Yep, you're right to some extent, its been a real problem with the SBC in the past. Just look at reality. How many projects have come and gone vs how many projects have stayed around for years?
Stellarport - Stellar Wallet, DEX & Anchor
Great exchange that I use regularly and recommend to anyone who trades "exotic" pairs on Stellar. (actually started work on a feature to enable interoperability with your keystore files on Litemint)
One suggestion I would report is to use a more standard 3-column order book as it feels more natural to many traders and it can get confusing especially since the quote and base are freely interchangeable.
- Edited
actually started work on a feature to enable inter-operability with your keystore files on Litemint
There's only one golden rule in asymmetric cryptography: Never share your private key.
This is not hard to remember.
Please be kind to yourself and to your users by not bringing them to break that rule.
Edit: for secure interoperability, please use delegated signing (SEP-0007 and/or CosmicLink)
MisterTicot Litemint is non-custodial. Users don't share their private key when only they can access it.
- Edited
Using the same keystore across multiple services is sharing private key. Spreading this habit will end up in drama with a probability of 100%.
If someone use the same private key with N applications, it takes only 1-of-N to have a flaw for the fund to disappear. This goes against the security model of asymmetric cryptography.
Keystore are useful only in case of emergency: if the service you create them with goes off, you don't loose control of your funds. However, once you load it into a new application you're supposed to move all the funds to a new address or to change signers.
Don't make it into a cheap login solution please.
- Edited
MisterTicot I won’t take offense from your condescending tone; everyone has a bad day. My “users” and myself are doing well today. Your point is like saying, don’t connect your Ledger or Trezor to a non-custodial wallet. Users securely store their keys (hardware, keystore file, you name it) to use them. Litemint is non-custodial "your keys, your crypto" and will never take a shortcut (unlike many other wallets out there) in this regard, this is also why I made the wallet open source. But let’s not hijack the post further, feel free to contact me if anything is still unclear about security, I will gladly explain.
An hardware wallet never give away the private key - the transaction is signed on the device.
A keystore, on the other hand, is an encrypted secret key. The application decrypt with the user-provided passphrase to obtains the secret key. From there, is uses the secret key to sign the transaction.
So the difference between the two is that the hardware wallet doesn't give away the secret key, but the keystore does. This is why a keystore should not be shared between several applications - be it a non-custodial wallet.
MisterTicot Indeed thanks, point taken. The hardware/keystore comparison does not hold. Going to have to quote your text on that issue and close it.
@Litemint Thanks, I've checked out Litemint, looks like a great product. I'd be happy to integrate/partner with you in some way.
w.r.t. the keystore file, I think @MisterTicot is probably right. It isn't a great idea to share it across apps. However, I think it is a good idea to standardize the format. Our keystore file library is open source here: https://github.com/stellarport/stellar-keystore
istrau2 I agree and had further chat with MisterTicot, I was not thoughtful on that - trashed the issue on Github. And sure, would love to discuss with you to see how we could partner.
How is it better to create a new account and send the funds to it, than to import an existing account from a keystore? If the new wallet is compromised your funds are gone either way.
- Edited
- Because if people start to take the habit to use their keystore to login everywhere scammers will take advantage of it easily.
- Because in that case you may loose only 50% of your funds or less.
- Because if you're not sure about the app you can put only a few lumens.
Anyway you're asking about the difference between one bad and one limited design. Both are solved by delegated signing. I'm still waiting for you to step in. 