Question to all the app developers: You write a webapp tha…
Question to all the app developers:
You write a webapp that needs a private key.
How do you persist the private key?
Replies
Option 1: localStorage
Store the private key in browser's local Storage
Problem: If the browser session is closed the key is lost
Option 2: Password
Ask the user to register and to create a password
Use the password to encrypt the private key
Problem: Bad user experience, especially on mobile devices
Option 3: Seed
Create a mnemonic seed and ask the user to write it down
Problem: Really really bad user experience
Option 4: Custodial storage
Store the key on the webapp server
Problem: Now the company acts as a custodian for the key. This has legal implications and the user no longer owns his key(s)
We need a solution for this
Any ideas?
I have one, but it requires wallets to implement a simple feature
@2459 @1 @100 @300 @132
You could do what I'm doing. Let the user set a password and store it encrypted on their device. Then, reencrypt it and store it on the server. When you need the password, get from device or prompt them and double encrypt it to match the one on the server.
You’ve definitely hit on an important issue - setting up a wallet is a bad experience. If Twetch gets big, 95% of the users won’t care or know about bitcoin