fix(security): remove insecure legacy crypto and fix Turnstile in Docker

README.md

@@ -24,16 +24,16 @@ sequenceDiagram
 
     Note over U,B: ZERO KNOWLEDGE ZONE
     U->>B: Input Master Password
-    B->>B: PBKDF2 Key Derivation (Salt+Pass)
-    B->>B: Generate Auth Hash & Encryption Key
+    B->>B: Argon2id Key Derivation (Salt+Pass)
+    B->>B: Derive Auth Hash + Master Encryption Key
 
-    Note right of B: Key NEVER leaves Browser
+    Note right of B: Password & Key NEVER leave Browser
 
     B->>S: Send Auth Hash ONLY
     S->>DB: Verify Auth Hash
     DB-->>S: OK
-    S-->>B: Return Encrypted Data Blobs
-    B->>B: Decrypt Data with Key
+    S-->>B: Return Encrypted Vault Blob
+    B->>B: AES-256-GCM Decrypt with Master Key
     B-->>U: Display Vault
 ```
 
@@ -44,7 +44,7 @@ sequenceDiagram
 ## Features
 
 ### Zero-Knowledge Security
-- **Zero-Knowledge Encryption**: AES-256-GCM with PBKDF2 key derivation (600k iterations)
+- **Zero-Knowledge Encryption**: AES-256-GCM with Argon2id key derivation (memory-hard KDF)
 - **Zero-Knowledge Authentication**: Password never leaves your device; only derived `auth_hash` is transmitted
 - **Zero-Knowledge Export/Import**: Encrypted vault backup that only you can decrypt
 
@@ -302,7 +302,7 @@ docker compose -f docker-compose.prod.yml up -d
 | Backend | Django 5+, Django REST Framework 3.15+ |
 | Database | PostgreSQL 15+ |
 | Encryption | AES-256-GCM (Web Crypto API) |
-| Key Derivation | PBKDF2 (600k iterations) |
+| Key Derivation | Argon2id (memory-hard) |
 | Auth | JWT with refresh rotation, Zero-Knowledge |
 | Deployment | Docker Compose, Nginx, Let's Encrypt |
 

SECURITY.md

@@ -27,7 +27,7 @@ The server **never** has access to your plaintext credentials. Here's how it wor
 Master Password (client-side only)
         │
         ▼
-    PBKDF2 (600,000 iterations)
+    Argon2id (memory-hard KDF)
         │
    ┌────┴────┐
    ▼         ▼

backend/api/features/vault/services.py

@@ -51,12 +51,6 @@ def get_fake_vault_data():
                                 "email_iv": "duress_fake_iv_3",
                                 "password_strength": 2,
                                 "is_breached": False,
-                                "_plaintext": {
-                                    "username": "user@example.com",
-                                    "password": "netflix123",
-                                    "email": "user@example.com",
-                                    "notes": "",
-                                },
                             }
                         ],
                     },
@@ -77,12 +71,6 @@ def get_fake_vault_data():
                                 "email_iv": "duress_fake_iv_6",
                                 "password_strength": 2,
                                 "is_breached": False,
-                                "_plaintext": {
-                                    "username": "musiclover42",
-                                    "password": "spotify2023",
-                                    "email": "user@example.com",
-                                    "notes": "",
-                                },
                             }
                         ],
                     },
@@ -110,12 +98,6 @@ def get_fake_vault_data():
                                 "email_iv": "duress_fake_iv_9",
                                 "password_strength": 2,
                                 "is_breached": False,
-                                "_plaintext": {
-                                    "username": "@randomuser123",
-                                    "password": "twitter2023",
-                                    "email": "user@example.com",
-                                    "notes": "",
-                                },
                             }
                         ],
                     }
@@ -329,12 +311,6 @@ def create_profile(organization_id: int, user, data: dict, is_duress: bool = Fal
                 "notes_iv": data.get("notes_iv"),
                 "password_strength": data.get("password_strength", 0),
                 "is_breached": False,
-                "_plaintext": {
