add encryption for the two SQL columns, replace basic DB utils, add USE_DEXIE_DB flag, and start adding SQL everywhere

2025-05-26 19:03:20 -06:00
parent 6e005de65a
commit 3f46e3817a
8 changed files with 467 additions and 27 deletions
--- a/src/db-sql/migration.ts
+++ b/src/db-sql/migration.ts
@@ -1,5 +1,31 @@
 import migrationService from "../services/migrationService";
 import type { QueryExecResult, SqlValue } from "../interfaces/database";
+import { DEFAULT_ENDORSER_API_SERVER } from "@/constants/app";
+
+// Generate a random secret for the secret table
+
+// It's not really secure to maintain the secret next to the user's data.
+// However, until we have better hooks into a real wallet or reliable secure
+// storage, we'll do this for user convenience. As they sign more records
+// and integrate with more people, they'll value it more and want to be more
+// secure, so we'll prompt them to take steps to back it up, properly encrypt,
+// etc. At the beginning, we'll prompt for a password, then we'll prompt for a
+// PWA so it's not in a browser... and then we hope to be integrated with a
+// real wallet or something else more secure.
+
+// One might ask: why encrypt at all? We figure a basic encryption is better
+// than none. Plus, we expect to support their own password or keystore or
+// external wallet as better signing options in the future, so it's gonna be
+// important to have the structure where each account access might require
+// user action.
+
+// (Once upon a time we stored the secret in localStorage, but it frequently
+// got erased, even though the IndexedDB still had the identity data. This
+// ended up throwing lots of errors to the user... and they'd end up in a state
+// where they couldn't take action because they couldn't unlock that identity.)
+
+const randomBytes = crypto.getRandomValues(new Uint8Array(32));
+const secret = btoa(String.fromCharCode(...randomBytes));

 // Each migration can include multiple SQL statements (with semicolons)
 const MIGRATIONS = [
@@ -12,8 +38,8 @@ const MIGRATIONS = [
        dateCreated TEXT NOT NULL,
        derivationPath TEXT,
        did TEXT NOT NULL,
-        identity TEXT,
-        mnemonic TEXT,
+        identityEncrBase64 TEXT, -- encrypted & base64-encoded
+        mnemonicEncrBase64 TEXT, -- encrypted & base64-encoded
        passkeyCredIdHex TEXT,
        publicKeyHex TEXT NOT NULL
      );
@@ -22,9 +48,11 @@ const MIGRATIONS = [

      CREATE TABLE IF NOT EXISTS secret (
        id INTEGER PRIMARY KEY AUTOINCREMENT,
-        secret TEXT NOT NULL
+        secretBase64 TEXT NOT NULL
      );

+      INSERT INTO secret (id, secretBase64) VALUES (1, '${secret}');
+
      CREATE TABLE IF NOT EXISTS settings (
        id INTEGER PRIMARY KEY AUTOINCREMENT,
        accountDid TEXT,
@@ -59,6 +87,8 @@ const MIGRATIONS = [

      CREATE INDEX IF NOT EXISTS idx_settings_accountDid ON settings(accountDid);

+      INSERT INTO settings (id, apiServer) VALUES (1, '${DEFAULT_ENDORSER_API_SERVER}');
+
      CREATE TABLE IF NOT EXISTS contacts (
        id INTEGER PRIMARY KEY AUTOINCREMENT,
        did TEXT NOT NULL,