Error: wallet encryption is disabled

DEAR DEVS,

please fix this asap - thats ridiculous - especially 4 zcash.

regards

This is not really an error. Zcash developers don’t recommend encryption on the wallet because Zcash also uses encryption for transactions. Encrypting encrypted content can lead to real errors like incorrect balances or crashes.

Best bet is to assume if someone can access your PC you are compromised anyway. I recommend whole disk encryption with a strong password.

1 Like

Diving in a little deeper: the reason we disabled wallet encryption (or rather, put it behind an experimental feature flag, indicating that it can change incompatibly at any time) is because wallet encryption is incompatible with the Sprout shielded value pool. The way in which you detect spent notes in Sprout is by deriving a nullifier from a received note using the spending key. If the wallet is encrypted, the spending key is inaccessible, so spends can’t be detected. This results in a failure case where the user thinks they have significantly more ZEC in their wallet than they actually have, which is really bad.

We fixed this for the Sapling shielded pool by introducing a “full viewing key” into the cryptographic construction, which in an encrypted wallet can be left unencrypted. However, since Sprout is still supported, we can’t reliably enable wallet encryption for everyone. At some point when we have time, I would like us to conditionally allow wallet encryption for wallets that contain no Sprout addresses, and if the wallet is encrypted, completely disabling all Sprout functionality. We should also take the opportunity to first overhaul the wallet encryption itself to bring it in line with modern standards and best practices.

6 Likes

Maybe … but nobody are able to sign a transaction, spent some funds or dump keys from my btc wallet without the password - even if I leave the pc open.

regards

Thanks for the answer. I still think its an important point and it should be done (in any way) in the near future.

regards