Mobile Wallet - Testers needed

[hpenvy2]

@Elmato

Are there additional resources from the community that you need to be successful?

[.yoshi]

Fantastic work. Really looking forward to this release.

Edit: I know I'm getting ahead of myself... but any plans for an iOS version?

[hpenvy2]

This is how we get Andreas Antonopolos, Roger Ver, Barry Silbert, and every other pundit mentioning us on every television interview.  This is orders of magnitude more important than any other bitshares project.   Once done all of the other ideas will work. 

 

[lil_jay890]

I agree that the mobile wallet with the ability to hold bitcoin is very important.  I know important things are being done on the bitshares code right now, but that's impossible to market.  Checking the github for progress is depressing because it seems like tasks take so long to accomplish.  Even worse is seeing extra full weeks being added on to each release date.  Come to think of it the github is almost like "Anitmarketing", it only dissapoints.  It would be nice if the marketing team had something usable and tangible for non-geeks to experience.

[bitmarket]

When this is produced, I will concentrate all my effort on promoting your wallet. I might change the youtube channel to bitwallet.tv  lol.   This is everything.  This is what we can get on millions of phones.   This is how we can get bitUSD in millions of hands.  This is how we increase bitUSD volume and make every exchange on the planet beg to integrate us.  this is how we get a shit tonne of free press.  This is how we get Andreas Antonopolos, Roger Ver, Barry Silbert, and every other pundit mentioning us on every television interview.  This is orders of magnitude more important than any other bitshares project.   Once done all of the other ideas will work.  Without this first, none of the other ideas will work.

Just make sure it is technically tight.  Don't leave room for hackers of any kind.

All by doing something as easy as following the first rule of business.  "If you help enough people get what they want, you can everything you want."

[Rune]

bitcoin bridge support is AMAZING. Nullstreet was literally in the middle of a discussion about "when is someone gonna make this so we have something to market".

Awesome!!!!!!!!!

Hope it'll be ready soon, this should what our ads are focusing on.

edit: it's meant to be able to send and receive bitcoin just like a regular bitcoin wallet (scanning/generating bitcoin QR codes), right? Ideally it should be able to scan a bitpay QR code and get the address and amount, then send the amount to the bridge to get a locked in quote for an amount that corresponds to the price of the locked in bitpay quote, and then have the bridge return the amount of bitUSD the wallets need to send to the bridge account with a memo that makes the bridge return any funds that are in excess of the quote, and return all funds if they are below the quote.

[ElMato]

WIll the GUI support account names instead of pub keys? the QR codes will be generated based on registered bitshares account name and not pub keys right?

@jsidhu yes the wallet will support account names and QR codes will be generated based on that names (if the user has his account registered).

[arhag]

One method to avoid this kind of attack is to allow the user to share his account (name+pubkey) information through another channel (whatsapp? mail? ) . Then the wallet can add that contact information directly from the other party.

Yes. Also, I think it would be really nice if you could use the mobile wallet to easily exchange that information directly in person (maybe with QR code or Bluetooth or NFC?).

http://imgur.com/hUodEQv.

Wow. This is really exciting. I didn't think you would have Bitcoin deposit and withdraw features (with automatic conversion through a bridging service) anytime soon in the mobile wallet. Since that means you must be running a Bitcoin node on the server as well, what are your thoughts on allowing the mobile wallet to act as a Bitcoin wallet as well (and augment the API with the server to receive and create Bitcoin transactions)?

[jsidhu]

WIll the GUI support account names instead of pub keys? the QR codes will be generated based on registered bitshares account name and not pub keys right?

[ElMato]

One method is to change the active key reported by the server for a given account name. The client has no way of knowing the mapping between human-readable account name to active public key. That would require the client to download and process the full blockchain which is not feasible for a mobile client.

@arhag you are right.

One method to avoid this kind of attack is to allow the user to share his account (name+pubkey) information through another channel (whatsapp? mail? ) . Then the wallet can add that contact information directly from the other party.

[ElMato]

Hi everyone, here is a quick update to keep the community posted.

We (Pablo and I) are working hard to get our third release ready as soon as possible.
There has been a lot of changes going in the backs that are helping us to test while we develop.

Since want to give our users a clean/fast/integrated experience on the wallet, we developed and auto exchange for bitUSD/bitCNY <-> BTC
This auto exchanger will help us provide our first deposit/withdraw method inside the app.

