Increase of SAFEX wallet security

#1

Hello community,

Are there any ideas about increasing the wallet security? I would think that one may often work parallel with the wallet and a web browser opened in the future. This leads me to the worst case scenario:

You open the safex wallet/marketplace app
You visit an individual market/listing
It leads you to a scammy website
You get somehow robbed off your holdings because an attacker had access to your opened wallet
(the keys are encrypted within the wallet.dat file but you can always manage transactions when it is already opened)

My idea was an implementation of CAPTCHA/password to be required for submitting transactions within the wallet. Additionally, mandatory confirmation with CAPTCHA/password for exporting the unencrypted keys. Those requirements should make it hard/impossible for an attacker to access your funds while your wallet is opened. Is this a good idea, are there better ideas or is my scenario not plausible? Looking forward to hearing your ideas.

Regards,
Oliver

5 Likes

#2

Wouldn’t digit the password to authorize sendings be enough? it’s already present in the cli as a function
i’m thinking that after the wallet is opened you could set up a numeric pin to expedite the process.

0 Likes

#3

I like the idea of including a Send tx PIN or Passcode. It would also act as a secondary confirmation function, which, from a security standpoint would be a handy addition, not only for protection from a malicious attack, but also to prevent accidental sends. (Like if you walk away briefly from the PC with the wallet open and a child decides to ‘play’ with the buttons on the pretty blue window that is open on the screen.)

3 Likes