Create Encryption/Decryption CAIP for Wallet Clients
bmann opened this issue · comments
From discussions at CASA Berlin, MetaMask is deprecating eth encrypt / decrypt https://medium.com/metamask/metamask-api-method-deprecation-2b0564a84686
More generally, as a CAIP, we believe it would be useful to document a secure way for blockchain key material to be used for encryption and decryption.
This is sort of a CAIP-25 method, but is very much not chain specific as it can be accomplished with just wallet client interaction, without having to connect to an online blockchain.
This is issue is an "intent to write a CAIP". If you are interested in participating in the process, please leave a comment as we organize calls and a working group.
Brave is definitely interested in this topic. I think deprecating the original APIs was a good idea for this and I'll definitely be assisting with this. Happy to help as an editor for a spec on this topic as well. Note, there's been some good on going discussions here as well: https://ethereum-magicians.org/t/eip-5630-encryption-and-decryption/10761
Note I'm based in the unholy timezone for WG calls (New Zealand), so if we do use calls/WG to move this forward (+1 to this IMO) can we do a split timezone approach where we do alternate between APAC and US/EU calls?
Nods in European
A number of us (@bumblefudge, @expede, @depatchedmode, me) will be in Lisbon and we're likely to have a discussion around this.
My preferred direction for this work is best summarized here: https://ethereum-magicians.org/t/eip-5630-encryption-and-decryption/10761/38?u=kdenhartog
@bmann please let us know when and where you will be meeting to chat about this :)
@oed @skgbafa @bumblefudge Here's a proposed time & location for an in-person in Lisbon next week. Will this work for everyone?
https://lu.ma/ylketllk
@kdenhartog any chance you're in Lisbon next week as well?
@depatchedmode kyle won't be in lisbon but he will be on Wednesday's Browser Security monthly call! It might spill over into another call after that, but it felt like the best place to start, with the security gurus making a list of all the attack vectors to consider when specifying this kinda stuff :D
Sounds great. Talk to you all on Wednesday!