| Age | Commit message (Collapse) | Author |
|---|
|
the make the code more readable
this commit just moves the files, the next commit should fix the imports
|
|
replace ngit yaml file config with:
* nsec / ncryptsec / npub in git config in nostr.* namespace
* sql database cache for metadata and relay events
allow different logins to be used for different git repositories by
storing login in local git config
|
|
Enables the user to only handle the nsec upon first use of the tool
by encrypting it with a password and storing it on disk in an
application cache.
The approach to encryption draws heavily from that used by the gossip
nostr client.
- unencrypted nsec is zeroed from memory
- a salt is used to defend against rainbow tables
- computationally expensive key stretching defends against
brute-force attacks of passwords with low entropy.
There is UX trade-off between decryption speed and key-stretching
computation. This UX challenge is exacerbated in a cli tool as
decryption must take place more regularly. Thought was put into the
selected n_log and a heavily reduced value is provided for long
passwords where security benefits are smaller.
A more granular reducing in computation was also considered by
rejected to avoided to revealing just how weak a password is as most
weak passwords are reused.
|
|
Create skeleton for a complete rebuild of the prototype as a production
ready product.
Includes design patterns for:
- dependency injection
- unit testing with dependency mocking
- integration testing
- error handling
- config storage
BREAKING-CHANGE: ground-up redesign with incompatible protocol standards
|