Feature - 2 Factor Authentication

camosoul

Grizzled Member
Sep 19, 2014
2,261
1,130
1,183
Definitely needs more thought, I'm not liking what I see so far...

How could 2FA not give away your identity? Won't that defeat the purpose of darksend?

Why not just learn how to computer? If you're crapping all over your anon in other ways because you can't computer, why are you even bothering to use DRK?

How far down can you reach to a user without expecting them to at least reach up a little bit? You can't do it all for them all the time... This is the very problem that the OP mentions... You can't fix the problem by creating more of the problem... This encourages people to continue having no clue at all...

Sounds a lot like welfare... I guess I can tolerate BrainWelfareCoin as long as I don't get forced to use these "features." Maybe I'll hate it less as it solidifies and theory becomes fact...
 
Last edited by a moderator:
  • Like
Reactions: strix

HDMI

New Member
Feb 13, 2015
3
0
1
"Why not just learn how to computer?"

Great approach if the goal is to keep it a niche product.
 

HowlingMad

Member
Jul 12, 2014
100
23
68
Modifying trezor's firmware to support darkcoin is trivial.
Getting that firmware to install on a trezor without enabling developer mode would require the cooperation of satoshilabs.
(Only they can generate a signature for the new firmware that a trezor will accept.)
Then mytrezor.com would have to be forked/updated.

But, I suspect that satoshilabs is going to implement BIP44 eventually. This would enable support for any coin type.
moocowmoo, my thoughts exactly. One of the flaws of Trezor is that you are reliant on the website to function. I do own a Trezor and use it on a regular basis, and a requiring a connection to the internet can be problematic.

Secondly, I have used Authy and Google Authenticator, and bricked my phone. In both instances, I was lucky that I had entered the same keys on my phone and tablet at the same time. It took several days to have websites remove the 2FA and then for me to set it up again.

From the concept of keeping the keys within the blockchain itself, while a great idea, once set you had better not forget them. The challenge/response keys could be kept locally in the wallet, I imagine.

Remember that the challenge/response keys change based on time. So the time on the local computer/phone/tablets must be synced to a known time source, such as ntp.org. The challenge/response keys change every 30 seconds and a known verifiable timestamp would have to be included in the transaction. The concept of a hardware key and challenge/response has been around since the early 1990's; so the concept is not new just the implementation.

The wallet would have to track the time independently from the local hardware,. While having a synced time source from the Internet is fairly reliable, I have had instances with the last year where my phone carrier and the Internet disagreed.

From Bitcoin Armory, I would like to see the virtual keyboard and printable wallet keys added to the DRK wallet. I did have a keylogger on my computer and the virt keyboard saved me there. The paper key printouts saved me when I had forgotten the passphrase for a infrequently used wallet. Armory, by far, is the best wallet out there for Bitcoin. All of the other wallets should be ashamed to call themselves wallets! LOL

Currently, for security purposes, I keep several wallets with different passwords. Think of the most frequently used as my checking account, the next frequently used as my savings account, and my off-line sneaker net wallet as my safety deposit box. I purchased an ASUS netbook just for the this purpose, and it never gets connected to the Internet.
 

HowlingMad

Member
Jul 12, 2014
100
23
68
Simply logging in to your wallet and having that login be verified by a third party server creates a time signature that could then be matched to any transactions you make. although Darksend mitigates this to an extent, if I know you logged on to your wallet at 0711 UTC and then I see a bunch of darksend transactions for the next 4 minutes,
HammerHedd, you just hit on a large problem. The 2FA and darksend would be mutually exclusive. You have to know the public key of the sender in order to run 2FA against the transaction.
 
B

buster

Guest
Guys, I'm sorry if this has already been brought up, but what if you lose your phone? All coins lost?
Literally one of the only reasons i continue to pay my phone bill because of all the associated 2fa with it. Sometimes I wonder what i would do If I didn't pay for one month and lost the phone number I use.
 
  • Like
Reactions: r-ando

camosoul

Grizzled Member
Sep 19, 2014
2,261
1,130
1,183
Literally one of the only reasons i continue to pay my phone bill because of all the associated 2fa with it. Sometimes I wonder what i would do If I didn't pay for one month and lost the phone number I use.
Get set up on google voice and some VoIP service. I don't pay for cell service anymore. I use open WiFis. No worries about that crap.
 
  • Like
Reactions: r-ando and buster

chatterbox

Well-known Member
Foundation Member
Mar 10, 2015
107
78
178
This would be the best feature ever, unless you can add a bread slicer of course. ;)
 

kointrend

Member
Jan 22, 2015
45
55
58
Guys, I'm sorry if this has already been brought up, but what if you lose your phone? All coins lost?
I don't know how the wallet would work, but I saved the QR code image of all my 2FA accesses, just to prevent issues if I lost the phone and to can rescan them.
 

fible1

Well-known Member
Dash Core Group
Masternode Owner/Operator
May 11, 2014
710
722
163
I would love it if we could renew this initiative; perhaps add it to the budget for next month?

This is a really much needed feature: it is incredibly worrying to try and secure a large amount of coins where there is no 2fa and where alternative wallets which do support enhanced features, like Trezor and Encompass, do not support masternodes, etc.

Pablo.
 

AjM

Well-known Member
Foundation Member
Jun 23, 2014
1,341
575
283
Finland
And maybe also optional pincode before wallet start, this is whished many times.
 
  • Like
Reactions: Raptor73