pull down to refresh
612 sats \ 6 replies \ @ek 27 Dec 2023 \ on: How safe is Sparrow's wallet encryption? bitcoin
Good question, I also use Sparrow and I also didn't find anything related to this in the docs.
Will ask in the TG group or check the code and come back with an update.
Okay, I got nerdsniped by this, haha
Did some little "reverse engineering" [0]. I tried
file
on the encrypted wallet file but it came up empty handed:$ file wallet.mv.db wallet.mv.db: data
But afaik, all
file
does to identify a file is to look at the file signature (also known as magic bytes):(ok, apparently only "among other tests")
So why not just look at the magic bytes ourself?
$ hexdump -C -n32 wallet.mv.db 00000000 48 32 65 6e 63 72 79 70 74 0a fa 3e 4a fb 1e 2f |H2encrypt..>J../| 00000010 99 ff 53 50 52 57 31 0a 5c 89 26 f0 23 97 3c 73 |..SPRW1.\.&.#.<s| 00000020
Turns out, Sparrow likely uses H2 Database under the hood to store wallets:
Welcome to H2, the Java SQL database.
This makes sense since Sparrow indeed is written in Java.
The security docs however mention this:
Encrypted storage Encrypting your on-disk database will provide a small measure of security to your stored data. You should not assume that this is any kind of real security against a determined opponent however, since there are many repeated data structures that will allow someone with resources and time to extract the secret key.Also the secret key is visible to anything that can read the memory of the process.
Mhh, that doesn't sound good 🤔
I asked in the TG group. Let's wait for an answer before jumping to conclusions. I also didn't take a close look at the source code yet.
[0] not sure if this already counts as reverse engineering
reply
You made my day just by showing me the nerd sniping verb.
Looking forward to know that you find out in the TG group.
I didn't understand from your message if the wallet file itself is an encrypted H2 database and Sparrow reads from it and decrypts on the fly, or if Sparrow starts and in-memory H2 database when the daemon starts and loads the data from the wallet file into the H2 database on runtime.
reply
I didn't understand from your message if the wallet file itself is an encrypted H2 database and Sparrow reads from it and decrypts on the fly, or if Sparrow starts and in-memory H2 database when the daemon starts and loads the data from the wallet file into the H2 database on runtime.
My educated guess would be it's the former. But that is also a good question!
Are you playing the nerd sniping game as mentioned in the xkcd? lol
Great find! Do update us here
reply
The only reply I got was this (someone linked this message in a reply)
The mv.db file format is from the embedded open source database that Sparrow uses, called H2. You can open it outside Sparrow if you have an H2 client, although if your wallet is encrypted you’ll have to rederive the database password from your wallet password via Argon2. The next version of Sparrow will allow importing this file format (as well as opening it directly).
This doesn't really answer my question but ok.
As a screenscrollshot:
reply