Ethereum account and encryption

The ability to capture and store documents is but one feature of this app. Additional features include Decentralized Identifiers (DIDs) and Verifiable Credentials, which are used with the Connections, Scanning and Personas functions. These features require encryption, private key management and cryptographic signatures.

If you wish to enable these features, the app requires enhanced levels of security, including encrypting the database and managing keys. To facilitate this, you need to control a master key. One of the easiest ways to do this is through an Ethereum account, which contains a private key, and an account number. The app can create an Ethereum acount for you, or you can import an existing account using its 12 word secret phrase.

Even though you can store funds in an Ethereum account, the app does not require funds to function. If you choose to import an existing account, we recommend that the account contain no or minimal funds. The app stores your 12 word secret phrase in a secure storage area of your phone, to be used when the app needs to sign messages or transactions on your behalf. If your phone was hacked and the 12 words exposed, the hacker could gain access to any funds stored in that account. The app does not function as an Ethereum wallet, nor does it want to be subject to any audit and certification requirements for an Ethereum wallet.

Once you create/import an Ethereum account, the local database is encrypted with a key derived from a signed transaction by the account. Once this is done, you cannot connect a different Ethereum account to this app, without first deleting the local database, as that would be a security issue.

For most users, letting the app create and Ethereum account, and then storing the 12 word phrase in a safe place is adequate.

Back