Open SamPatt opened 5 years ago
rmisio
commented
5 years ago No API-based wallet (could require full node or allow an SPV wallet)
Even over Tor, the API based wallet is not private?
My concern with this suggestion is that really, a multi-coin wallet won't be feasible because it's my understanding that running multiple SPV / full-node wallets would be too heavy on most systems.
jjeffryes
commented
5 years ago I think we'd have to test running multiple SPV wallets. We've always assumed it would be too heavy, but I'm not aware of any actual data to back that up. It would be nice to know where the limit is for what kind of computer can handle X number of SPV wallets.
We also don't have SPV wallets available for all coins, so this would be limited to the ones that exist, which adds some more complexity.
rmisio
commented
5 years ago Use Tor
I think we'll probably already have this once we do the client part for OpenBazaar/openbazaar-go#1515. I'm assuming the server will communicate that it's on a bundled Tor and will let us know the port, so we could just have the client use Tor then.
One related question would be, do we allow the user to turn off Tor if Tor is bundled? I'm assuming no. But, if the answer is yes, then the server would need to expose an API to make that happen.
No stats collection code
Sounds easy enough. Obviously the client will need to know it's on a privacy bundle which the build process will need to set some flag.
No API-based wallet (could require full node or allow an SPV wallet)
I don't think this is a client req. The server controls which wallets are used, so this is really a req for them. The client just gets currency codes. As of now, it has no idea what the implementation behind those wallets are.
SamPatt
commented
5 years ago Even over Tor, the API based wallet is not private?
An API wallet is necessarily less private than every other wallet (apart from full custodial), since you are communicating with a third party that doesn't exist with other wallets.
There are multiple ways we could address not having to run multiple SPVs:
People who really care about privacy can run the full node themselves. They probably won't run multiple, just the coin they prefer to use.
It could use Bitcoin only, or if there are other coins which are better for privacy (Zcash shielded or Monero) that get integrated, then use those instead.
Nothing says all OB users need to use all coins.
Work is being done now to include a Tor binary in an installer such that no configuration changes are needed by the user to use OpenBazaar over Tor:
https://github.com/OpenBazaar/openbazaar-go/pull/1515
This could be extended to create a build which differs from the standard instance by focusing on some privacy features: