[Cashtab] Store private key info in android secure storage
b64fa8789ee8
Actions

Description

[Cashtab] Store private key info in android secure storage

Summary:
Implement customization in the android storage adaptor so that private keys are stored in hardware-encrypted secure storage

Note that, we still have not optimized storage for Android or for using sqlite. We should do this, but will take some more thought around

How to best implement sqlite in the web wallet
How to minimize storage and maximize usefulness
How ecash-wallet will be implemented into Cashtab / initialized from storage

So, we will inevitably have some migrations later. This approach does though silo private keys in special storage.

An alt option would be to encrypt the whole sqlite database. But this would make Cashtab more battery intensive and slow down read-write operations. It's also silly to encrypt the sqlite database which is storing, mostly, cached info that is already public on the blockchain.

This implementation is arguably overkill. Just keeping everything in sqlite is ... pretty secure. To the point where the phone probably has to be rooted to get the private key. It's unclear how much "more secure" keeping the private keys in hardware-encrypted storage actually is. Google / Grok basic consensus seems to be that it is better, though difficult to measure.

Ultimately the "secure" solution is a hardware wallet. The primary benefit of the android app is better control over storage, i.e. less likely to have an android app phantom delete storage vs a webapp.

Test Plan:
npm test

Note that storage migration from the previous version is NOT supported

So, to test, run adb shell pm clear org.bitcoinabc.cashtab to clear your app storage, then

./start-android with an android device debug connected to your machine, run the app

While the app is running on your debug-connected phone, adb logcat -s "Capacitor/Console" in a separate terminal to check the logs. you should see

08-27 11:10:53.955 27940 27940 I Capacitor/Console: File: https://localhost/static/js/main.41f859f3.js - Line 82 - Msg: Storage initialized successfully on capacitor-android
08-27 11:10:53.955 27940 27940 I Capacitor/Console: File: https://localhost/static/js/main.41f859f3.js - Line 82 - Msg: Storage config: {
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "env": "capacitor-android",
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "persistent": true,
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "description": "SQLite Database (unlimited storage)"
08-27 11:10:53.955 27940 27940 I Capacitor/Console: }
08-27 11:10:53.955 27940 27940 I Capacitor/Console: File: https://localhost/static/js/main.41f859f3.js - Line 82 - Msg: Storage info: {
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "quota": "Unknown",
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "usage": "Unknown",
08-27 11:10:53.955 27940 27940 I Capacitor/Console:   "available": "Unknown"
08-27 11:10:53.955 27940 27940 I Capacitor/Console: }

create wallets, import wallets, switch wallets, rename wallets, send and receive txs

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Subscribers: Fabien

Differential Revision: https://reviews.bitcoinabc.org/D18530