-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
conflict docs #24
conflict docs #24
Conversation
Send Encrypted Data 1 - Users who can receive data should upload the Public Key in Arweave, the dApp generate a public key derivative from wallet file. 2 - To send an encrypted file we need the Arweave address of the receiver, we push the public key data from the Arweave blockchain 3 - For encrypt the file we generate a new wallet file using "arweave.wallets.generate". with this wallet file we generate a derivative private key and encrypt the data using AES. 4 - With the Public Key of the user published in Blockchain we encrypted the Private Key that encrypted the data using RSA. Allowing only with the private key of the user it will be possible to decrypt the data 5 - For decrypted the file the user generate your private key from your wallet, and decrypt the encryption key that encrypt the data. with the encryption key decrypt the user can decrypt the data
data: bridge_config core_bridge fee_collector guardian_set emitters(chains) token_bridge bashs
Wormhole Core Contract File Transfer Contract Tests
|
GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
---|---|---|---|---|---|
13523325 | Triggered | Generic High Entropy Secret | 5d2451d | wormhole-local-validator/solana.bash | View secret |
13523325 | Triggered | Generic High Entropy Secret | d78b8ca | wormhole-local-validator/solana.bash | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
No description provided.