of node-fetch
- separate deploy js for carbon tracker HOT 2
- remove open zeppelin contract upgradability HOT 1
- Create a MAINTAINERS.md file HOT 1
- Remove upgradability from CarbonTracker HOT 4
- loading of oil and gas data HOT 2
- Using Google travel impact model
- Adopt Typescript 3.0 references and composite tsconfig.json setting?
- Private Key exposure during Wallet signup HOT 4
- scripts and documentation for deploying Fabric chain code using Bevel
- scripts and documentation for deploying Solidity smart contracts to Besu using Bevel
- UI to select multiple data points for an audited emissions certificate HOT 4
- deploy solidity contracts locally with bevel scripts HOT 1
- Link to Voluntary Offsets Directory is broken HOT 5
- not able to issue carbon tracker tokens HOT 1
- problem loading oil and gas data HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from blockchain-carbon-accounting.