Closed mister-game closed 4 years ago
Many of these are very important to be under passphrase. Start Masternode for example, its a broadcast of special code that well, allows for masternode to start i assume, we dont want for anyone to hijack the broadcast, copy the wallet you have and impersonate your wallet, and keep turning on/off your masternode, that would be a fatal flaw.
While i assume even if the code to start/stop masternode would be hijacked. its still useless for hacker since he also needs to know passphrase, which passphrase obviously never gets broadcasted, you punch it in it never leaves your wallet, only public key gets broadcasted.
Alot seems like its overdoing things, some maybe is possible to simplify,just remember some things would be crucial to keep the way its programmed .
Making your wallat remmber your passphrase forever would be possible i think, if you are reeeeeeally confident in your security game, both your physical PC and virtual.
As long as hacker wont get to you, that option would be something that you would benefit from, but on mass scale, its just not very good idea to implement, one one hand, someone who isnt tech savy keeps their wallet always open, and remembering password, so its their fault if they get funds stolen, but on other hand, we dont want 40% of community to lose funds this way, taht kills the coin.
Maybe a special build just for tech savyy people XD
Looks like I answered your last one first. I imagine in the hackers world it is fairly easy to scan your computer, find all the files that are named "wallet.dat" and upload them to his server. I guarantee if he spends several hours trying to brute force your password and succeeds, he is NOT going to start my masternodes. He is NOT going to generate more receiving addresses. He will send your coins to his wallet, and End of Story.
The same with a thief in your house. They want to get in AND out as quickly as possible. Steal your laptop, maybe check for jewelery, they aren't going to open your TV remote and subscribe you to premium channels.
On Wed, Dec 4, 2019 at 4:39 PM AzrielJale notifications@github.com wrote:
Many of these are very important to be under passphrase. Start Masternode for example, its a broadcast of special code that well, allows for masternode to start i assume, we dont want for anyone to hijack the broadcast, copy the wallet you have and impersonate your wallet, and keep turning on/off your masternode, that would be a fatal flaw.
While i assume even if the code to start/stop masternode would be hijacked. its still useless for hacker since he also needs to know passphrase, which passphrase obviously never gets broadcasted, you punch it in it never leaves your wallet, only public key gets broadcasted.
Alot seems like its overdoing things, some maybe is possible to simplify,just remember some things would be crucial to keep the way its programmed .
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/dogecash/dogecash/issues/35?email_source=notifications&email_token=AN3OTCZ27KV7RJ6HI7TGQMDQW5UDTA5CNFSM4JTJJYNKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEF4FULY#issuecomment-561535535, or unsubscribe https://github.com/notifications/unsubscribe-auth/AN3OTC6RLRTY72AQ6CD35BLQW5UDTANCNFSM4JTJJYNA .
and besides, the greatest threat to your password is a keylogger or a clipboard copier, so the less times you enter it, the more secure you are
On Wed, Dec 4, 2019 at 4:42 PM AzrielJale notifications@github.com wrote:
Making your wallat remmber your passphrase forever would be possible i think, if you are reeeeeeally confident in your security game, both your physical PC and virtual.
As long as hacker wont get to you, that option would be something that you would benefit from, but on mass scale, its just not very good idea to implement, one one hand, someone who isnt tech savy keeps their wallet always open, and remembering password, so its their fault if they get funds stolen, but on other hand, we dont want 40% of community to lose funds this way, taht kills the coin.
Maybe a special build just for tech savyy people XD
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/dogecash/dogecash/issues/35?email_source=notifications&email_token=AN3OTC2W5NCN5UYTM4GNWE3QW5UQHA5CNFSM4JTJJYNKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEF4F45A#issuecomment-561536628, or unsubscribe https://github.com/notifications/unsubscribe-auth/AN3OTC4UTTQD4EIYJEPKUA3QW5UQHANCNFSM4JTJJYNA .
Would you prefer to keep this issue open or issue #45
I'll check 45, whatever's easiest
So many actions require you to enter your passphrase. this leads to the temptation to shorten or simplify the passphrase, which compromises the main purpose which is to protect funds. Only "send money to an outside address ( not your own) is necessary.
Unnecessary things protected by passphrase ..Generate new address ( I don't care if someone breaks into my house, unlocks my computer, unlocks my wallet, and generates an address) ..Start masternode ( waiting for remote activation) ..Masternode (Tab) select node: masternode Information prob many more that i don't use personally