Secret key encryption
Your Stellar secret key is encrypted client-side and never sent unencrypted to our server. We encrypt your secret key using a key derived from your password via scrypt and a per-key salt. This makes cracking your password computationally difficult even in the case of a data breach.
No one else (including us) has the ability to administer your account and funds on your behalf. Also, we're unable to check the correctness of your Security information such as Recovery Phrase, Private Keys, Password on our end.
Your secret key is encrypted using tweetnacl.secretbox (xsalsa20-poly1305) to avoid timing channel attacks and guarantee that if your seed decrypts properly, it has not been tampered with. The encrypted Stellar secret key may only be downloaded with proper user authentication, so you must have entered the correct password and MFA code (if you enabled it) to even have the opportunity to decrypt your secret key.
Secret key usage modes
We currently support three modes of handling your key: caching, prompting and hardware Ledger wallet. Caching is more convenient, but slightly less secure. Prompting is more secure, but less convenient.
Key caching loads your Stellar secret key from the server when you sign in, and decrypts it with your sign in password. It then re-encrypts your secret key with a new random key that is stored only on our server, and caches your encrypted key in local storage for the duration of your session. In this way, your secret key is stored on your machine, separate from the key that decrypts it. An attacker that dumps your local storage will lack the decryption key, and won’t be able to compromise your secret key.
In case you want to change the Stellar Secret Key storage mode, please move to 'Settings' -> 'Security'.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article