Enum nostr_types::KeySecurity
source · #[repr(u8)]pub enum KeySecurity {
Weak = 0,
Medium = 1,
NotTracked = 2,
}
Expand description
This indicates the security of the key by keeping track of whether the secret key material was handled carefully. If the secret is exposed in any way, or leaked and the memory not zeroed, the key security drops to Weak.
This is a Best Effort tag. There are ways to leak the key and still have this tag claim the key is Medium security. So Medium really means it might not have leaked, whereas Weak means we know that it definately did leak.
We offer no Strong security via the PrivateKey structure. If we support hardware tokens in the future, it will probably be via a different structure.
Variants§
Weak = 0
This means that the key was exposed in a way such that this library cannot ensure it’s secrecy, usually either by being exported as a hex string, or by being imported from the same. Often in these cases it is displayed on the screen or left in the cut buffer or in freed memory that was not subsequently zeroed.
Medium = 1
This means that the key might not have been directly exposed. But it still might have as there are numerous ways you can leak it such as exporting it and then decrypting the exported key, using unsafe rust, transmuting it into a different type that doesn’t protect it, or using a privileged process to scan memory. Additionally, more advanced techniques can get at your key such as hardware attacks like spectre, rowhammer, and power analysis.
NotTracked = 2
Not tracked
Trait Implementations§
source§impl Clone for KeySecurity
impl Clone for KeySecurity
source§fn clone(&self) -> KeySecurity
fn clone(&self) -> KeySecurity
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for KeySecurity
impl Debug for KeySecurity
source§impl Hash for KeySecurity
impl Hash for KeySecurity
source§impl PartialEq for KeySecurity
impl PartialEq for KeySecurity
source§fn eq(&self, other: &KeySecurity) -> bool
fn eq(&self, other: &KeySecurity) -> bool
self
and other
values to be equal, and is used
by ==
.