If these have been answered elsewhere could you point to the source ?
- Will it have built-in TOTP support (2fa)?
- If yes, for which operations? [login, withdrawals, etc]
- Is it a pure brain-wallet like in NXT?
- If not, where is the wallet information stored ? Client/browser or server?
- Can a malicious server operator patch the javascript to steal user credentials and impersonate them ?
- If a wallet server is compromised, do users with wallets there get mtgoxed?
- Is SOCKS5/HTTP proxying baked in the 2.0 wallet/daemon? [connect to rpc server via proxy | connect to other peers via proxy]