mikehearn
commented
9 years ago The right first step here is reusing Alon & Chris's work on the Bitcoin Authenticator project. It provides an Android app and desktop wallet that pairs with it, with P2SH/MultiSig being used to secure the funds in a decentralised way.
The desktop wallet is based on bitcoinj and JavaFX (the WalletTemplate GUI app) too, so it's super close to Lighthouse technically, and Android devices make for a great second factor that lots of people already have.
Why not TREZOR: I love my TREZOR dearly, but most people don't have them. For people running a big project, setting the target address to a TREZOR wallet makes a ton of sense and is what I will do for my own projects. But myTREZOR or MultiBit HD is good enough for this.
For people making big pledges, it's probably not worth the investment until the price comes down. They would mostly be relying on Lighthouse to secure their funds and wouldn't have any special hardware. But they probably (looking at global marketshare) have an Android phone.
Total amount of work required here is unknown but it's definitely a complicated project. Lighthouse would need to be upgraded to use P2SH addresses, it would need a pairing flow (Bitcoin Authenticator code might be stealable for this, need to check the license), all the parts where a password is requested would need to be extended, etc. Backup still needs to work. Existing wallets need to be upgradeable. Therefore total cost is hard to estimate, but will be high.
Lighthouse is a regular SPV wallet and as such should incorporate new features and upgrades that are security related as support becomes available in bitcoinj.
MultiBit team are working on TREZOR support. Chris Pacia/Alon are working on Android two-factor auth. Kosta Korenkov and devrandom are working on risk analysed multisig or "married" wallets. As all these things click together we should surface them in the UI as much as possible.
This is long term work that might need to be crowdfunded if nobody volunteers, although if bitcoinj does its job well the work itself should just be UI design and wiring.