# Anoma wallet
### Vocabulary/ Notations
* Seed phrase: ```seed```
* password: ```pwd```
* symmetric encryption/decryption (AES) key: ```ek```
* master private/public wallet signing keys: ```msk,mpk```
### Low Level Functionality:
```
Wallet.createMSK(rnd)->msk,mpv:
```
* takes as input rnd and creates msk and mpv. Where msk is stored?
```
Wallet.createKey(msk,mpv,seed,tag)->sk,pk:
```
* takes as input msk,mpv,seed,tag and outputs a new sk,pk
```
Wallet.issueTransaction(tx,sk)->s:
```
* takes as input tx data and sk and outputs a signed transation **s** to be sent to the ledger for verification
### Security Requirements:
1. SR1: Unauthorized access to `msk,password,seed` and `sk's` should be prevented
2. SR2: traffic between wallet<>ledger should be e2e encrypted to precent eavesdroppers.
### Adversarial Model:
1. An adversary is allowed to watch all traffic between the wallet and the ledger
2. Secret information stored at user's side is assumed to be secret(`seed`,`pwd`)
### Approach:
1. For SR1 encrypt everything on the disk (where the wallet is) with a symmetric disk storage encryption primitive.
2. For SR2 encrypt end to end with the ledger with a scheme providing confidentiality and integrity. PKI is needed or hardcoded public keys of the ledger to negotiate secret symmetric keys for to e2e encypt traffic. Is TLS sufficient here, where wallet acts as a web-client and ledger as the server?
> Justin Robert Evans2:13 PM
> password -> hash(password) (Sha3) -> key/secret unlock mnemonic
> Justin Robert Evans2:15 PM
> for the state (Redux persist) password -> hash(password) -> AES 512 -> decrypt Redux store
### Workflows:
* **RegisterUser(`pwd,seed`)->`c_seed,c_state`**:
* User: sets up `pwd` and `seed`
* Wallet:`kdf(pwd) = ek` //Derive the AES encryption key
* Wallet:`AES(ek,seed) = c_seed` //Encrypt with the encryption key the seed
* Wallet: Store `c_seed` on disk //Store on disk the ciphertext
* Wallet: sets a global counter `cnt`= 0
* Wallet: Computes `state = msk,mpk,cnt`
* Wallet: Encrypts `AES(ek,state) = c_state`
* Wallet: Delete `ek` from memory and disk
* **CreateAccount(`pwd,alias`)->`sk,pk`**:
* User: enters password `pwd`
* Wallet: `kdf(pwd)=ek'`
* Wallet: If `AES_Decrypt(ek', c_seed)==OK` success `else` error
* User enters alias `alias`
* Wallet: `AES_Decrypt(ek', c_state) = state`
* Wallet: Fetch `msk,mpk,cnt` from `state`
* Wallet: `cnt=cnt+1`
* Wallet: `KeyDerivation(msk,mpk,cnt,alias) = sk,pk`
* **LogIn(`pwd`)->(`Success/Error`)**:
* User: enters password `pwd`
* Wallet: If `AES_Decrypt(kdf(pwd)', c_seed)==OK` success `else` error
* **Transact**(`tx,c_seed,c_state,sk`)->$\sigma$:
* User: enters password `pwd`
* Wallet: `kdf(pwd)=ek'`
* Wallet: If `AES_Decrypt(ek', c_seed)==OK` success `else` error
* Wallet: `Sign(sk,tx)=`$\sigma$
> Iraklis: BIP 32, 44, 49, 84 for KeyDerivation for the wallet sk,pk?
> Iraklis: I am not sure if signing happens at the wallet or the wallet rpc calls some signing procedure at the ledger side
Sign in with Wallet
Connect another wallet