ZelCore generated wallet

[MadGamer]

I'm not a cryptographer, I don't know how wallets like Electrum etc. does it but since I've checked ZelCore FAQ page, I came across this:

When you create an account using your nickname and password, ZelCore takes this password and create a salted hash from it.

ZelCore then adds your nickname to that and creates another salted hash from that value. This value (SHA256 hash) is the encryption key.

The encryption key is used to encrypt both contacts.json and wallet.dat files with AES-256-CTR algorithm.

And I might be a little bit paranoid, but is this a secure and safe way to generate a wallet?

[HCP]

It seems somewhat similar to the methods employed by Warp Wallet... although their use of the "slow" (and memory intenstive) Scrypt functions were the real basis for preventing bruteforcing of the wallet. No-one managed to claim the 20 BTC prize from a "simple" 8 char password... even given the salt.

However, I'm not familiar with the exact methods being employed by ZelCore, so cannot comment on the robustness of their particular implementation.

[bob123]

That's basically a brain wallet. A brain wallet with slowed down bruteforce.

The entropy used to create this seed is less than the entropy an individual private key could have.
This method basically reduces the randomness of the seed by a lot.

While this MIGHT(!) be safe from bruteforce (for now, until better hardware is available OR a shortcut has been found in the function), it is less secure than the established methods to generate a seed.

Whats more severe (in my opinion) is the fact that the wallet is closed-source. You don't know how they build the code, whether it contains malware, vulnerabilities, mistakes in the seed generation etc.. Definitely NOT recommended.

IMO, you shouldn't risk more BTC than you would carry with you in a mobile wallet. And only install it inside of a VM or a machine without sensitive information stored.

[odolvlobo]

That's basically a brain wallet. A brain wallet with slowed down bruteforce. ...

I think everyone has misunderstood what is being done.

...This value (SHA256 hash) is the encryption key.
The encryption key is used to encrypt both contacts.json and wallet.dat files with AES-256-CTR algorithm.

The name and password are used to encrypt the wallet data. Nothing is said about how the private keys are generated.

[mocacinno]

I think everyone has misunderstood what is being done.

...This value (SHA256 hash) is the encryption key.
The encryption key is used to encrypt both contacts.json and wallet.dat files with AES-256-CTR algorithm.

The name and password are used to encrypt the wallet data. Nothing is said about how the private keys are generated.

Exactly... It's actually a pretty good defense...
If i follow the logic, the encryption key of the wallet file is sha256(salt2.sha256(salt1.password).nickname).

It'll become virtually impossible for an attacker to use a rainbow table using this scheme, and the resulting 256 bit encryption key they use with AES-256-CTR is pretty good if i'm not mistaking