UNPKG

rkm

Version:

Rane-Kim-Matsumoto Key Recovery Protocol

recoverkey.io

xgovern/rkm

101 lines (82 loc) 3.89 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# RKM (Rane-Kim-Matsumoto) Key Recovery Mechanism [recoverkey.io](https://recoverkey.io "Potion: Recover Key") A recovery scheme, for private keys & un-resettable passwords, that is contextualizable to a person. (e.g. mapping to... private/security questions, biometric data, pictorial data, etc.) ## Contextualization Schematics Diagram ![RKM Schematics](https://xgov.s3-accelerate.amazonaws.com/potion/rkm_scheme5.png "") ## Usage Documentation ### Generating a Strongly Encrypted Questionnaire (Safe-to-store) rkm.`digest`(         {             __private_key__:(str), __password__:(str),             __questions__:(array(str)), __answers__:(array(str)),             *false_positive_rate*:(str,'33%'), *batch_size*:(+int,40000),             *map_byte*:(+int:(2~8)), *salt_length*:(+int:(16+)),             *minimum_iteration_password*:(+int,1),             *minimum_iteration_mark*:(+int,1),             *minimum_iteration_answer*:(+int,1)         },         {             __callback__:(func),             *onprogress*:(func)         } ); ```javascript // // private_key accepted format: base58 (bitcoin) && base62 (xgov) & hex (ethereum) // Minimum 1 Q&A required; maximum 16 pairs // questions, answers, passwords all support Unicode, foreign characters // default answer filter: toLowerCase then remove special chars and white spaces // // See example below for usage: // rkm.digest({ private_key:'SJSvdelNkuc9aKNQE1u8B1t3iLwHqicabPCzXbu8aBr', password:'some_very_berry_difficult_password', questions:[ "Custom Question 1", "Custom Question 2", "Custom Question 3", "Custom Question 4", "Custom Question 5" ], answers:[ "Answer 1", "Answer 2", "Answer 3", "Answer 4", "Answer 5" ], },{ callback:function(e,data){ if(e) return; //Error case; var encrypted_questionnaire_base64 = data; //wrapping scheme: JSON --> gzip --> nacl-secretbox --> base64 //To decrypt, base64_decode --> nacl-secretbox-open --> gzip.undo --> JSON.parse }, onprogress:function(data){ //Progress event types //data.type == 'thread_spawn' //data.type == 'password_iteration' //data.type == 'password_iteration_complete' //data.type == 'mask_iteration' //data.type == 'mask_iteration_complete' //data.type == 'answer_iteration' //data.type == 'answer_iteration_partial_complete' //data.type == 'answer_iteration_all_complete' //data.count is the iteration counter so far //data.arg has the input parameters of each interation call } }); ``` The function resolves to an output which is an encrypted questionnaire. The encrypted questionnaire does not store the answers inside (only questions, iteration numbers, and salt), and thus is a much safer way to store a recovery option. The hacker must provide the right decryption password, then, has to provide __all the answers correctly simultaneously__; otherwise the recovery will output a gibberish 32-byte private key that resembles nothing like the original private key (not even a little partial resemblance which gives out information). 1) This is certainly better than 16~32 random recovery phrases that one has to write down which is vulnerable to location/physical attack) 2) This is also superior to user-chosen seed words which is notoriously easier to brute-force. #### LICENSE (Proprietary; For Audit-only Code Disclosure) © 2018 Potion, all rights reserved. Unauthorized copying of this file, via any medium is strictly prohibited.