I'm currently thinking about creating my own wallet extension and wondered about how to encrypt the private key. I thought about saving the encrypted version of a private key as an httponly cookie on the users client to prevent cross site scripting. The user would send a password + the cookie to the backend and I would decrypt it(base64) with the help of a unique salt that will be saved in a mysql user table. Is this a good practice or are there better solutions?
from Recent Questions - Stack Overflow https://ift.tt/3BPK6zs
https://ift.tt/eA8V8J
No comments:
Post a Comment