🏛️ [EPIC] : Create local signing key

[mike-mcnulty]

Summary

Create local signing key

Description

Parent #727

When a user creates a new account, they do so by creating a new keychain. A 12-word seed phrase serves as the root for that keychain, from which everything else is derived. The first 'key' on the keychain is a master signing key, derived from the raw seed phrase.

When a user creates a new account or restores their account on a new device, the app needs to derive the master signing key from the seed phrase, and store it in a local vault. This local vault uses a device specific password to lock / unlock access.

GIVEN a new user in the 'get started' workflow
WHEN user click 'get your keychain now"
THEN generate new seed phrase AND show to user AND confirm user has right seed phrase
AND WHEN user enters / confirms "unlock password"
THEN derive master signing key from seed phrase AND encrypt with device password AND store in local vault

Children

• 🛠️ [TASK] : Local Storage #811
• 🛠️ [TASK] : Seed Phrase #812
• 🛠️ [TASK] : Keychain #813
• 🛠️ [TASK] : Create a simple function to generate a single 256 bit ed25519 private key from the key phrase, and its matching public key. #876

Questions:

• what specific algorithm will be used for seed phrase generation? how will app interact with that algo?
• need to force app to "forget" seed phrase after showing to user and deriving signing key?
• at which point should key generation happen? at which point should it be encrypted?

[dtscalac]

All building blocks to submit the RBAC transaction are in place. In the future when key derivation algorithm will be specified the temporary key derivation from #876 will be replaced by #813