A place for developers to talk about building on Farcaster.

/dev

What are the security differences between storing a seed phrase in the following ways:

- Locked note in iCloud
- Password-protected in Keychain like how Rainbow does it
- largeBlob with a passkey in iOS17+

I think I understand the UX implications of each, but curious about the technical side

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

I like baking /goodbread and building apps on web3 protocols. DevRel @ ENS Labs. gregskril.com

cc @cassie 

1/ Keychain is a more secure part of the operating system on iOS and macOS vs. Notes is an app, likely more basic password security (likely not encrypted)

Password-protected back up is likely decent encryption, but if you forget the password you're screwed.

Interesting, looks like Notes passwords are encrypted but maybe not via Keychain 🤔

Then there's a different "Secure Notes" feature in the Keychain Access app, I wonder if it's using the same underlying tech

Interesting, looks like Notes passwords are encrypted but maybe not via Keychain 🤔

Then there's a different "Secure Notes" feature in the Keychain Access app, I wonder if it's using the same underlying tech https://support.apple.com/guide/keychain-access/store-confidential-information-securely-kyca2268/mac

@cassie wdyt?

TIL on Notes being e2ee separately from your iCloud data