Product-driven Blog | #01 Functionality & Security
ForgeX
0x16b4
December 26th, 2024

talk is cheap, show me the proof or code.

Hence, proof is here. 🫡

ForgeX provides two ways of private key storage: Cloud Storage and Local Storage

Below is a detailed explanation of the security and storage process for these two forms within the platform.

Local Storage

When Creating Wallet Groups

When users choose to create a wallet group with local storage, the private key is generated on the user's local frontend. The private key is not uploaded to the cloud; only the wallet address is uploaded to the backend database for wallet monitoring. This can be verified through the console by inspecting network requests.

Creating new wallets for local storage
Creating new wallets for local storage
Only public addresses were uploaded
Only public addresses were uploaded

Wallet Group Data Management

The private keys of locally stored wallet groups are saved in IndexedDB -> redux -> keyvaluepairs under local storage. Redux is a commonly used state management and storage library in the React framework. Through persistence technology, front-end data and states are stored locally. Once the persisted data is cleared, all locally stored wallet groups will be erased. Users must restore the wallet group using the previously saved local wallet group JSON file. If the file is lost, there is no way to recover it.This can be verified by clearing the data in keyvaluepairs and then checking the status of the ForgeX wallet group.

storage of local wallet group data
storage of local wallet group data

File Export and Encryption

Users can export their locally stored wallet group data as a JSON file at any time.

  • Unencrypted Export: The wallet group data will be stored in plaintext in the JSON file.

  • Encrypted Export: The wallet group data will be stored in ciphertext in the JSON file.

ForgeX adopts the AES (Advanced Encryption Standard) encryption algorithm, which is the most commonly used symmetric encryption algorithm and is widely used in the industry. Encryption and decryption both use the same key, which is the password entered by the user during encryption. Once encrypted, no one other than the user can decrypt the file.

Encrypted file with AES algo
Encrypted file with AES algo
Non-encrypted file without AES algo
Non-encrypted file without AES algo

Process Security

Since the responsibility for managing local wallet groups lies with the user's frontend, ForgeX enforces a mandatory process to avoid users forgetting to update their local wallet group JSON file after making changes to the wallet group. Users must re-export the local wallet group JSON file after adding or removing wallets from the group. This ensures that, in extreme cases, the user's local wallet group data is still retained for recovery.

ForgeX.tool -> Wallet Group -> Create Wallet Group
ForgeX.tool -> Wallet Group -> Create Wallet Group

Restoring Local Wallet Groups

To restore a previously stored local wallet group, users must import the earlier JSON file. The front end will automatically parse the file. If the file is encrypted, users must enter the password for decryption. If the password is incorrect, the wallet group data in the file cannot be recovered.

Cloud Storage

Process Security

When users choose to generate a wallet group with cloud storage, the private key is generated on the user's local frontend. After the private key is generated:

  1. The wallet address is uploaded to the backend database for wallet monitoring. This can be verified through the console by inspecting network requests.

  2. Users are required to encrypt the file before uploading it to the cloud for storage.

Mandatory encryption before upload
Mandatory encryption before upload
Mandatory input a password
Mandatory input a password
Headers msg when uploading the file
Headers msg when uploading the file
Paylod of when uploading the file
Paylod of when uploading the file

Viewing Wallet Groups

When users want to view a cloud-stored wallet group, the frontend will require them to enter the password previously set for the wallet group. If the password is incorrect, the user will not be able to access the wallet group.When users want to view the wallet group on a new frontend, since the local frontend does not have the wallet group data, the encrypted file will be downloaded from the cloud. Users will then be prompted to enter the password for decryption, after which the wallet group data will be parsed and displayed.

Wallet Group Data Management

The private keys of cloud-stored wallet groups are saved in IndexedDB -> redux -> keyvaluepairs under local storage. Redux is a commonly used state management and storage library in the React framework. Through persistence technology, front-end data and states are stored locally. If the persisted data is cleared, all locally stored wallet groups will be erased.

For cloud-stored wallets, when the frontend detects that the local data for the cloud-stored wallet is missing, it will automatically re-download the encrypted file from the cloud. Users will be prompted to enter the password for decryption, after which the wallet group data will be parsed and displayed. This can be verified by clearing the data in keyvaluepairs and then checking the status of the ForgeX wallet group.

Local data storage location of wallet groups
Local data storage location of wallet groups

ForgeX is an on-chain terminal for meme developers and advanced traders.

Twitter | Telegram | Website

Subscribe to ForgeX
Receive the latest updates directly to your inbox.
Nft graphic
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
Ch0tLuoEufd4o36…iRoEWvzbEGePgeo
Author Address
0x16b48669F0aa65F…ce13B8437cF55D4
Content Digest
SYQPI1HxyEH_3H_…tCU-9f0J4-gys8k
More from ForgeX
View All

Skeleton

Skeleton

Skeleton