-                    "username": "newuser@example.com",
-                    "password": "password123",
-                    "email": "newuser@example.com",
-                    "notes": "",
-                },
             }
 
         try:

docker-compose.local.yml

@@ -62,6 +62,9 @@ services:
     build:
       context: ./frontend
       dockerfile: Dockerfile.local
+      args:
+        REACT_APP_API_URL: "http://localhost/api/"
+        REACT_APP_TURNSTILE_SITE_KEY: "1x00000000000000000000AA"
     container_name: accountsafe-frontend-local
     restart: unless-stopped
     depends_on:

docs/API.md

@@ -40,7 +40,7 @@ POST /api/zk/register/
 |-------|------|-------------|
 | `username` | string | Unique username |
 | `email` | string | Email address |
-| `auth_hash` | string | PBKDF2-derived authentication hash |
+| `auth_hash` | string | Argon2id-derived authentication hash |
 | `salt` | string | Base64-encoded salt for key derivation |
 | `turnstile_token` | string | Cloudflare Turnstile token (if enabled) |
 
@@ -67,7 +67,7 @@ POST /api/zk/login/
 | Field | Type | Description |
 |-------|------|-------------|
 | `username` | string | Username |
-| `auth_hash` | string | PBKDF2-derived authentication hash |
+| `auth_hash` | string | Argon2id-derived authentication hash |
 | `turnstile_token` | string | Cloudflare Turnstile token (if enabled) |
 
 **Response:** `200 OK`

frontend/Dockerfile

@@ -16,6 +16,16 @@ RUN npm ci --silent
 # Copy source code
 COPY . .
 
+# React env vars must be present at build time (CRA inlines them)
+ARG REACT_APP_API_URL
+ARG REACT_APP_PROJECT_NAME=AccountSafe
+ARG REACT_APP_LOGO_URL=/account-safe-logo.png
+ARG REACT_APP_TURNSTILE_SITE_KEY
+ENV REACT_APP_API_URL=$REACT_APP_API_URL
+ENV REACT_APP_PROJECT_NAME=$REACT_APP_PROJECT_NAME
+ENV REACT_APP_LOGO_URL=$REACT_APP_LOGO_URL
+ENV REACT_APP_TURNSTILE_SITE_KEY=$REACT_APP_TURNSTILE_SITE_KEY
+
 # Build the production application
 RUN npm run build
 

frontend/Dockerfile.local

@@ -7,6 +7,17 @@ WORKDIR /app
 COPY package.json package-lock.json* ./
 RUN npm ci --silent
 COPY . .
+
+# React env vars must be present at build time (CRA inlines them)
+ARG REACT_APP_API_URL=http://localhost/api/
+ARG REACT_APP_PROJECT_NAME=AccountSafe
+ARG REACT_APP_LOGO_URL=/account-safe-logo.png
+ARG REACT_APP_TURNSTILE_SITE_KEY=1x00000000000000000000AA
+ENV REACT_APP_API_URL=$REACT_APP_API_URL
+ENV REACT_APP_PROJECT_NAME=$REACT_APP_PROJECT_NAME
+ENV REACT_APP_LOGO_URL=$REACT_APP_LOGO_URL
+ENV REACT_APP_TURNSTILE_SITE_KEY=$REACT_APP_TURNSTILE_SITE_KEY
+
 RUN npm run build
 
 # ===== Stage 2: Production (No SSL) =====

frontend/public/docs/API.md

@@ -40,7 +40,7 @@ POST /api/zk/register/
 |-------|------|-------------|
 | `username` | string | Unique username |
 | `email` | string | Email address |
-| `auth_hash` | string | PBKDF2-derived authentication hash |
+| `auth_hash` | string | Argon2id-derived authentication hash |
 | `salt` | string | Base64-encoded salt for key derivation |
 | `turnstile_token` | string | Cloudflare Turnstile token (if enabled) |
 
@@ -67,7 +67,7 @@ POST /api/zk/login/
 | Field | Type | Description |
 |-------|------|-------------|
 | `username` | string | Username |
-| `auth_hash` | string | PBKDF2-derived authentication hash |
+| `auth_hash` | string | Argon2id-derived authentication hash |
 | `turnstile_token` | string | Cloudflare Turnstile token (if enabled) |
 
 **Response:** `200 OK`

frontend/public/docs/README.md

@@ -17,16 +17,16 @@ sequenceDiagram
 
     Note over U,B: ZERO KNOWLEDGE ZONE
     U->>B: Input Master Password
-    B->>B: PBKDF2 Key Derivation (Salt+Pass)
-    B->>B: Generate Auth Hash & Encryption Key
+    B->>B: Argon2id Key Derivation (Salt+Pass)
+    B->>B: Derive Auth Hash + Master Encryption Key
 
-    Note right of B: Key NEVER leaves Browser
+    Note right of B: Password & Key NEVER leave Browser
 
     B->>S: Send Auth Hash ONLY
     S->>DB: Verify Auth Hash
     DB-->>S: OK
-    S-->>B: Return Encrypted Data Blobs
-    B->>B: Decrypt Data with Key
+    S-->>B: Return Encrypted Vault Blob
+    B->>B: AES-256-GCM Decrypt with Master Key
     B-->>U: Display Vault
 ```
 
