How much trust is involved with using a central server? What kind of vulnerabilities are exposed with this?
He's basically running an api server. Unless the wallet itself is malware and sends him the private keys all the server is doing is processing signed and encrypted transactions.
Brilliant.
Sent from my Timex Sinclair
@fluxer555 i find your concerns very important because those are the same questions i ask before using any kind of wallet.
So let me explain a little more how the wallet works.
As far as i know, every BitShares lightweight client will need the assistance of a central server.
The alternative will be to implement something like this
https://blog.ethereum.org/2015/01/10/light-clients-proof-stake/in the core.
Mobile wallet
1) The first time the client runs private keys are generated in the phone.
(in Android we use bitcoinj => SecureRandom [with PRNGFixes], basically /dev/urandom)
(in iOS we are using CoreBitcoin => /dev/random)
2) Every time the client wants to make a transaction he asks the server something like this.
- I want to transfer 10 USD from A,B,C to Z
3) The server returns an UNSIGNED transaction [1] that fulfills the client requirement (10 USD to Z)
4) The client using his local private keys signs the transaction, and ask the server to forward it to the network.
This is the basic usage.
[1] The client is NOT validating yet that the transaction built by the server is in fact what i asked the server to do.
If the server is compromised and we have [1] resolved, there is no much harm that an attacker could possible do in terms of stolen funds. (Of course it will disrupt normal operation)
The code is open, so you can take a look at it and build your own binaries if you don't trust ours!