Features Wish list

Discussion in 'General' started by Ryan.a85, Jun 18, 2017.

  1. Ryan.a85

    Ryan.a85 Founders Staff Member

    Let's talk about some features we want after v1.0

    One thing I'd to have as soon as possible is the Radix equivalent to offline wallets, like armory for bitcoin. Radix works differently so this is not as easy to do as in blockchain projects but will be great to have at some point.
    New supply could be received in the offline wallet or directed to another address in a regular wallet for instance.

    And a bit further down the road - Improved anon.
    Transactions here are far more complicated to track compared to bitcoin, but some coins offer better anonymity. Having an option to send a completely anon tx will be great to have, even if most users have no interest in this. Just for peace of mind.
  2. a4zg

    a4zg New Member

    I agree with your sentiments exactly for anon transaction and also offline wallets would be cool.
    I think another neat feature would be two factor authentication, I think this is a must have when logging into any account. I'm sure the Radix team have already considered this, if they see this post, thumbs up you have my vote!

    Very keen to check out the beta, It'll be rad (radical) :).
  3. tesslerc

    tesslerc Beta Testers

    Offline wallets = Credit cards no?
    If you pass X cash to a credit card and keep it in a safe place... effectively offline cold storage no?

    Regarding 2FA, IMO this is probably one of the most important features for the platform.
    If there is a way to retrieve a wallet once lost and to attach a 2FA to the account itself, this means that you can enable login from anywhere given account number / ENS + password + 2FA.
  4. danisapfirov

    danisapfirov Beta Testers

    In addition to offline wallet=card based, I would recommend Radix wallet=network based, that relies on network not on a wallet.dat file.
    Auto Synchronization and commands to Copy/Restore funds between local wallet.dat and Radix wallet could make online funds safer.

    NXT uses this type of wallet, not wallet.dat file and I find it very convenient.
    Last edited: Jun 18, 2017
  5. Ryan.a85

    Ryan.a85 Founders Staff Member

    Not exactly, having your private keys on air gapped pc is way more secure. The keys only sign a tx and never come in contact with the "outside" world so to speak.
    The card will be very practical, but the security it provides is not on that level.

    As for 2FA, it is probably not possible to do have it decentralized. Dan can explain why.
    But we could have centralized solutions for that, it might even be good if some companies start to compete to develop these wallets. Because the average users (our target) are terrible at keeping their devices secure. I bet we'll see a lot of people getting hacked for foolish reasons, it will take some time until people are responsible to be their own bank.
    In the mean time centralized solutions are acceptable for those guys.
  6. Gedke

    Gedke Beta Testers

    Cyg likes this.
  7. Rickard

    Rickard Beta Testers

  8. Gedke

    Gedke Beta Testers

    Yeah, but once you connect the USB and enter the password aren't they able to steal the coins? Ledger needs confirmation, pressing the buttons physically to make the transaction, not only to unlock the device with a PIN code. Unlocking the device with a PIN is only one step for Ledger.
  9. Cyg

    Cyg Beta Testers

    Really awesome device. Simple to use and getting popular. Would be very beneficial to be able to have added wallet security with ledger.
  10. Fuserleer

    Fuserleer Radix Founder Staff Member

    We can have that for V1.0 actually. Offline wallets can receive funds without having to come online.

    Interest / earnings is a different kettle of fish, but I've been thinking it could be possible to delegate the collection of those earning to another account which claims them to your offline wallet for you.

    I spent a LONG time trying to figure out a solution for a decentralized 2FA solution. I had some ideas, not sure if they are workable or secure though, need to spend some time. Its a VERY hard problem, and may not even be solvable.

    With the debit cards the keys never go near the outside world either. The reader sends the TX (or whatever) to the card to sign, which signs it and sends the signature back. Keys are never touched by anything.

    Been thinking of moving in this direction too, except the user should have a copy of the keys in a "wallet.dat" somewhere but no actual data.

    Brain wallets are really hard to do securely because what humans perceive as a secure passphrase is trivial for a computer, enforcing that hardness onto users makes it seem like a long winded process to "login".

    That said, smart card readers and the cards themselves are cheap enough that everyone could have one and use that + a password for their login. Most phones these days have NFC too, so you could do away with the card also for most.
    junsha, fthomas, Lloyd and 1 other person like this.
  11. gbcholgi

    gbcholgi Beta Testers

    my wish: bring the very good brave browser a real fast new payment solution! or build such a thing for radix :)
  12. rotane

    rotane Founders

    New Feature request:
    p2p streaming

    Very valueable for the Network!
  13. Rickard

    Rickard Beta Testers

  14. rotane

    rotane Founders

    Features: p2p streaming

    Veeery valueable for the Network!
  15. Ryan.a85

    Ryan.a85 Founders Staff Member

    Ok, so a lot more secure than I expected. But having the private key on an offline pc signing a tx means that you're exposed to fewer attack vectors right?
    Borderline paranoia on my end, I know, just got a bit curious about it.
  16. Fuserleer

    Fuserleer Radix Founder Staff Member

    Id say more actually.

    Someone could access that PC and plant some software to sniff the wallet keys when you sign tx.

    Can't install malicious software on the card.

    Extreme case I know.
  17. jonas452

    jonas452 Beta Testers

    How about copying the card. And a compromised "card reader" that can memorize a users pin code (if one is even needed)
  18. Lemming

    Lemming Founders

    You can't copy the whole contents of the card, the private keys never leave the device. Even different applications on the same card are sandboxed, so they can't access each others data (for JavaCard, I suppose it's similar with other technologies, or they may simply not be able to run multiple applications on a single card).
  19. jonas452

    jonas452 Beta Testers

    How does that work? If i can easily create my own card, then someone can easily create a copy. Doesn't matter if its encrypted or not data is just data.

    If it really isn't possible i love to know how :p
  20. Lemming

    Lemming Founders

    The app is put (installed) on the card. Then the app runs, and it generates its private keys which are put in local storage which is not exposed to the outside world. The private keys never leave the card, you send a transaction to the app which then signs that transaction with a private key and sends the result (the signed transaction) back.

    Don't compare it to an usb stick where an external computer has access to the complete memory of the stick. The smart card has its own cpu, and the connection to the outside world is a bus, like a network connection, where the programs running on the cpu decide which data can leave the card.
    Fuserleer, Lloyd and trescuernos like this.

Share This Page