joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 01:36:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1706 from crwatkins/privatekeys

Browse source 
Require access to private keys for wallets
This commit is contained in:
Will Binns 2017-08-02 18:51:01 -06:00 committed by GitHub
commit c2ee71ba18
1 changed files with 1 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/managing-wallets.md
View file

@ -30,16 +30,12 @@ in the future
- Avoid address reuse by displaying a new receiving address for each transaction - Avoid address reuse by displaying a new receiving address for each transaction
in the wallet UI in the wallet UI
- Avoid address reuse by using a new change address for each transaction - Avoid address reuse by using a new change address for each transaction
- User has access to private keys
- If private keys or encryption keys are stored online: - If private keys or encryption keys are stored online:
- Refuses weak passwords (short passwords and/or common passwords) used to - Refuses weak passwords (short passwords and/or common passwords) used to
secure access to any funds, or provides an aggressive account lock-out secure access to any funds, or provides an aggressive account lock-out
feature in response to failed login attempts along with a strict account feature in response to failed login attempts along with a strict account
recovery process. recovery process.
- If user has no access over its private keys:
- Provides 2FA authentication feature
- Reminds the user to enable 2FA by email or in the main UI of the wallet
- User session is not persistent, or requires authentication for spending
- Provides account recovery feature
- If user has exclusive access over its private keys: - If user has exclusive access over its private keys:
- Allows backup of the wallet - Allows backup of the wallet
- Restoring wallet from backup is working - Restoring wallet from backup is working
@ -66,10 +62,6 @@ Optional criteria (some could become requirements):
- Provides a bug reporting policy on the website - Provides a bug reporting policy on the website
- Website serving executable code or requiring authentication is included in the - Website serving executable code or requiring authentication is included in the
[HSTS preload list](https://hstspreload.appspot.com/) [HSTS preload list](https://hstspreload.appspot.com/)
- If user has no access over its private keys:
- Full reserve audit(s)
- Insurance(s) against failures on their side
- Reminds the user to enable 2FA in the main UI of the wallet
- If user has exclusive access over its private keys: - If user has exclusive access over its private keys:
- Supports HD wallets (BIP32) - Supports HD wallets (BIP32)
- Provides users with step to print or write their wallet seed on setup - Provides users with step to print or write their wallet seed on setup