Ensure wallets store encrypted private keys

backend/app/models/__init__.py

@@ -5,6 +5,7 @@ from app.models.social import Post, Comment, Like, Follow
 from app.models.video import Video, VideoView, VideoLike
 from app.models.file import File, Folder
 from app.models.blockchain import Block, Transaction, Wallet
+from app.models.device import Device
 from app.models.ai_chat import Conversation, Message
 
 __all__ = [
@@ -23,6 +24,7 @@ __all__ = [
     "Block",
     "Transaction",
     "Wallet",
+    "Device",
     "Conversation",
     "Message",
 ]

backend/app/routers/auth.py

@@ -91,7 +91,7 @@ async def register(user_data: UserCreate, db: AsyncSession = Depends(get_db)):
     wallet = Wallet(
         user_id=user.id,
         address=wallet_address,
-        private_key=private_key,
+        private_key=encrypted_private_key,
         public_key=public_key,
         balance=user.balance,
         label="Primary Wallet",

backend/tests/test_auth.py

@@ -1,6 +1,11 @@
 """Authentication tests"""
 import pytest
 from httpx import AsyncClient
+from sqlalchemy import select
+
+from app.models.user import User
+from app.models.blockchain import Wallet
+from app.services.crypto import wallet_crypto
 
 
 @pytest.mark.asyncio
@@ -23,6 +28,37 @@ async def test_register_user(client: AsyncClient):
     assert data["balance"] == 100.0  # Starting bonus
 
 
+@pytest.mark.asyncio
+async def test_wallet_keys_are_encrypted(client: AsyncClient, db_session):
+    """Ensure new wallets store encrypted private keys for both tables"""
+    user_data = {
+        "username": "securewallet",
+        "email": "secure@example.com",
+        "password": "password123",
+        "full_name": "Secure User",
+    }
+
+    response = await client.post("/api/auth/register", json=user_data)
+    assert response.status_code == 201
+
+    user_result = await db_session.execute(
+        select(User).where(User.username == user_data["username"])
+    )
+    user = user_result.scalar_one()
+
+    wallet_result = await db_session.execute(
+        select(Wallet).where(Wallet.user_id == user.id)
+    )
+    wallet = wallet_result.scalar_one()
+
+    decrypted_user_key = wallet_crypto.decrypt(user.wallet_private_key)
+    decrypted_wallet_key = wallet_crypto.decrypt(wallet.private_key)
+
+    assert decrypted_user_key == decrypted_wallet_key
+    assert user.wallet_private_key != decrypted_user_key
+    assert wallet.private_key != decrypted_wallet_key
+
+
 @pytest.mark.asyncio
 async def test_register_duplicate_user(client: AsyncClient, test_user):
     """Test registering duplicate user"""

backend/tests/test_blockchain.py

@@ -109,3 +109,29 @@ async def test_create_transaction_rejects_negative_amount(
     )
 
     assert response.status_code == 422
+
+
+@pytest.mark.asyncio
+async def test_create_transaction_succeeds_with_encrypted_keys(
+    client: AsyncClient,
+    auth_headers,
+    recipient_user
+):
+    """Transactions should succeed when wallet keys are encrypted"""
+    tx_data = {
+        "to_address": recipient_user["wallet_address"],
+        "amount": 10,
+        "message": "Encrypted transfer",
+    }
+
+    response = await client.post(
+        "/api/blockchain/transactions",
+        json=tx_data,
+        headers=auth_headers,
+    )
+
+    assert response.status_code == 201
+    data = response.json()
+    assert data["from_address"] != data["to_address"]
+    assert data["to_address"] == recipient_user["wallet_address"]
+    assert data["amount"] == tx_data["amount"]