72 lines
2.7 KiB
Markdown
72 lines
2.7 KiB
Markdown
---
|
|
id: vault/remove-password-derivation
|
|
name: Remove derive_password and site_password_path methods (password-manager pattern not relevant)
|
|
status: completed
|
|
depends_on: [vault/irpc-removal]
|
|
scope: single
|
|
risk: trivial
|
|
impact: isolated
|
|
level: implementation
|
|
---
|
|
|
|
## Description
|
|
|
|
Fix drift item #7: the vault currently has `derive_password`,
|
|
`derive_password_string`, and `site_password_path` methods. These implement a
|
|
password-manager pattern (deriving site-specific passwords from the seed) that
|
|
is not relevant to an RPC system's vault. Remove them entirely per ADR-025
|
|
(resolves review #002 C9).
|
|
|
|
### What to remove
|
|
|
|
- `derive_password` method from `VaultServiceHandle` (in `service.rs`)
|
|
- `derive_password_string` method from `VaultServiceHandle` (in `service.rs`)
|
|
- `site_password_path` function (in `mnemonic-derivation.rs` or `derivation.rs`,
|
|
wherever it's defined)
|
|
- Any associated path constants for password derivation
|
|
- Any tests for these methods
|
|
- Any references in `lib.rs` re-exports
|
|
|
|
### Why
|
|
|
|
The vault's purpose in alknet is to derive cryptographic keys (Ed25519 for
|
|
identity, AES-256-GCM for encryption) and encrypt/decrypt external credentials.
|
|
Site-specific password derivation is a password-manager feature that doesn't
|
|
belong in a networking toolkit's vault. Keeping it expands the attack surface
|
|
and API surface for no benefit.
|
|
|
|
### Scope
|
|
|
|
This task touches `service.rs` and possibly `derivation.rs` /
|
|
`mnemonic-derivation.rs`. It depends on the irpc removal task (drift #4) because
|
|
both modify `service.rs`.
|
|
|
|
## Acceptance Criteria
|
|
|
|
- [ ] `derive_password` method removed from `VaultServiceHandle`
|
|
- [ ] `derive_password_string` method removed from `VaultServiceHandle`
|
|
- [ ] `site_password_path` function removed
|
|
- [ ] Any password-derivation path constants removed
|
|
- [ ] Tests for password derivation removed
|
|
- [ ] No references to password derivation remain in `lib.rs` re-exports
|
|
- [ ] `cargo check` succeeds (no dangling references)
|
|
- [ ] `cargo test` succeeds
|
|
- [ ] `cargo clippy` succeeds with no warnings
|
|
|
|
## References
|
|
|
|
- docs/architecture/crates/vault/README.md — Known Source Drift table item #7
|
|
- docs/architecture/decisions/025-vault-local-only-dispatch.md — ADR-025 (resolves C9)
|
|
|
|
## Notes
|
|
|
|
> Straightforward removal. The password-manager pattern was inherited from the
|
|
> POC and is not relevant to alknet's vault use case. Depends on irpc removal
|
|
> because both modify `service.rs`.
|
|
|
|
## Summary
|
|
|
|
Removed `derive_password`, `derive_password_string` from `VaultServiceHandle`
|
|
(service.rs), `site_password_path` from derivation.rs, the doc-table row, all 5
|
|
password-derivation tests, and the now-unused `base64` URL_SAFE_NO_PAD import.
|
|
109 lines deleted. All tests pass; clippy clean. Merged to develop. |