
Show HN: b.lock – a blockchain-powered password manager - mrenoon
https://github.com/blockproject/b-lock
======
Someone1234
This works the same way as any other cloud based password manager but less
secure. Most work like this:

\- Store a AES-256 encrypted database blob in the cloud

\- Hash your master password using a slow/expensive hashing algorithm, and use
the resulting hash for encryption/decryption.

\- Offer 2F options to restrict who can requested the encrypted database
blob/test the master password.

\- Ask for the master password, try to decrypt the header of the blob, if it
works return the blob.

This solution stores an AES-256 encrypted database in public, therefore cannot
offer 2F, and is only protected by the quality of your private key (and I
cannot even see which hashing algorithm they're using).

Someone unironically said in this thread they "never trusted LastPass"
(implying this is safer) but technologically you don't specifically need to
trust LastPass.

Regardless of if you're using DropBox, Google Drive, or LastPass for Cloud
Storage the primitives are the same: AES-256 Encrypted Blob, Cloud Protected
Storage (w/2F options), and a hashed master password.

If you want to roll your own LastPass, use KeePass and DropBox with 2F. Not
this.

~~~
geofft
> _Someone unironically said in this thread they "never trusted LastPass"
> (implying this is safer somehow?!) but technologically you don't
> specifically need to._

There's something to be said about perception. A big corporation making money
off a centralized service that uses the money to employ people to get things
right? Seems sketchy. Some people on GitHub with a Chrome extension that can
read and write all data on every web page you visit and intentionally syncs
your passwords with ... AES-CTR with no integrity protection??? please tell me
I'm misreading this ... to some random altcoin? Sounds great, these people
must have my best interests in mind, hack the planet, fight the power, &c. &c.

The question is, how do we change these perceptions?

~~~
detaro
> _AES-CTR with no integrity protection???_

Seems to be the case, with non-random nonces... If I read the documentation of
the used library correctly, it starts the counter always with 1 by default.
Game over?

~~~
geofft
Oh my gosh are they doing nonce reuse for a password manager? Amazing. Better
not change your passwords ever!

~~~
detaro
And never have one of your passwords leaked.

------
pferde
What about a blockchain-powered alarm clock? 51% could decide NOT to wake me
up in the morning.

~~~
yani
That is a good one. The whole world can decide that tomorrow is a holiday..
just because

------
FLUX-YOU
Honestly, I'd like to pile onto the shit-flinging train, but it's gotten so
ridiculous that it's wrapped around to not being funny at all.

In fact, anything that is trying to promote widespread electricity usage to
run a blockchain for a product that we have good alternatives to should
actively be discouraged.

This is actively harmful. It's well beyond the 'considered harmful' memes.

------
Vinnl
One of the advantages mentioned is:

> Single point of failure: if the server/database goes down, there goes your
> passwords

I haven't investigated Blockchain too extensively, but: is there not a risk
that this blockchain goes down if nobody uses this password manager, much like
how you can't download a torrent if nobody's seeding it? Or does it bootstrap
itself on Ethereum's blockchain or something?

~~~
throwaway2016a
generally you are correct. But most blockchains have a central "seed" server
that is supposed to always be up. Furthermore if the seed server goes down and
none of the peers you have previously connected to are reachable you are an
island in those cases.

With that said, from the repo. This one is based on
[https://nebulas.io/](https://nebulas.io/)

~~~
beaner
This is the first time I've ever heard of "seed servers". Do you have any
links explaining such a precedent?

~~~
throwaway2016a
Most blockchains, including as far as I know all Bitcoin based blockchains
(including Bitcoin itself) have two types of seeds embedded in them.

First the IP of seed servers (nodes) and second the hostname of a DNS based
seed lookup.

The DNS host name as well as the IP addresses of the seed nodes are actually
embedded in the source code itself.

They exist for new peers to discover people to connect to. And if the case of
seed nodes they also act as peers themselves. If all those nodes and the DNS
seed go down.

The DNS is constantly rotated to contain A records for a large number of peers
which new peers will randomly pick from.

In the case of Bitcoin the seed servers are all run by different organizations
and there are a lot of them. Smaller coins may actually only have 1 or 2 seed
servers all run by the same people.

Some blockchains allow multi-cast based discovery but that only helps if you
happen to be on the same network as another node.

Best link I could find with the time I have:
[https://bitcoin.stackexchange.com/questions/14371/what-
is-a-...](https://bitcoin.stackexchange.com/questions/14371/what-is-a-dns-
seed-node-vs-a-seed-node)

------
xerxe-sans-s
Lots of negativity here that I don’t think is completely justified. I
subscribe to a family plan for 1password. I have options to sync with iCloud
and several other cloud services, and for the most part that’s great. But I
don’t have an option to sync with a service that I can guarantee will remain
in existence and outside of state control. I also have to maintain an account
in good standing with these services, or potentially host and secure my own
hardware.

