11 sats \ 9 replies \ @mf 5 Dec 2022 \ on: Lightning login app - good or bad idea? bitcoin
Can I connect your app to my node?
Downloading bluewallet (for example) seems simple enough for a non-expert, so I'm curious to know your thoughts on what led you to build this one.
We just pushed an update where users can import their mnemonic to the app. You are able to have the same mnemonic on Get In as in your current lightning wallet at the same time, so you can log into the same account from several devices.
reply
I appreciate the effort to spread knowledge of lnurl-auth, however, do you think there is a problem importing seeds into "random" apps?
A wise man once said we should not normalize making people type seeds (BIP39) into text boxes. And I wholeheartedly agree.
In https://lnpass.github.io (shameless self-promote, I am sorry) the secret is presented as bech32 encoded string. Would you think this is a good approach for you app as well?
reply
Hmm I never really thought about that as a problem...
What kind of problems could it cause?
reply
the seed is meant to be stored in a safe place. preferably not on a device connected to the internet if on a device at all. Typing it into an app defeats it's purpose, no? I guess the problem it could cause is the seed can be spoofed and the funds sweeped from the source. This applies only to sources that have funds in the first place though, which is not needed for this app to work. So i guess a warning to the users might do the trick?
reply
@tbk:
A wise man once said we should not normalize making people type seeds (BIP39) into text boxes. And I wholeheartedly agree.
he seed is meant to be stored in a safe place. preferably not on a device connected to the internet if on a device at all. Typing it into an app defeats it's purpose, no?
Security through obscurity is not a solution
A private key is a private key, regardless of format, should be managed with caution.
I think that we should educate about that, otherwise the user will keep the seed on steel in the safe and then will share the bech32 private key thinking that a qrcode cannot harm.
The key point is evaluate the risks and decide if the specific private key can be imported in a hot wallet/service. And the value is not only economic: perhaps for example could be "safe" to share a hot wallet private key with few sats but not the one that manages my identity on a social network.
reply
Completely agree with what you are saying.
However, in this case, I think this is a UX issue, not a "security by obscurity" issue. One could argue that a mnemonic seed is also a different representation of a seed, just like the bech32 representation, would you agree?
reply
I absolutely agree.
For this exact reason (different representation of a seed) I think we cannot demonize the menmonic preferring other formats.
So I cannot understand why "the secret is presented as bech32 encoded string" should be a preferred solution against a mnemonic seed (aside from the fact that you share a single private key insterad a bip39 master key, but here we are talking about formats and UX, not keys tipology).
Perhaps I misunderstood something?
reply
These were exactly my thoughts before.
After some thinking I changed my views. Please, take no offense, it is totally okay to have a different opinion on this.
I just don't want to drift into a world where people not as educated as you put in their seed words just because a random app prompts them to.
Sure, all that's needed is a "little" education and healthy skepticism, but that's arguably very hard. Imho, it's better to try "avoiding" it in the first place.
Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.