search

sparrowwallet / sparrow

Desktop Bitcoin Wallet focused on security and privacy. Free and open source.
https://sparrowwallet.com/
Apache License 2.0
1.35k stars 190 forks source link

[UI] Combine password and BIP39 passphrase pop-up during wallet start #408

Closed RequestPrivacy closed 2 years ago

RequestPrivacy commented 2 years ago

Description

If one opens a wallet secured with a password and passphrase, first a pop-up to enter the password appears. Once that's done the pop-up closes and after short time a new pop-up appears asking for a BIP 39 passphrase.

Although it makes sense to separate both (e.g. for a wallet where no password has been applied), I would find it much more convenient if there wouldn't be two pop-ups.

Potential improvement

One pop-up could open, in the first line asking about the password together with an input field and right below (still greyed out until the password has been entered and applied) another line asking for the passphrase together with a separate input line.

craigraw commented 2 years ago

I see the UX benefit here, but there is a downside too - now all password protected wallets must be opened serially, since the password dialog needs to stick around until we have decrypted the wallet and know if there is a passphrase required. We can't allow the user to proceed with the next wallet password until the previous one is decrypted.

Also, this kind of behaviour would be messy from a code POV - I don't think the benefit is worth the maintainability burden.

RequestPrivacy commented 2 years ago

Ah I didn't know that serially opening multiple wallets is a common work flow. If I have to open multiple wallet files I always open them one after the other. Decrypting also doesn't take to much time but I guess that also depends on the size of the wallet file?

Also, this kind of behaviour would be messy from a code POV - I don't think the benefit is worth the maintainability burden.

Yeah I thought it might be kind of messy changing the flow. So together with your other points it seems a rather burdensome change for the (only potentially beneficial) improvement.

craigraw commented 2 years ago

Decrypting also doesn't take to much time but I guess that also depends on the size of the wallet file?

Most of the time decrypting is actually spent doing key derivation using Argon2, which is configured to be time-consuming to prevent brute force attacks. The wallet file is always encrypted, even while it is being used.

Opening multiple wallets is actually pretty common (it's certainly my norm).

Appreciate the suggestion, even if it's not one I'll be implementing.