Blockchains - at least those that are heavily adopted - provide a kind of good
solution to this problem. State is maintained by a third party that’s likely
to be around for a while, and if I forget or can’t pay a bill for a while, my
credentials are still stored and accessible at a later time. I like the idea
of paying a little to a third party for the store operation, vs paying a
little every month for the privilege of performing a get operation.

~~~
skybrian
It's not a lot of data. There are other places where you could publish a small
file for free, provided that you entirely trust the encryption and therefore
are willing to make the file public. For example, a gist on Github.

(But personally, I wouldn't publish the encrypted file, just in case.)

~~~
geofft
Store it with some scheme like TripleSec
[https://keybase.io/triplesec/](https://keybase.io/triplesec/) and put it in a
private gist on GitHub, so you'd need three encryption algorithms _plus_
GitHub account security to be broken before anyone can get to it.

------
tbodt
You can do exactly the same thing without blockchain.

~~~
pps43
And store the encrypted passwords where?

~~~
geofft
Anywhere. Put them on an HN comment, log in and enable showdead. Stick them in
a git repo, revert the commit, and make a pull request to a popular project.
Steganographically encode them into the next popular internet meme. Make an
account on hashbang.sh and save it to disk.

If you have access to the blockchain, you already have access to a million
more reliable data storage options, some reasonable, some not. Blockchain is a
distributed consensus tool, not an anti-censorship tool. If you can't reach
other random storage services, why do you think you can reach the blockchain?

~~~
pps43
YCombinator can go out of business and bring HN down, not all internet memes
survive long, your disk can be lost in a fire, etc.

I'm not saying blockchain is better, just that it's at least reasonable.
Already distributed and can be expected to survive longer than individual
companies.

~~~
loup-vaillant
What are the odds that Dropbox _and_ HN _and_ a dozen popular internet memes
of your choice _and_ your local computer _and_ your phone _and_ your blog
_and_ …

…go all down before you can react? Seriously, if you need a secure backup, a
couple instances, geographically separated, are more than enough.

------
nomore999
Please stop.

------
jjeaff
My current password file is almost 1 MB.

So wouldn't the blockchain become unweildly pretty quickly?

Especially when people start base64 encoding their mp3 collections and storing
them in the b.lock chain?

At least with a normal ledger system, you can collapse chunks of history and
hash them to validate. But it seems that if you are storing data that needs to
be accessible, you can't do that.

I don't have a TB or two to spare on most of my devices.

~~~
geofft
It's using an altcoin, which is why it's so cheap - because the market has
adjusted to correctly price reliable storage in the Bitcoin blockchain (given
its importance, number of users, and frequency of updates) and has not yet
adjusted to correctly price reliable storage in this altcoin's chain. Or,
worse yet, the market _has_ correctly priced it and you get what you pay for.

------
mrenoon
We have improved our encryption algorithm, please review it at our more recent
post:
[https://news.ycombinator.com/item?id=17394807](https://news.ycombinator.com/item?id=17394807)

------
dozzie
If you use blockchain for storing secrets, then you signal that you don't know
what blockchain was intended for and what storing secrets needs, in other
words, you signal that you are not competent to build a password store.

~~~
yani
What is wrong with making an encrypted secret - public? Isn't this what
encryption is all about?

~~~
dozzie
No, encryption is for keeping secret a secret, even if it ends up public.

But this misses the point. Blockchain is an implementation of a specialized
cryptographic primitive called "document timestamping". Nothing this primitive
provides is useful for a password manager. About the only thing that would be
useful is much better served with a DHT, and much cheaper, too.

------
nikolay
Everything's just better when you sprinkle a little bullchain, urgh,
blockchain on it.

------
cfadvan
But... why? If this isn’t peak “because we fucking can, that’s why,” then what
is?

~~~
rschulman
Came here to say this. Why? What defect of password managers can you possibly
be fixing by adding a global trustless append-only ledger to it?

~~~
woodaroo
Instead of trusting a third party to protect your credentials, you're trusting
an auditable, open source platform. I cant see myself using it for anything
important, but I understand the draw.

~~~
detaro
Any password manager that does the encryption stuff in offline, open-source
software and puts it on any untrusted storage provides that, with the
difference that it does not require making your encrypted copy public for all
eternity, exposing it to unnecessary risk of compromise down the road.

~~~
woodaroo
There are risks either way. There have been plenty of vulnerabilities in
popular password managers (some that also apply to this blockchain model). But
I think your AES encrypted password being publically visible is a pretty low
risk, compared to a PW manager being breached, having a flaw in the client,
their being coerced by government, etc

~~~
the_snooze
How is this project any less at risk for those client-side implementation
risks you mention? Basically, why should this nascent project be trusted over,
say, KeePass?

------
jaequery
this has strong potential. i never felt safe with services like lastpass.

