kccleoc/seedpgp-web
0
0
Fork 0
mirror of https://github.com/kccleoc/seedpgp-web.git synced 2026-03-07 09:57:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: enhance documentation with threat model, limitations, air-gapped guidance

Browse Source 
- Update version to v1.4.4
- Add explicit threat model documentation
- Document known limitations prominently
- Include air-gapped usage recommendations
- Polish all documentation for clarity and examples
- Update README, DEVELOPMENT.md, GEMINI.md, RECOVERY_PLAYBOOK.md
This commit is contained in:
LC mac
2026-02-03 02:24:59 +08:00
parent a7ab757669
commit 4353ec0cc2
10 changed files with 1208 additions and 333 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
GEMINI.md
View File

@@ -2,10 +2,10 @@
## Project Overview
**SeedPGP v1.4.3**: Client-side BIP39 mnemonic encryption webapp
**SeedPGP v1.4.4**: Client-side BIP39 mnemonic encryption webapp
**Stack**: Bun + Vite + React + TypeScript + OpenPGP.js + Tailwind CSS
**Deploy**: GitHub Pages (public repo: `seedpgp-web-app`, private source: `seedpgp-web`)
**Live URL**: <https://kccleoc.github.io/seedpgp-web-app/>
**Deploy**: Cloudflare Pages (private repo: `seedpgp-web`)
**Live URL**: <https://seedpgp-web.pages.dev/>
## Core Constraints
@@ -314,9 +314,26 @@ await window.runSessionCryptoTest()
---
## Current Version: v1.4.3
## Current Version: v1.4.4
*Please update the "Recent Changes", "Known Limitations", and "Next Priorities" sections to reflect the current state of the project.*
**Recent Changes (v1.4.4):**
- Enhanced security documentation with explicit threat model
- Improved README with simple examples and best practices
- Better air-gapped usage guidance for maximum security
- Version bump with security audit improvements
**Known Limitations (Critical):**
1. **Browser extensions** can read DOM, memory, keystrokes - use dedicated browser
2. **Memory persistence** - JavaScript cannot force immediate memory wiping
3. **XSS attacks** if hosting server is compromised - host locally
4. **Hardware keyloggers** - physical device compromise not protected against
5. **Supply chain attacks** - compromised dependencies possible
6. **Quantum computers** - future threat to current cryptography
**Next Priorities:**
1. Enhanced BIP39 validation (full wordlist + checksum)
2. Multi-frame support for larger payloads
3. Hardware wallet integration (Trezor/Keystone)
---