Open esengulov opened 4 years ago
This should be split into independent issues as these are independent ideas. If an idea is not worth its own issue, it's probably not worth implementing neither.
This should be split into independent issues as these are independent ideas. If an idea is not worth its own issue, it's probably not worth implementing neither.
Thanks, it's indeed a basket of issues) At one point the issue count became really large so we cleaned it up back then by moving all security issues into one ticket for tracking. We will clean it up in the near future, thanks for heads up ;)
Ok, if that is the idea, use a checklist:
...
Ok, if that is the idea, use a checklist:
- [ ] View only mode - to monitor portfolio. Only MPK would be required for the app to work in this mode. View only mode.
- [ ] Disable transactions over 1000 or some other desired amount. This option may include “Require reinstall to remove restrictions”.
- [ ] Passcode request for anything over certain amount.
- [ ] blur mode that would hide all sensitive data with blurred overlay. Can be removed on demand from settings. Blures balance on home tab. Everything else stays same. Deactivation of blur takes 5 hours.
- [ ] Require pin on send.
- [ ] Require Face ID on send.
...
thanks! cleaned it up a bit )
Would like a optional lock on the app and wallets for additional security
Would like a optional lock on the app and wallets for additional security
thanks, added it to the above list of improvements
"Double auth for send" feature: I don't want face id or fingerprint id.
In my case I think is better pin A or pin B.
Normal pin (A) is for low value transactions. After a certain amount it needs for "send" a pin too.
[ ] Disable transactions over xxx
Or request passcode for anything over certain amount. This option may include “Require reinstall to remove restrictions”.
[ ] Double auth for send
Ask for pin on send. Require Face ID on send.
[ ] Hide large balances
Ability to hide certain coins (with large balance). unhide option would be available in settings
Randomize the keypad each time the PIN needs to be entered.
[ ] Alert on large balances
Recommend users to move part to a cold storage. Diversification of risk factors.
[ ] Brute force measure
Delete the wallet on x unsuccessful login attempts. At the moment we lock the screen.
[ ] Screen overlay detected!
Blockchain.info has alert when there is some overlay on screen while using their app. It shows alert “Screen overlay detected! Should I exit or continue to use app”
[ ] kill switch
An option to add Kill Switch Pin that would erase all enabled wallets on the app on the kill pin entrance.
[ ] additional pin locks
An optional lock on the app and wallets for additional security
[x] duress PIN
discussions in this thread, https://github.com/horizontalsystems/unstoppable-wallet-android/issues/5526