Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kli witness start command produces deterministic prefixes and keys if not passed a salt #702

Closed
daidoji opened this issue Mar 6, 2024 · 3 comments
Closed

kli witness start command produces deterministic prefixes and keys if not passed a salt #702

daidoji opened this issue Mar 6, 2024 · 3 comments

Comments

@daidoji
Copy link
Contributor

daidoji commented Mar 6, 2024
edited
Loading

I was informed that kli witness start was not for production and just for demonstration purposes but I was told to make this issue to track this information for posterity.

The kli witness start command makes prefixes and public keys deterministically ie:

Alias:  elite-witness
Identifier: BOTJTHFXofMW3zwLybDU-Vb3HjMA2rEbhs5TxtE8kP8M
Seq No: 0

Witnesses:                                                                                                                                                                                                                                                  Count:          0
Receipts:       0
Threshold:      0

Public Keys:
        1. BOTJTHFXofMW3zwLybDU-Vb3HjMA2rEbhs5TxtE8kP8M

(keri) daidoji@LAPTOP-5KEUASIG:~/ssi/keripy$ rm -r ~/.keri/
(keri) daidoji@LAPTOP-5KEUASIG:~/ssi/keripy$ kli witness start -H 31337 -T 31338 --alias elite-witness
Witness elite-witness : BOTJTHFXofMW3zwLybDU-Vb3HjMA2rEbhs5TxtE8kP8M
^C(keri) daidoji@LAPTOP-5KEUASIG:~/ssi/keripykli status --name witness --alias elite-witness
Alias:  elite-witness
Identifier: BOTJTHFXofMW3zwLybDU-Vb3HjMA2rEbhs5TxtE8kP8M
Seq No: 0

Witnesses:
Count:          0
Receipts:       0
Threshold:      0

Public Keys:
        1. BOTJTHFXofMW3zwLybDU-Vb3HjMA2rEbhs5TxtE8kP8M

This result holds even across machines due to hard coded salts in the code base.

If kli witness start is just a toy then we should add warnings to the console output to let people know about this determinism at call time or we should have the salts be random by the default as a new user wouldn't expect a program that generates keys to have this behavior. The principle, default in security software should be secure should hold just so users can't make this mistake without intentionally trying to (by passing their own hardcoded salt).
@daidoji
Copy link
Contributor Author

daidoji commented Mar 6, 2024

#701 provides a potential fix to this issue.

@lenkan
Copy link
Contributor

lenkan commented Mar 12, 2024

I was informed that kli witness start was not for production and just for demonstration purposes

@daidoji Was this during a community meeting/discussion? If so, do you have a reference where I can read or hear about this statement?

@daidoji daidoji closed this as completed Mar 12, 2024
@daidoji
Copy link
Contributor Author

daidoji commented Mar 12, 2024 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daidoji @lenkan