(NOTE: We know that there are alternatives to this [shapeshift, metaexchanger and alt's gateway], and we keep an eye on them to integrate in the future)

Besides the "$15 sent to Pablo", "$12 received from Matias" type of transactions, we want the users to view something like this on the main screen.

"$250 Deposited"
"$200 Withdrawn"
"0.05 BTC sent to XXX ($11.04 USD)"


The auto exchanger works with two api calls.

Example : I want to "Deposit" 5 USD paying in BTC.

Code: [Select]

GET https://bsw-test.latincoin.com/api/v1/buy/USD_BTC/5
{
  "quote": {
    "client_pay": "0.02230252 BTC",
    "timestamp": "1423504598",
    "rate": "224.18991218",
    "client_recv": "5.00 USD"
  },
  "signature": "c495550ef134d00ec21889660772877952afc74878d3add28f2143086ae14295"
}

If you accept the quote you need to POST the quote back to the server with your desired destination address and your previously generated token.

Code: [Select]

POST https://bsw-test.latincoin.com/api/v1/accept
{
  "quote": {
    "client_pay": "0.02230252 BTC",
    "timestamp": "1423504598",
    "rate": "224.18991218",
    "client_recv": "5.00 USD"
  },
  "destination_address" : "DVS6KBKUMcWXvgY7c9sYqHv4p47baAn6NBPR",
  "signature": "c495550ef134d00ec21889660772877952afc74878d3add28f2143086ae14295",
  "token"    : "66ecd0a1f222f3edfce79615896cfc91ecb6487af0d00a6cf2ca9d41cb96d32f"
}

After that a transaction will be generated waiting for the payment to be made.

Code: [Select]

{
  "tx": {
    "status": "WP",
    "rate": "224.18991218",
    "cl_recv_curr": "USD",
    "quoted_at": "1423504598",
    "cl_recv_addr": "DVS6KBKUMcWXvgY7c9sYqHv4p47baAn6NBPR",
    "cl_recv": "5.00000000",
    "cl_pay": "0.02230252",
    "id": 126,
    "cl_pay_curr": "BTC",
    "cl_pay_addr": "BxMU8x3EU1mF2kNan4fyCwu7MhWNPAPjRY"
  }
}


The token is obtained after a signup process with the server.

GET https://bsw-test.latincoin.com/api/v1/signup

Code: [Select]

{
  "msg": "SignMePlease|c90355493833bfa8f739923f7f83d550063d0aa2d943cae8f0f88c11af771b99|1423505360|513424133231708f60bfffdeff9cf9929f35741f6318d4887929667e935d6cec",
  "signature": "1f7925047f1d26c435bd38e88c2c018c74528b229836df40f19be046649ba41884771a2cc7951f684760f654c9b824cf8018bc89092acf84937b7723ebae6a2304"
}

"signature" is the signature of "msg" from the server in order to identify the service.

Then you have to sign "msg" with your private key and POST back to the server.

POST

Code: [Select]

{"message": "SignMePlease|c90355493833bfa8f739923f7f83d550063d0aa2d943cae8f0f88c11af771b99|1423505360|513424133231708f60bfffdeff9cf9929f35741f6318d4887929667e935d6cec", "pubkey": "DVS7uY73UseX7JVGVzQwiuQ14Z82PtjtGin8AgvSfYtY1gUrFVhVx", "signature": "2013d56e7714b17799948daf7a7353821f58e3bc61d9f50c649efdb7de718d55101ece52f616495c3a1b9ebb0a22ff952daafc6833bba03214268f0a0296ec6663"}

And a token will be generated.

Code: [Select]

{"token": "66ecd0a1f222f3edfce79615896cfc91ecb6487af0d00a6cf2ca9d41cb96d32f"}

This is a raw/ugly screen flow for the third release to have a preview of what you can expect in the next version.

http://imgur.com/hUodEQv

Texts and GUI Elements are not final so don't worry about it.

Our third release will have the same "basic" UI design and for the next release
@cass will be helping us with the UI.

[arhag]

[1] The client is NOT validating yet that the transaction built by the server is in fact what i asked the server to do.

If the server is compromised and we have [1] resolved, there is no much harm that an attacker could possible do in terms of stolen funds.

So, there is no such thing as "false validation".
If an attacker compromise our server and we don't have [1] implemented, the attacker can create a malicious transaction (changing the destination of the funds) then the client will sign (without validating) and funds will be lost.

