[size=14pt]Hi there![/size]
I’m here to share some thoughts and ideas. Maybe they are stupid, but maybe they will help to develope some good things. You decide.
[size=14pt]Short intro[/size]
First of all few words introducing, so that you can know how much to rely on my “general computer experience”. I know some basics in programming (C,C++, Java, SQL, Matlab, HTML, PHP). Mostly for fun during studies. I’m not profesional programmer. My daily activities are internet reading and using computer like general people do for fun, music, entertainment, movies, shopping.
My crypto experience
I do some trades on exchanges. Lost few BTC’s on GOX. Got PPC and LTC wallets. I would call myself a newbie. No experience in cryptography.
[size=14pt]Cryptocurrency user experience, observations and conclusions:[/size]
-
Using cryptos is less safe then fiat currency, because to robb my online bank account you need not only my pass but also a token (which I get on cellphone or I got a separate device). And wires are reversible and trackable. Cryptos are fast, irreversible, and you can loose track easily.
So for example if I got money in my wallet and got a keyloger virus, someone may steal my PPC forever. Like my all time savings! Because keylogger will intercept my password in encrypted wallet. Please note to steal money from once wallet can be done from another side of the world. Stealing currency via mone transfer is rather not possible this way (long time trackeble wire transfer).
CONCLUSION: we need some more safety. Bank payment methods seems more secure here. -
Remembering long password is problematic. If I loose it, I loose money. So many people will keep it on their devices which is not safe again. And even long password does not give me 100% protection (keylogger virus still can get my password). So it’s neither convienient nor really safe. Comparing to bank account: if I loose my password I go to bank show my ID and get a new one
CONLUSION: we need easiest way of protection then long passwords. Some protection against key readers maybe. -
If my computer will broke, cellphone device will be lost/stolen or so, I loose my wallet. It is simmilar to loosing cash, but not like loosing credit card. I can go to a bank and block lost credit card number, and get a new one.
CONCLUSION: again it’s not obviously safer way of keepeing value in crypto.
[size=14pt]Conclusions summary[/size]
Ok then. Is it clear now that for regular people, that are not hackers, using cryptos does not give straight message that it’s better then just online bank account, VISA card and so on? It’s actually harder in usage, less safe, and if you broke sth, loose a key or be robbed noone will help you.
There is much work to do and to solve these problems to invite more regular people to use cryptos like PPC. Otherwise PPC will just become a part of money transferring system (like eletric currents are in internet wire hidden somwhere in the deep), but not a entity that will be commonly used like Dollars $.
[size=14pt]Now the ideas part[/size]
-
To have good protection with easier pass I suggest to implement a CAPTCHA in each wallet permanently. That way automatic money spending by using wallet will be at least protected by a captcha image. I would prefer a single pass phrase + captcha protecting my wallet then the 8-word long.
[bad/stupid/not possible?] -
Protection against loosing cellphone/any device with a wallet. Maybe there are some posibilities that the whole network keeps info about each address content/amounts. This way loosing my device could result in folowing steps to get wallet back:
a) get a new device
b) install a PPC wallet
c) press revover, enter your OLD address, enter password.
[bad/stupid/not possible?] -
Maybe some token application possible within PPC network? Like some mobile app synchronised with my wallet. Mobile app would display additional token on my special celphone screen when I want to do a transfer? Maybe passphrase won’t be neede only token this way?
[bad/stupid/not possible?] -
Can we protect pass phrase (from a keyloger virus reading) typing with addtional thing - typing at least part of the phrase with a special random keyboard within the wallet app? So that a user would type it hitting mouse/touchpad/cellphone glass with displayed randomly keys, not the regular/physical keyboard.
[bad/stupid/not possible?] -
Protectic a wallet/address from trying many transaction with wrong passphrase (protection against dictionary attack by time delays increasing time delay for wallet each time passphrase is wrong). This might require network to detect a wallet is trying to be used for several times, and maybe requires to split spending PPC into 2 phases. One - preparing to spend, before pass entered, TWO - after password enetered.
[bad/stupid/not possible?] -
Maybe wallet.dat itself should become a computer program, not a static file, but sth in between. This way it could have a state (maybe token hidden inside, changes every few seconds) and some processing in it to be safer?
[bad/stupid/not possible?]
Thanks for reading. I hope not everythin I’ve written is stupid and maybe I will learn more about PPC
Regards