@@ -36,7 +36,7 @@ sequenceDiagram
 ## Features
 
 ### Zero-Knowledge Security
-- **Zero-Knowledge Encryption**: AES-256-GCM with PBKDF2 key derivation (600k iterations)
+- **Zero-Knowledge Encryption**: AES-256-GCM with Argon2id key derivation (memory-hard KDF)
 - **Zero-Knowledge Authentication**: Password never leaves your device; only derived `auth_hash` is transmitted
 - **Zero-Knowledge Export/Import**: Encrypted vault backup that only you can decrypt
 
@@ -120,7 +120,7 @@ cd frontend && npm install && npm start
 | Backend | Django 5.2 LTS, Django REST Framework 3.15.2 |
 | Database | PostgreSQL 15+ |
 | Encryption | AES-256-GCM (Web Crypto API) |
-| Key Derivation | PBKDF2 (600k iterations) / Argon2id |
+| Key Derivation | Argon2id (memory-hard) |
 | Auth | JWT with refresh rotation, Zero-Knowledge |
 | Deployment | Docker Compose, Nginx, Let's Encrypt |
 

frontend/public/docs/SECURITY.md

@@ -27,7 +27,7 @@ The server **never** has access to your plaintext credentials. Here's how it wor
 Master Password (client-side only)
         │
         ▼
-    PBKDF2 (600,000 iterations)
+    Argon2id (memory-hard KDF)
         │
    ┌────┴────┐
    ▼         ▼

frontend/src/pages/HomePage.tsx

@@ -24,7 +24,7 @@ const HomePage: React.FC = () => {
               Welcome to <span className="text-blue-500 dark:text-blue-400">AccountSafe</span>
             </h1>
             <p className="text-sm sm:text-base md:text-lg text-zinc-600 dark:text-zinc-400 mb-8 sm:mb-10 max-w-xl mx-auto px-4">
-              Protected by AES-256-GCM authenticated encryption with PBKDF2 key derivation. Our managed security architecture ensures your data is encrypted securely at rest
+              Protected by AES-256-GCM authenticated encryption with Argon2id key derivation. Our zero-knowledge architecture ensures your data is encrypted securely at rest
             </p>
 
             <div className="flex flex-col sm:flex-row gap-3 sm:gap-4 justify-center px-4">

frontend/src/pages/LandingPage.tsx

@@ -18,7 +18,7 @@ const LandingPage: React.FC = () => {
             Welcome to <span className="text-primary dark:text-primary-400">AccountSafe</span>
           </h1>
           <p className="text-sm sm:text-base md:text-lg text-zinc-600 dark:text-zinc-400 mb-8 sm:mb-10 max-w-xl mx-auto px-4">
-            Protected by AES-256-GCM authenticated encryption with PBKDF2 key derivation. Our managed security architecture ensures your data is encrypted securely at rest
+            Protected by AES-256-GCM authenticated encryption with Argon2id key derivation. Our zero-knowledge architecture ensures your data is encrypted securely at rest
           </p>
 