If the transactions does not validate, the client won't sign it, so no funds lost.

I just want to clarify that even with [1] resolved, a user can still lose money if the server is compromised.

One method is to change the active key reported by the server for a given account name. The client has no way of knowing the mapping between human-readable account name to active public key. That would require the client to download and process the full blockchain which is not feasible for a mobile client.

Alternatively, we could take some notes from Ethereum and augment our consensus system to use a Merkle Patricia tree to represent the state of the entire database in periodic snapshots, commit the root hash of that database snapshot into the block headers, and have a super majority of the delegates confirm that snapshot as part of their block signing process, as I described here; that coupled with further changes in block production procedure that make it possible for lightweight clients to update the set of active delegates over time with minimal trust assuming they do not resync too infrequently, means that a lightweight client could verify proof of the existence of some state in the database (where the proof scales logarithmically with the number of keys in the database) in a very low trust manner. But that requires a lot of complicated changes and work, so we can't expect that anytime soon.

There is a much simpler way to protect against this threat however. First, would be to use the TOFU (trust on first use) security principle. The mobile wallet could automatically add to the contacts list any account name to whom the user sends funds. The mobile wallet would log the association between the account name and the owner/active public keys. If the active public key changes, the mobile wallet would require proof (the transaction signed by the owner key that changed the active key) from the server in order to update its local active public key associated with the account. If the server ever sends the mobile wallet an unsigned transaction where the active public key or owner public key associated to an account name that the user wants to send funds to is not the one stored in the local database of the mobile wallet, it would warn the user that the server is likely compromised and explain to the user how to proceed. Second, it should also be possible for the user to pin a contact as trusted (which would show up in the GUI in a special way when sending that account funds). Pinning a contact as trusted means that the user has manually verified the owner key of the account through out-of-band methods and trusts that is it correct (it could also mean that pinned accounts will keep their associated owner/active public key in the local database and that data cannot be garbage collected to save space like it could be possible with the auto-added contacts). A user may be more careful about sending funds to an unpinned account than a pinned account. For example, if they want to send a large amount of money to some unpinned account, they might first send a small amount, verify through outside channels (like in person or over the phone) that they received the payment, pin the account, and then send the rest of the larger sum of money.

The other method by which the user can lose money is through the server making it appear as if the user received funds (very similar to a double-spend attack). The attacker that compromised the server (say they were able to get the server's private SSL keys and man-in-the-middle or rather man-on-the-side attack the user's connection) could buy goods/services from the user (or exchange cryptocurrency for cash or other cryptocurrency) and make it appear as if the user received funds for the exchange. For example, the attacker could send a legitimate (properly signed) transaction to the user's address that was funded by withdrawing funds from an illegitimate balance (a balance that does not exist or does but has 0 funds in it). Without the Merkle Patricia tree discussed above, the user is forced to trust the server about the existence of balances in the consensus database.

Unfortunately there is no way to protect against this attack without the complex improvements to lightweight client validation that I discussed above. Fortunately, it is fairly difficult to pull off since it requires not just compromising the server but also compromising the specific victim (and the victim's internet connection) in a live environment usually with physical presence required by the attacker's agents (to actually buy the good/service in person). Also, the typical victim (a merchant) would usually be someone who is capable of running a full client.

Finally, this is not bringing up all of the other possible attacks that become possible when you want to move beyond simply transferring assets to other parties. For example, a light wallet that was capable of trading on the DEX would be very vulnerable to the server. The server could make the order book appear to the user in anyway it wanted. Fortunately, if it is too strange the user will become suspicious of the server, since the prices can only deviate from what user expects them to be so far before the user attempts to verify through other means. Still, small tweaks to the order book could allow the server to profit immensely by front running its users.

[xeroc]

are there any updates on this?

[ElMato]

@fluxer555, i think i've already answered your question.

But lets do it again.

The task for the server is to build transactions based on what the client asked to do and relay them to the network after the client signs it.

So, there is no such thing as "false validation".
If an attacker compromise our server and we don't have [1] implemented, the attacker can create a malicious transaction (changing the destination of the funds) then the client will sign (without validating) and funds will be lost.

If the transactions does not validate, the client won't sign it, so no funds lost.

Is this answer enough? or you need more clarifications?

[fluxer555]

What's stopping a compromised central server from sending false validation back to the wallet?

Still waiting for an answer to this. Also, what will the wallet do if the transaction does not validate? At that point, it is too late, right?