When adding a "BTC Address", let user choose to see the private key

OmniLayer / omniwallet

Omni Protocol Hybrid Web-Wallet

https://www.omniwallet.org

GNU Affero General Public License v3.0

327 stars 187 forks source link

When adding a "BTC Address", let user choose to see the private key #965

Open marv-engine opened 9 years ago

marv-engine commented 9 years ago

In the alert that shows the address that was added, provide a toggle button to display/hide the private key. This will let the user copy/paste it somewhere if he wants to.

sagyeli commented 9 years ago

@marv-engine, Mmm... I'm not so sure it's a very good idea. It can be easily exploit by any browser extension. Technically speaking, when the private key is actually present on the webpage it can be read by any browser extension, while when "stored" only within the javascript runtime stack is almost untraceable (due to scope issues).

marv-engine commented 9 years ago

@sagyeli I hadn't thought of that. It's a good point. My goal is to make it easy and safe for a user to save their private keys, especially when they add an address.

Maybe add a backup reminder to the feedback when an address is added.