           <div className="flex flex-col sm:flex-row gap-3 sm:gap-4 justify-center px-4">

frontend/src/utils/__tests__/encryption.test.ts

@@ -21,7 +21,6 @@ import {
   decryptData,
   encryptCredentialFields,
   decryptCredentialFields,
-  hashPasswordForAuth,
 } from '../encryption';
 
 
@@ -358,47 +357,6 @@ describe('Credential Field Encryption', () => {
 });
 
 
-// ═══════════════════════════════════════════════════════════════════════════════
-// AUTH HASH TESTS
-// ═══════════════════════════════════════════════════════════════════════════════
-
-describe('Auth Hash Generation', () => {
-  test('hashPasswordForAuth returns consistent hash', async () => {
-    const password = 'TestPassword123!';
-    const salt = generateSalt();
-
-    const hash1 = await hashPasswordForAuth(password, salt);
-    const hash2 = await hashPasswordForAuth(password, salt);
-
-    expect(hash1).toBe(hash2);
-  });
-
-  test('different passwords produce different hashes', async () => {
-    const salt = generateSalt();
-
-    const hash1 = await hashPasswordForAuth('Password1', salt);
-    const hash2 = await hashPasswordForAuth('Password2', salt);
-
-    expect(hash1).not.toBe(hash2);
-  });
-
-  test('different salts produce different hashes', async () => {
-    const password = 'TestPassword123!';
-
-    const hash1 = await hashPasswordForAuth(password, generateSalt());
-    const hash2 = await hashPasswordForAuth(password, generateSalt());
-
-    expect(hash1).not.toBe(hash2);
-  });
-
-  test('auth hash is valid base64', async () => {
-    const hash = await hashPasswordForAuth('Password', generateSalt());
-
-    // Should not throw when decoded
-    expect(() => atob(hash)).not.toThrow();
-  });
-});
-
 
 // ═══════════════════════════════════════════════════════════════════════════════
 // EDGE CASE TESTS

frontend/src/utils/encryption.ts

@@ -245,19 +245,11 @@ interface EncryptedCredentialData {
   notes_iv?: string | null;
   recovery_codes_encrypted?: string | null;
   recovery_codes_iv?: string | null;
-  _plaintext?: {
-    username?: string | null;
-    password?: string | null;
-    email?: string | null;
-    notes?: string | null;
-    recovery_codes?: string | null;
-  };
 }
 
 /**
  * Decrypt an object's encrypted fields
- * If the data contains a _plaintext field (for duress mode), use that directly
- * 
+ *
  * Optimized: Decrypts all fields in parallel for better performance
  */
 export async function decryptCredentialFields(
@@ -270,18 +262,6 @@ export async function decryptCredentialFields(
   notes?: string;
   recovery_codes?: string;
 }> {
-  // Check for plaintext data (used in duress mode with fake vault)
-  // The frontend is unaware it's in duress mode - it just sees data
-  if (encryptedData._plaintext) {
-    return {
-      username: encryptedData._plaintext.username ?? undefined,
-      password: encryptedData._plaintext.password ?? undefined,
-      email: encryptedData._plaintext.email ?? undefined,
-      notes: encryptedData._plaintext.notes ?? undefined,
-      recovery_codes: encryptedData._plaintext.recovery_codes ?? undefined,
-    };
-  }
-
   const fieldNames = ['username', 'password', 'email', 'notes', 'recovery_codes'] as const;
 
   type FieldName = typeof fieldNames[number];
@@ -331,13 +311,3 @@ export function storeMasterKey(_key: CryptoKey): void {
   // Note: Master key is stored in memory only (CryptoContext.tsx)
 }
 
-/**
- * Hash password for authentication (separate from encryption key derivation)
- * This is what gets sent to server for login verification
- */
-export async function hashPasswordForAuth(password: string, salt: string): Promise<string> {
-  const encoder = new TextEncoder();
-  const passwordBuffer = encoder.encode(password + salt);
-  const hashBuffer = await crypto.subtle.digest('SHA-256', passwordBuffer);
-  return arrayBufferToBase64(hashBuffer);
-}