| Age | Commit message (Collapse) | Author |
|---|
|
remove unused binding
|
|
whilst fmt is using nightly it doesnt appear that clippy is
previous attempts to update the rustfmt nightly version have resulted
in a large number of errors which needed resolving. the change was
backed out because of other priorities.
It appears now that clippy is not using the nightly version
and there are no regressions
|
|
- update nix flake
- bump hard coded reference to rustfmt nightly version
- fix warning that latest version of rustfmt produced
|
|
|
|
Enables the user to only handle the nsec upon first use of the tool
by encrypting it with a password and storing it on disk in an
application cache.
The approach to encryption draws heavily from that used by the gossip
nostr client.
- unencrypted nsec is zeroed from memory
- a salt is used to defend against rainbow tables
- computationally expensive key stretching defends against
brute-force attacks of passwords with low entropy.
There is UX trade-off between decryption speed and key-stretching
computation. This UX challenge is exacerbated in a cli tool as
decryption must take place more regularly. Thought was put into the
selected n_log and a heavily reduced value is provided for long
passwords where security benefits are smaller.
A more granular reducing in computation was also considered by
rejected to avoided to revealing just how weak a password is as most
weak passwords are reused.
|
|
Create skeleton for a complete rebuild of the prototype as a production
ready product.
Includes design patterns for:
- dependency injection
- unit testing with dependency mocking
- integration testing
- error handling
- config storage
BREAKING-CHANGE: ground-up redesign with incompatible protocol standards
|