Hey Peter -
I think this is a super list. A couple of thoughts:
a) In the section on multi-sig and multi-factor, I think we can split these apart. Multi-factor user authentication is very valuable and not the same as multi-factor signing, which is a second level of complexity. The multi-factor auth can be off-blockchain, e.g. authenticating with SMS message to your phone or Google Authenticator challenge. Given the state of malware today, I personally would propose two requirements:
1) wallets SHOULD use multi-factor authentication before authorizing access to a wallet (e.g. view balances, addresses, transactions, etc)
2) wallets MUST use multi-factor auth before signing a transaction. [note: I recognize that MUST might be too aggressive right now, but I wouldn't use a wallet without it. this can also be impractical for server-side wallets]
b) Multi-factor signing (e.g. P2SH) may be too early to really define. But here are some issues which have come up from my own personal development experience:
- Wallets SHOULD NOT create two keys on a single host or device
- Wallets SHOULD provide a way to import external public keys which can be used as part of a P2SH address
Slightly off topic: For P2SH, address creation requires the public key, not the public hash of an address. For me, this has made it difficult to import keys created through out-of-band sources. Most wallets/key generators/etc only provide the address and not the public key, and this is a hinderance to easy P2SH creation off host. It would be great if there were a way to address this, but I don't know how.
c) Small word-choice nit: I had to go lookup the meaning of "SHALL" (I now know it is the same as MUST). I think most RFCs just use MUST these days.
Thanks,
mike