Comments (3)
The wallet's information is viewable without authentication, but transfer operations would require one time passwords from Google Authenticator. Recover operation does not require that, so that may be an issue, but does not seem urgent. At some later stage we can add an optional lockscreen feature so that only the user with the correct authenticator code would be able to view the wallet.
from one-wallet.
I revisited this issue and gave it some thoughts. Right now, the wallets are viewable without any lockscreen or password, but the user would not be able to do anything without the correct code from the authenticator, except "Recover Funds", which does not require a code. First, it would not be a good idea to require password or code for "Recover Funds" since that would defeat the purpose of that feature - it was meant to be used when the user loses the means of authentication, i.e. the authenticator (thereby unable to provide the code). Secondly, a lockscreen (requiring either code or password) would not be helpful for the user's privacy. If another person can access the browser, they can retrieve all these information from the javascript console anyway. If the person cannot access the browser, they can looked up all information on blockchain as long as they know the addresses of the user's wallets.
from one-wallet.
For the above reasons, I am going to close this issue. Let me know if you disagree
from one-wallet.
Related Issues (20)
- Self-hosted RPC nodes with fast confirmations, health and performance monitoring, and service guarantees HOT 1
- Smart contract test framework HOT 1
- Smart contract tests with 90% operation coverage HOT 1
- Domain transfer from old wallet is failing silently in v16, and reclaim does not work
- Relayer analytics and metric reporting endpoints HOT 3
- MultiSig Withdrawal HOT 18
- Satellite wallets - enabling transfer to exchange accounts and importing existing wallets (such as MetaMask)
- 1Wallet transaction to exchange account . How can they retrieve it? HOT 1
- Relayer stats visualizations and more granular error classification
- Improve accuracy of Number of Wallets and Balance on ONEWallet SideBar HOT 3
- Recovery is repeatedly showing error (Money stuck) HOT 11
- Can't request contract call HOT 2
- Updating Wallet & missing ONE Tokens HOT 11
- ONE tokens did not arrive to 1wallet HOT 4
- Emergency!! About to lose all funds in wallet due to expiration on an older version wallet. HOT 5
- Funds Not Unstake on Recovery from Recovery Address HOT 4
- can't send my tokens HOT 1
- How to recover funds when 1Wallet is expired? HOT 15
- Failed to commit : network error on any transaction I try to make HOT 2
- Network errors - cannot do anything? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from one-wallet.