From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YVpxC-0007vh-0B for bitcoin-development@lists.sourceforge.net; Wed, 11 Mar 2015 23:22:18 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.223.170 as permitted sender) client-ip=209.85.223.170; envelope-from=mh.in.england@gmail.com; helo=mail-ie0-f170.google.com; Received: from mail-ie0-f170.google.com ([209.85.223.170]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YVpxA-0001L3-D6 for bitcoin-development@lists.sourceforge.net; Wed, 11 Mar 2015 23:22:17 +0000 Received: by ieclw3 with SMTP id lw3so1511121iec.2 for ; Wed, 11 Mar 2015 16:22:11 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.50.138.68 with SMTP id qo4mr94585912igb.33.1426116131044; Wed, 11 Mar 2015 16:22:11 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.36.54.147 with HTTP; Wed, 11 Mar 2015 16:22:10 -0700 (PDT) In-Reply-To: References: <54F32EED.6040103@electrum.org> <550057FD.6030402@electrum.org> <1426100677.1908596.239033309.7C4F8D47@webmail.messagingengine.com> Date: Wed, 11 Mar 2015 16:22:10 -0700 X-Google-Sender-Auth: 5U6VEl6Rp9n6CzpamQijhDkpN_0 Message-ID: From: Mike Hearn To: Aaron Voisine Content-Type: multipart/alternative; boundary=001a1134bd806646ff05110b89a7 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YVpxA-0001L3-D6 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Electrum 2.0 has been tagged X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Mar 2015 23:22:18 -0000 --001a1134bd806646ff05110b89a7 Content-Type: text/plain; charset=UTF-8 Users will want to have wallets shared between devices, it's as simple as that, especially for mobile/desktop wallets. Trying to stop them from doing that by making things gratuitously incompatible isn't the right approach: they'll just find workarounds or wallet apps will learn how to import seeds from other apps. Better to just explain the risks and help people mitigate them. On Wed, Mar 11, 2015 at 3:57 PM, Aaron Voisine wrote: > I'm not convinced that wallet seed interoperability is such a great thing. > There is a wide variability in the quality and security level of wallet > implementations and platforms. Each new device and wallet software a user > types their seed into increases their attack surface and exposure to flaws. > Their security level is reduced to the lowest common denominator. I see the > need for a "fire exit", certainly, but we must also remember that fire > exits are potential entrances for intruders. > > Aaron Voisine > co-founder and CEO > breadwallet.com > > On Wed, Mar 11, 2015 at 12:46 PM, Gregory Maxwell > wrote: > >> On Wed, Mar 11, 2015 at 7:24 PM, Ricardo Filipe >> wrote: >> > i guess you look at the glass half full :) >> > even though what you say is true, we should aim for wallets not to >> > require those instructions, by standardizing these things in BIPs. >> > let's hope bitcoin doesn't fail in standards as our industries have in >> > the past... >> >> There are genuine principled disagreements on how some things should >> be done. There are genuine differences in functionality. >> >> We cannot expect and should not expect complete compatibility. If you >> must have complete compatibility: use the same software (or maybe not >> even then, considering how poor the forward compatibility of some >> things has been..). >> >> What we can hope to do, and I think the best we can hope to do, is to >> minimize the amount of gratuitous incompatibility and reduce the >> amount of outright flawed constructions (so if there are choices which >> must be made, they're at least choices among relatively good options). >> >> >> ------------------------------------------------------------------------------ >> Dive into the World of Parallel Programming The Go Parallel Website, >> sponsored >> by Intel and developed in partnership with Slashdot Media, is your hub >> for all >> things parallel software development, from weekly thought leadership >> blogs to >> news, videos, case studies, tutorials and more. Take a look and join the >> conversation now. http://goparallel.sourceforge.net/ >> _______________________________________________ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming The Go Parallel Website, > sponsored > by Intel and developed in partnership with Slashdot Media, is your hub for > all > things parallel software development, from weekly thought leadership blogs > to > news, videos, case studies, tutorials and more. Take a look and join the > conversation now. http://goparallel.sourceforge.net/ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --001a1134bd806646ff05110b89a7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Users will want to have wallets shared between devices, it= 's as simple as that, especially for mobile/desktop wallets. Trying to = stop them from doing that by making things gratuitously incompatible isn= 9;t the right approach: =C2=A0they'll just find workarounds or wallet a= pps will learn how to import seeds from other apps. Better to just explain = the risks and help people mitigate them.
On Wed, Mar 11, 2015 at 3:57 PM, Aaron Voisine= <voisine@gmail.com> wrote:
I'm not convinced that wallet seed interoperability = is such a great thing. There is a wide variability in the quality and secur= ity level of wallet implementations and platforms. Each new device and wall= et software a user types their seed into increases their attack surface and= exposure to flaws. Their security level is reduced to the lowest common de= nominator. I see the need for a "fire exit", certainly, but we mu= st also remember that fire exits are potential entrances for intruders.
<= div>
Aaron Voisine
co-founder and CEO
breadwallet.com

On Wed, Mar 11, 2015 at 12:46 PM, Gregory Ma= xwell <gmaxwell@gmail.com> wrote:
On Wed, Mar 11, 2015 at 7:24 PM, Ricardo Filipe
<ricardoj= dfilipe@gmail.com> wrote:
> i guess you look at the glass half full :)
> even though what you say is true, we should aim for wallets not to
> require those instructions, by standardizing these things in BIPs.
> let's hope bitcoin doesn't fail in standards as our industries= have in
> the past...

There are genuine principled disagreements on how some things should=
be done. There are genuine differences in functionality.

We cannot expect and should not expect complete compatibility. If you
must have complete compatibility: use the same software (or maybe not
even then, considering how poor the forward compatibility of some
things has been..).

What we can hope to do, and I think the best we can hope to do, is to
minimize the amount of gratuitous incompatibility and reduce the
amount of outright flawed constructions (so if there are choices which
must be made, they're at least choices among relatively good options).<= br>

---------------------------------------------------------------------------= ---
Dive into the World of Parallel Programming The Go Parallel Website, sponso= red
by Intel and developed in partnership with Slashdot Media, is your hub for = all
things parallel software development, from weekly thought leadership blogs = to
news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


-----------------------------------------------------------------------= -------
Dive into the World of Parallel Programming The Go Parallel Website, sponso= red
by Intel and developed in partnership with Slashdot Media, is your hub for = all
things parallel software development, from weekly thought leadership blogs = to
news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_________________________= ______________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


--001a1134bd806646ff05110b89a7--