Commit 98489fc
committed
fix: prevent storage.sync data loss and harden key/backup flows
Sync merge:
- Match profiles by pubKey, not array index, so a reordered or partial
sync can no longer overwrite one identity's key material with another's.
- Treat bunker/remote-signer profiles (privKey:'' but a real identity) as
identities in fresh-install detection, so they aren't wiped as blanks.
- Stop syncing isEncrypted: the verifier is never synced, so adopting a
remote isEncrypted=true permanently locked the second device out.
- Add startup self-heal that clears a bogus isEncrypted flag when no
password verifier and no encrypted blobs exist.
- Extract pure computeMergeUpdates() so the merge rules are unit-testable.
Key/backup flows:
- savePrivateKey now replies via sendResponse + return true (MV3 does not
deliver Promise returns), so imported keys can't silently fail.
- Roll back the half-created profile when a key fails to persist.
- Backup export encrypts with a supplied backup password instead of the
session key, so users with no master password can export, even locked.
Tests: add sync-merge and backup-password regression suites (+13).1 parent 3d7ac4a commit 98489fc
28 files changed
Lines changed: 61503 additions & 184 deletions
File tree
- distros/safari
- api-keys
- event_history
- experimental
- nostr-keys
- permission
- profiles
- security
- vault
- src
- nostr-keys
- utilities
- test
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
128 | 128 | | |
129 | 129 | | |
130 | 130 | | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
131 | 146 | | |
132 | 147 | | |
133 | 148 | | |
| |||
419 | 434 | | |
420 | 435 | | |
421 | 436 | | |
422 | | - | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
| 440 | + | |
| 441 | + | |
| 442 | + | |
| 443 | + | |
| 444 | + | |
| 445 | + | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
423 | 451 | | |
424 | 452 | | |
425 | 453 | | |
| |||
1118 | 1146 | | |
1119 | 1147 | | |
1120 | 1148 | | |
1121 | | - | |
1122 | | - | |
| 1149 | + | |
| 1150 | + | |
| 1151 | + | |
| 1152 | + | |
| 1153 | + | |
| 1154 | + | |
| 1155 | + | |
1123 | 1156 | | |
1124 | 1157 | | |
1125 | 1158 | | |
| |||
1135 | 1168 | | |
1136 | 1169 | | |
1137 | 1170 | | |
1138 | | - | |
| 1171 | + | |
1139 | 1172 | | |
1140 | 1173 | | |
1141 | 1174 | | |
| |||
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Large diffs are not rendered by default.
0 commit comments