BitShares Forum

Main => General Discussion => Topic started by: alt on April 08, 2015, 02:03:22 am

Title: A question about light wallet/web wallet/phone wallet
Post by: alt on April 08, 2015, 02:03:22 am
I have not read the code for light wallet, here I have a question about security
because light wallet didn't download block chain, how can the client verify the real address for a BTS account?
thanks
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: alt on April 08, 2015, 02:05:37 am
If this can verify, we can set a web wallet website to support all BTS client, include: BTS, NODE, PLS
all blockchain use BTS's account data.
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: bitatom on April 08, 2015, 06:07:09 am
this question which I want to ask, we should focus on the light wallet which support multi user, when it's finished, It will support all platform at once.

further more, what's difference between web wallet, light wallet and mobile wallet? theory.
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: bitatom on April 08, 2015, 06:13:05 am
I think verify the BTS account by server side. local generate and store private key, sign the transaction, send to the server and broadcast it.

I have not read the code for light wallet, here I have a question about security
because light wallet didn't download block chain, how can the client verify the real address for a BTS account?
thanks
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: alt on April 08, 2015, 10:06:24 am
I mean when I transfer 10 USD to account btsbots from light wallet,
how does the client get the public address which belong to account btsbots, and how to verify this?
if server give a wrong public address to client, how to avoid it?
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: bitatom on April 08, 2015, 12:36:30 pm
It's impossible to avoid it when using alias of public key, but it's possible to reduce the risk. light wallet should query from multi server(3 or more) to verify  the alias. so the more light wallet server the better. there is another benefit: one server is centralization, more and more servers are decentralization, like email server but different: light wallet can connect to any server and work well.

so I think bts should setup more and more full node and light node.
 
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: lastagile on April 08, 2015, 01:02:46 pm
I think we can hash with the account name


从我的 iPhone 发送,使用 Tapatalk
Title: Re: A question about light wallet/web wallet/phone wallet
Post by: alt on April 08, 2015, 01:06:59 pm
yes, maybe this is a solution, I wonder if we have do something to avoid this risk for now.
It's impossible to avoid it when using alias of public key, but it's possible to reduce the risk. light wallet should query from multi server(3 or more) to verify  the alias. so the more light wallet server the better. there is another benefit: one server is centralization, more and more servers are decentralization, like email server but different: light wallet can connect to any server and work well.

so I think bts should setup more and more full node and light node.