pull down to refresh
15 sats \ 5 replies \ @gandlaf21 OP 11 Jan 2023 \ parent \ on: Cashu Browser Wallet bitcoin
oh! feel free to audit ;) code is open-source.
It's good to be cautious though, so I understand if you don't wanna expose yourself. You can spin up a VM and open the site in there, then you don't have to trust me.
You should be doing that anyway, since most of the Internet runs on JS.
Well I didn't mean you put a keylogger in your code, I just meant someone could visit a website that has a keylogger and then keylog a cashu token in order to take money.
The larger point being "Yo can we stop trying to put our money in web browsers?" lol
reply
I got you now!
True.. that is a big issue. Also why we should move on from passwords.
I would hope these kind of apps only hold amounts that are not worth stealing. Pennies or maybe a couple bucks
reply
Yes! Holy shit the password is so fucking dead. Try to make a password you can remember? Get rainbow tabled. Work hard to learn a difficult password? 1 website gets hacked and now all your accounts are compromised. Password manager? Password manager stores passwords on their server and that server gets hacked. 2fa? Sim swapping.
Just use asymmetric cryptography already!
reply
Hell yeah!
The only fear I have wit PubK PrivK is that the Elliptic curve doesn't offer password reset.. heheheh
reply
Bitcoin also doesn't offer password reset, but because of Bitcoin we've developed some really good methods for balancing security and availability like geo-disbursed multi-sig
reply