From 55fefbecc7f9cc7736350310f509fbb4d7b507c1 Mon Sep 17 00:00:00 2001
From: Vishnu <vishnu@ente.io>
Date: Wed, 1 Mar 2023 16:14:53 +0530
Subject: [PATCH] Add comment

---
 src/utils/crypto/index.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/utils/crypto/index.ts b/src/utils/crypto/index.ts
index 336f595b0..7824bc190 100644
--- a/src/utils/crypto/index.ts
+++ b/src/utils/crypto/index.ts
@@ -58,6 +58,10 @@ export async function generateKeyAttributes(
     return { keyAttributes, masterKey };
 }
 
+// We encrypt existingKeyAttributes with a key derived from the passphrase (with
+// Interactive mem and ops limits) to avoid saving them to local storage in
+// plain text. This means that on the web user will always have to enter their
+// passphrase to access their masterKey.
 export async function generateAndSaveIntermediateKeyAttributes(
     passphrase: string,
     existingKeyAttributes: KeyAttributes,
@@ -90,7 +94,6 @@ export const saveKeyInSessionStore = async (
     key: string,
     fromDesktop?: boolean
 ) => {
-    // the key is encrypted before saving in session storage, to obfuscate it from the browser
     const cryptoWorker = await ComlinkCryptoWorker.getInstance();
     const sessionKeyAttributes = await cryptoWorker.generateKeyAndEncryptToB64(
         key