Im kinda surprised as well. Anthony is well connected and has the resources to know better. Bummer.
I’m sympathetic to the idea that there’s not a compelling reason to encrypt the seed.
After all, if an attacker has access to the device in question, couldn’t they just install a keylogger, so that any password protected seed could still have its password stolen the next time jaxx is opened?
Yes, but it’s only acceptable to the developers of the wallet. Who likely dont use the wallet.
There are always good reasons not to do things, namely that doing things takes time and effort.
Agree if Im raking the leaves on my property, and dont care if a few are left. But building a bitcoin wallet for millions of people to use, expecially noobs jumping on the ETH bandwagon. I can see your point and the CTO on the custody issue but the question of losing it… leaving it at the bar after a night out is real and needs consideration. As you are prolly aware Anthony was involved with Vitalik since the start and Im sure feels this is a problem. The noted reddit thread includes claims by Charlie Shrem its being “fixed”… https://twitter.com/CharlieShrem/status/873642245014114304 …But I see he is backing down from that .
Anyway. If it can be done, it should be done. Would you agree with that sentiment @sfultong ??
eh, sure, why not?
I am confused that there seems to be a JAXX pin for securing your wallet, but it doesn’t seem to be used for encrypting the seed.
Now, do you think the seed should be encrypted by default? Because that is a usability issue. There’s always a tradeoff between keeping non-technical users safe, and turning them away because the software isn’t easy enough.