The nanolightwallet from nanodevs

nanolightwallet's Issues

Think about using TDD

This is a software that manages people's money, isn't it? So, it's very important to ensure that everything works as expected each release.

Your can use Jest or Karma and Mocha as test runner and Nightwatch to e2e tests.

No adress is created after clicking 'create new adress'

Windows 10 Home, 64bit

Created a new wallet, but don't see an adress.
I can't click on 'Send', 'Receive' or 'Settings' either.

Better design for Transaction History GUI

Design concept:

Currently preview:

erro when try start wallet

/home/ubuntu/workspace/main.js:15
const {BrowserWindow} = remote;
                        ^

TypeError: Cannot match against 'undefined' or 'null'.
    at Object.<anonymous> (/home/ubuntu/workspace/main.js:15:25)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
    at Module.runMain (module.js:604:10)
    at run (bootstrap_node.js:389:7)
    at startup (bootstrap_node.js:149:9)
    at bootstrap_node.js:504:3

Incorrect insufficient funds warning

The wallet won't let me send anything, it reports "Amount is greater than balance in the selected account." even though I have sufficient funds to make the transaction.

Unkeyed hash for "MAC"

The AES-CBC not guaranty the integrity of the message, it allows an attacker to temper the message, without have the knowledge of the plaintext.

The solution for that used in https://github.com/AugustoResende/RaiLightWallet/blob/master/src/js/Wallet.js#L1161 not seems correctly. It is like MAC-And-Encrypt[1], which can be dangerous. The MAC is not a MAC itself, since they don’t have any key[2]. Since not have a key, it can leak the information about the plaintext more easily, it’s theoretical. It also seens to be similar to plain-hash-then-encrypt[3].

Also, without any key the attacker could guess the original content. Let's suppose that the attacker not have knowledge of the key used in AES, he can guesses the message, possibly using the checksum to confirm the guess.

I think the solutions is:
A) Replace AES-CBC by AES-GCM, which have GMAC using the tag.
OR
B) Replace Blake2b by Blake2b Keyed Hashing (MAC/PRF), as described here [4].

The MAC key can be retrieve by the PBKDF2 result, so is possible to use 256 bits of PBKDF2 exclusively for the MAC.

[1] https://crypto.stackexchange.com/questions/202/should-we-mac-then-encrypt-or-encrypt-then-mac
[2] https://security.stackexchange.com/questions/1873/whats-the-difference-between-mac-vs-hash
[3] https://crypto.stackexchange.com/questions/16428/why-is-plain-hash-then-encrypt-not-a-secure-mac
[4] https://blake2.net/blake2.pdf

Open Block not working

If a address is empty, the wallet can't create open block and broadcast to the network.

Better PoW. Use native binaries.

Low number of iterations by default

The PBKDF2 is faster than Argon2id or BCrypt. It will be even faster with low quantities of iterations. By default it uses:

var iterations = 5000;

https://github.com/AugustoResende/RaiLightWallet/blob/master/src/js/rai-wallet/Wallet.js#L167

The LastPass uses 100,000 iterations using SHA-256. The Covecube uses 200,000 iterations using SHA-512.

The iterations should be the maximum supported by the computer, giving maximum tolerable execution time.

The NIST already recommends uses 10,000 iterations:

For PBKDF2, the cost factor is an iteration count: the more times the PBKDF2 function is iterated, the longer it takes to compute the password hash. Therefore, the iteration count SHOULD be as large as verification server performance will allow, typically at least 10,000 iterations.

https://pages.nist.gov/800-63-3/sp800-63b.html#sec5

Also, it seems better change the SHA-1 to SHA-2 (SHA-512):

var key = pbkdf2.pbkdf2Sync(passPhrase, salt, iterations, 32, 'sha1');

https://github.com/AugustoResende/RaiLightWallet/blob/master/src/js/rai-wallet/Wallet.js#L1143

Because SHA-1 is way faster than SHA-2. The SHA-3 (Keccak) is slow in software, but faster in hardware than SHA-2. So, stick with SHA-2 can be more secure against FPGA.

I think replace the PBKDF2 to Argon2id, the winner of PHC, can be better, but will need more changes in code.

Suggestions

Hey great start with this project. Im wrapping up work on rewriting the javascript rpc lib for RaiBlocks and had plans on creating something similar but looks like you've already got something going here. I figure it might make sense to combine efforts.
Here are some things I would like to do:

Implement eslint w/ airbnb base config and lint codebase
update to es7 / latest js practices
Implement RaiBlocksJS - A bit of self promotion, but it's fully tested, and will potentially let us remove the files in /lib and /rai-wallet... let the rpc node do the heavy lifting for us.
Convert to React - Will let us restructure the app into something more extendable, let us easily unit test components, plus all the other benefits
Refactor large js files to smaller more modular files
Add Jest test runner - test everything!

These are pretty major changes, but with your blessing I'd love to get started on some of this stuff and start sending over some PRs!

Wallet creation

Offline wallet creation
Import wallet

Local POW

Local PoW is ready, but it's break. When i try broadcast the block, give a error: "Fork"

I think the reason is Block.js, which needs updating when you sign in to your account.

I will make the update for Block.js.

Local PoW
Broadcast

Send Page

Create send page
Send methods, clientside

Receive Page

Create receive page
Generate new address per receive
List addresses

Create organization / split code base

I was going to do this before, but you beat me to it hahaha anyway, would be really interesting if you could either put this on a github organization and split the code base in many repos (so parts of the code could be reusable in other XRB projects) or use lerna to keep a monorepo with many packages.