oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove hardcoded passwords and enhance security in production setup

Browse Source 
Security Enhancements:
- Update .gitignore header timestamp to 2026-03-18 for security fixes
- Add CRITICAL SECURITY markers to sensitive sections in .gitignore
- Add comprehensive password file patterns (*.password, *.pass, .password.*)
- Add private key file patterns (*_private_key.txt, *.private, private_key.*)
- Add guardian contract database patterns (*.guardian.db, guardian_contracts/)
- Add multi-chain wallet data patterns (.
This commit is contained in:
AITBC System
2026-03-18 20:52:52 +01:00
parent fe3e8b82e5
commit 42422500c1
6 changed files with 518 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/implement-agent-protocols.sh
View File

@@ -352,7 +352,11 @@ class MessageProtocol:
def _generate_key(self) -> bytes:
"""Generate encryption key"""
password = os.environ.get('AITBC_AGENT_PROTOCOL_KEY', b"default-key-change-in-production")
# SECURITY FIX: Use environment variable instead of hardcoded default
password = os.environ.get('AITBC_AGENT_PROTOCOL_KEY')
if not password:
raise ValueError("❌ SECURITY: AITBC_AGENT_PROTOCOL_KEY environment variable required")
salt = os.environ.get('AITBC_AGENT_PROTOCOL_SALT', b"aitbc-salt-agent-protocol")
if isinstance(password, str):
password = password.encode()