Open siraben opened 3 years ago
TBH I agree with you here. I hate that it's locked. @imaginaryusername and others wanted me to keep it locked. I see Electron Cash as a power wallet for power users -- if you want an Apple-style completely locked down idiot-proof wallet, use something else.
So in that philosophy I 100% agree with you. Sooo.. @imaginaryusername and @jcramer @blockparty-sh .. what do you guys think about this? I think we should let the user do what he/she wants.
Or is non-SSL that dangerous?
Since there's a "backdoor" where you can enable Tor, disable Tor, then viola you can use non-SSL as you wish... yeah, might as well let people do it all the time.
We could just make them agree to an agreement clicking "I agree" like Apple does and then feel content that we did our due diligence.
Agree. Instead of some popup isn't it sort of obvious what disabling encryption means?
IDK .. to me it is. shrug Whatever people want. Popup, no popup. I'm ok with whatever. I'm deep in the rabbit hole so to me it's very clear but -- maybe @imaginaryusername is more "in tune" with the common everyman.
What sort of changes would it require? In a local copy I was able to disable the SSL checkbox but it didn't seem to have any effect.
I'd say as long as the default is "Use SSL", we don't need the popup or disclaimer - option is sufficiently buried and risk not immediate enough, people can be responsible for their own decisions.
@siraben How did you disable the checkbox exactly? It's not enough to kill the GUI element -- one must also walk into mordor and change the config key...
@cculianu I set ssl_disable
at https://github.com/simpleledger/Electron-Cash-SLP/blob/e8a928243cc33a7672c1c37b217762a6cbb2613a/gui/qt/network_dialog.py#L735 to False, obviously it didn't work.
We're going to go with using SSL for now, even though that complicates our setup more. In the future it would be nice to not use SSL.
In the network settings, there's a toggleable option for whether to use SSL or not, but the helpbox says that we can only disable SSL when using a Tor proxy. Instead, the option to disable SSL should be given no matter what for testing purposes.