0 sats \ 3 replies \ @tbk 5 Dec 2022 \ parent \ on: Lightning login app - good or bad idea? bitcoin
Completely agree with what you are saying.
However, in this case, I think this is a UX issue, not a "security by obscurity" issue. One could argue that a mnemonic seed is also a different representation of a seed, just like the bech32 representation, would you agree?
write
preview
1 sat \ 2 replies \ @dtonon 5 Dec 2022
I absolutely agree. For this exact reason (different representation of a seed) I think we cannot demonize the menmonic preferring other formats.
So I cannot understand why "the secret is presented as bech32 encoded string" should be a preferred solution against a mnemonic seed (aside from the fact that you share a single private key insterad a bip39 master key, but here we are talking about formats and UX, not keys tipology).
Perhaps I misunderstood something?
reply
0 sats \ 1 reply \ @tbk 6 Dec 2022
These were exactly my thoughts before. After some thinking I changed my views. Please, take no offense, it is totally okay to have a different opinion on this.
I just don't want to drift into a world where people not as educated as you put in their seed words just because a random app prompts them to. Sure, all that's needed is a "little" education and healthy skepticism, but that's arguably very hard. Imho, it's better to try "avoiding" it in the first place.
Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.
reply
0 sats \ 0 replies \ @dtonon 6 Dec 2022
Thank for your kindness :)
Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.
You developed a tool and without any doubt have more experience in the field and thought a lot about the best approach, so I'm really interested in you opinion.
I played with https://lnpass.github.io, from the export function I grasped what you mean! You would like to create a "closed" login app where the bip32 master key is not so obvious, so it cannot be used as a standard wallet. Fair, but I would prefer a more transparent approach where the user can easily export and migrate to to another LN wallet, for example.
reply