Dev Update

  • Status Page released: http://status.astralwallet.io
    • We realized we needed a better way to communicate with customers if we have internal issues. An example of this was the Horizon bug a few weeks back that prevented the ledger from updating past ledger 14702880, requiring an emergency upgrade.

Here's a screenshot:

Since security is so important, we wanted to be transparent and share how we store secret keys and authentication information. I will note, it is extremely difficult to secure anything, and if you are holding a large amount of cryptocurrency, you should do so on a cold-storage wallet. If it is a particularly massive amount, then generate your wallet inside a Faraday Cage should someone try and Van Eck phreak you.

Looking forward to any thoughts or feedback.

Draft: Astral Security Documentation (PDF)

a month later

Dev Update

  • We now auto-enroll accounts to an external inflation pool! (xlmpool.com, no affiliation)
    • This means that accounts with sufficiently large XLM deposits earn XLM every week
7 days later

Dev Update

  • Password resets are enabled for accounts that have 2FA verified!

@zain

Hi, I did try to register from my phone but I can't scan my own screen QR and can't find the 2FA code either so I abandoned.

  • zain replied to this.

    MisterTicot - Unfortunately the site is not mobile responsive. Please try registering on a desktop. We're actually working on mobile responsiveness now :-). Thanks for your feedback.

      14 days later

      Astral have receiving and sending path payments?

      12 days later

      zain I setup my astral wallet and received some XLM in return recently, thanks. Could you kindly explain how and which xlm pool my coins go towards. Or if easier, point me to a reference on explaining this concept in more detail. I can seem to locate a reliable source on this topic.

      @elfbark sorry for the delayed response! We set the inflation destination to http://xlmpool.com/ 's address. XLM never leaves your account. They collect inflation by pooling votes, since 8 million votes are required to receive inflation. They keep 10%, and pass the other 90% directly to you. Other than setting the inflation destination automatically for your address, Astral plays no other part in this. You may read more about inflation here: https://www.stellar.org/developers/guides/concepts/inflation.html

      @Leki can you please elaborate on your question?

      Dev Update

      • 2FA device resets are enabled
      • 2FA backup codes are implemented, in case your worried you may lose your 2FA device. We strongly recommend all users download and print / save the 2FA backup codes for your account

      To access these features, log in to https://astralwallet.io and visit the settings tab.

      Thanks to everyone suggesting improvements. We have so many more improvements in store for you guys! We will continue to prioritize stability, security and customer support though. For the fastest response, email us at support at astralwallet.io.

      5 days later

      Dev Update

      • Signup flow is mobile responsive
        • One of our major complaints was the difficulty of signing up on a phone
      • Deployed public-facing design updates
        • We'll iron out any issues and then start deploying within the wallet
      • Improved usability of setting up the mandatory 2FA protection
      • Added redundancy to our stellar-core and Horizon cluster to improve stability as more people join

      Again, thanks for the feedback and suggestions for Astral. We will continue to push out updates responsibly, to the best of our ability.

        zain Thanks for the update Zain, really appreciate the regular updates.

        11 days later

        Astral Dev Update

        • Payment confirmations require 2FA codes

          From now on, a valid two-factor authentication code is required to submit a payment. We realize that this is inconvenient, but after weighing the tradeoffs, it is necessary. We apologize for those that find it a nuisance.

          This ensures that a client-side script injection can't submit payments on your behalf when you log in. It also defends your funds if you accidentally stay logged in to Astral and step away from your computer. We already automatically log you off after 30 minutes of inactivity, but this adds an extra layer of protection.

        • Better browser support for logging in

          Many of you complained that our login didn't work in certain browsers. We've pinpointed the issue, and now you should be able to log in from all browsers, even in incognito / private mode!

          We absolutely realize the value of private browsing.

        Thanks everyone for continuing to provide valuable feedback. We love you!

        - The Astral Team
        Astral

        Just a clarification on the prior update: there is no way to turn off 2FA authentication on outgoing payments. We realize it is inconvenient, but its well worth it!

        11 days later

        Dev update

        • Strong passwords are now enforced using Dropbox's open source tool using "low budget password strength estimation"
        • Redundancy with our stellar nodes to help us scale up with growth
        14 days later

        Dev update

        Astral now is fully compatible on mobile!

        Mobile-responsive wallet

        3 months later
        3 months later

        Hello zain Hi Zain - I just created an account at astralwallet.io because I read about the security. I sent my XLM to a wallet I created within my astral wallet. I do not see the balance and clearly see the TXID and the funds on the blockchain explorer.

        3 months later

        hello zain i couldnt find my private key in astral to use it in exchange .
        how can i find that ?

        8 months later