mirror of
https://github.com/seigler/dash-docs
synced 2025-07-26 17:26:12 +00:00
Make no address reuse with change addresses a requirement for wallets
This commit is contained in:
Saivann
parent
8e38860808
commit
949c8a2ad6
2 changed files with 1 additions and 18 deletions
|
|
@ -700,6 +700,7 @@ Basic requirements:
|
|||
- SSL certificate passes [Qualys SSL Labs SSL test](https://www.ssllabs.com/ssltest/)
|
||||
- Website serving executable code or requiring authentication uses HSTS with a max-age of at least 180 days
|
||||
- The identity of CEOs and/or developers is public
|
||||
- Avoid address reuse by using a new change address for each transaction
|
||||
- If private keys or encryption keys are stored online:
|
||||
- Refuses weak passwords (short passwords and/or common passwords) used to secure access to any funds, or provides an aggressive account lock-out feature in response to failed login attempts along with a strict account recovery process.
|
||||
- If user has no access over its private keys:
|
||||
|
|
@ -725,7 +726,6 @@ Basic requirements:
|
|||
Optional criterias (some could become requirements):
|
||||
|
||||
- Received independent security audit(s)
|
||||
- Avoid address reuse by using a new change address for each transaction
|
||||
- Avoid address reuse by displaying a new receiving address for each transaction in the wallet UI
|
||||
- Does not show "received from" Bitcoin addresses in the UI
|
||||
- Uses deterministic ECDSA nonces (RFC 6979)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue