You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently Umbrel stores the seed phrase in plain-text inside the file /data/umbrel-os/home/umbrel/umbrel/app-data/lightning/data/lightning/state.json which is a concern. Should anyone have physical access to the hardware running the node could just mount the Filesystem and have easier access to the funds on-chain.
Can this be improved by storing the seed phrase in a AES-256 encrypted file which may use Umbrel password to unlock it, so in the case the node is stolen the owner has some time to access the funds and transfer elsewhere from that wallet ? Some Hot Wallets use similar techniques in order to store seed phrases on users computer
For reference one technique used is based on 7-zip encryption which uses AES-256 but that may be others.
The text was updated successfully, but these errors were encountered:
Currently Umbrel stores the seed phrase in plain-text inside the file
/data/umbrel-os/home/umbrel/umbrel/app-data/lightning/data/lightning/state.jsonwhich is a concern. Should anyone have physical access to the hardware running the node could just mount the Filesystem and have easier access to the funds on-chain.Can this be improved by storing the seed phrase in a AES-256 encrypted file which may use Umbrel password to unlock it, so in the case the node is stolen the owner has some time to access the funds and transfer elsewhere from that wallet ? Some Hot Wallets use similar techniques in order to store seed phrases on users computer
For reference one technique used is based on 7-zip encryption which uses AES-256 but that may be others.
The text was updated successfully, but these errors were encountered: