1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
|
Return-Path: <me@thomaskerin.io>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 0139092B
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 10:31:36 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from thomaskerin.io (static.204.212.9.5.clients.your-server.de
[5.9.212.204])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id DF87A112
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 10:31:34 +0000 (UTC)
Received: from [10.137.3.17] (pool-108-28-164-248.washdc.fios.verizon.net
[108.28.164.248])
by thomaskerin.io (Postfix) with ESMTPSA id 8BC6F11981090
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 10:31:31 +0000 (UTC)
To: bitcoin-dev@lists.linuxfoundation.org
References: <57B31EBC.1030806@jonasschnelli.ch>
<e740b4e0-0597-4f80-2434-70e667b7923c@gmail.com>
<9c8dd0e5-e333-90c8-965f-10fb29d875a5@thomaskerin.io>
<57B4113E.4010502@jonasschnelli.ch>
<D41B40FA-0C75-496D-937A-0DF733FB87E2@bitlox.com>
<57B44BCB.3010400@jonasschnelli.ch>
<CAJna-HhQred_E7PYRFmgzb_0gd2b+4qsFOWEGqBjfzX1PbhyxQ@mail.gmail.com>
<57B55B8C.1070001@jonasschnelli.ch>
<CAJna-Hi3a5mLBkXfS4Qa=kjFCj4=GVBr4WUDZ=Tg27iX=FiCJA@mail.gmail.com>
<57B58149.8000200@jonasschnelli.ch>
<CAJna-Hj8HQy9Dhx3Gx8CpmpgoiQZ2waaj9o5b6hHwda4Dm_fGw@mail.gmail.com>
<57B584BF.7000004@jonasschnelli.ch>
<CALGb225DLv22ktt_7HJTcuPphJ=TMEU_b3LApBJy17KgAZwSzQ@mail.gmail.com>
From: Thomas Kerin <me@thomaskerin.io>
Message-ID: <86fb234e-54b1-d7ec-cd8f-97f8840658e6@thomaskerin.io>
Date: Wed, 24 Aug 2016 12:31:20 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
Icedove/45.2.0
MIME-Version: 1.0
In-Reply-To: <CALGb225DLv22ktt_7HJTcuPphJ=TMEU_b3LApBJy17KgAZwSzQ@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="ckc5xFo7o7AFwS3JoEMdKtm1lIxqgSQlh"
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,HTML_MESSAGE
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Wed, 24 Aug 2016 15:40:51 +0000
Subject: Re: [bitcoin-dev] Hardware Wallet Standard
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2016 10:31:36 -0000
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ckc5xFo7o7AFwS3JoEMdKtm1lIxqgSQlh
Content-Type: multipart/mixed; boundary="nikL78kOlXPJr0mn8Dqrlh7m0LV4umUH2"
From: Thomas Kerin <me@thomaskerin.io>
To: bitcoin-dev@lists.linuxfoundation.org
Message-ID: <86fb234e-54b1-d7ec-cd8f-97f8840658e6@thomaskerin.io>
Subject: Re: [bitcoin-dev] Hardware Wallet Standard
References: <57B31EBC.1030806@jonasschnelli.ch>
<e740b4e0-0597-4f80-2434-70e667b7923c@gmail.com>
<9c8dd0e5-e333-90c8-965f-10fb29d875a5@thomaskerin.io>
<57B4113E.4010502@jonasschnelli.ch>
<D41B40FA-0C75-496D-937A-0DF733FB87E2@bitlox.com>
<57B44BCB.3010400@jonasschnelli.ch>
<CAJna-HhQred_E7PYRFmgzb_0gd2b+4qsFOWEGqBjfzX1PbhyxQ@mail.gmail.com>
<57B55B8C.1070001@jonasschnelli.ch>
<CAJna-Hi3a5mLBkXfS4Qa=kjFCj4=GVBr4WUDZ=Tg27iX=FiCJA@mail.gmail.com>
<57B58149.8000200@jonasschnelli.ch>
<CAJna-Hj8HQy9Dhx3Gx8CpmpgoiQZ2waaj9o5b6hHwda4Dm_fGw@mail.gmail.com>
<57B584BF.7000004@jonasschnelli.ch>
<CALGb225DLv22ktt_7HJTcuPphJ=TMEU_b3LApBJy17KgAZwSzQ@mail.gmail.com>
In-Reply-To: <CALGb225DLv22ktt_7HJTcuPphJ=TMEU_b3LApBJy17KgAZwSzQ@mail.gmail.com>
--nikL78kOlXPJr0mn8Dqrlh7m0LV4umUH2
Content-Type: multipart/alternative;
boundary="------------18535687597DE6451029934F"
This is a multi-part message in MIME format.
--------------18535687597DE6451029934F
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
I want to pitch a use-case that might have been ignored in this discussio=
n:
I don't think this protocol is only useful for hardware wallets.
Technically any website that wants to request public keys/signatures and
offload the responsibility for managing keys and signing to the user
would also find this valuable.
I hope we can move forward with a protocol that suits both the hardware
people, and the people who find signing transactions in browsers
unsettling.
Maybe we the focus should move away from only servicing hardware, and
asking if the motivation is better captured by "allow users pick their
own ECDSA implementation, hardware or software", then working out what
we need to get us there.
On 08/18/2016 12:23 PM, Nicolas Bacca via bitcoin-dev wrote:
> On Thu, Aug 18, 2016 at 11:49 AM, Jonas Schnelli via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org
> <mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote:
>
> Hi
>
> > I have some experience with hardware wallet development and its
> > integration and I know it's a mess. But it is too early to
> define such
> > rigid standards yet. Also, TREZOR concept (device as a server
> and the
> > primary source of workflow management) goes directly against your=
> > proposal of wallet software as an workflow manager. So it is
> clear NACK
> > for me.
>
> The current question =96 as already mentioned =96 is we ACK to work=
> together
> on a signing protocol or if we NACK this before we even have starte=
d.
>
>
> ACK for Ledger. What's necessary to sign a transaction is well known,
> I don't see how driving any hardware wallet from the wallet itself or
> from a third party daemon implementing that URL scheme would make any
> difference, other than providing better devices interoperability, as
> well as easier maintenance and update paths for the wallets.
>
> --=20
> Nicolas Bacca | CTO, Ledger
>
>
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--------------18535687597DE6451029934F
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta content=3D"text/html; charset=3Dwindows-1252"
http-equiv=3D"Content-Type">
</head>
<body bgcolor=3D"#FFFFFF" text=3D"#000000">
I want to pitch a use-case that might have been ignored in this
discussion:<br>
<br>
I don't think this protocol is only useful for hardware wallets.
Technically any website that wants to request public keys/signatures
and offload the responsibility for managing keys and signing to the
user would also find this valuable. <br>
<br>
I hope we can move forward with a protocol that suits both the
hardware people, and the people who find signing transactions in
browsers unsettling. <br>
<br>
Maybe we the focus should move away from only servicing hardware,
and asking if the motivation is better captured by "allow users pick
their own ECDSA implementation, hardware or software", then working
out what we need to get us there. <br>
<br>
<br>
<div class=3D"moz-cite-prefix">On 08/18/2016 12:23 PM, Nicolas Bacca
via bitcoin-dev wrote:<br>
</div>
<blockquote
cite=3D"mid:CALGb225DLv22ktt_7HJTcuPphJ=3DTMEU_b3LApBJy17KgAZwSzQ@mail.gm=
ail.com"
type=3D"cite">
<meta http-equiv=3D"Context-Type" content=3D"text/html; charset=3DU=
TF-8">
<div dir=3D"ltr">
<div class=3D"gmail_extra">
<div class=3D"gmail_quote">On Thu, Aug 18, 2016 at 11:49 AM,
Jonas Schnelli via bitcoin-dev <span dir=3D"ltr"><<a
moz-do-not-send=3D"true"
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org"
target=3D"_blank">bitcoin-dev@lists.linuxfoundation.org</=
a>></span>
wrote:<br>
<blockquote class=3D"gmail_quote">Hi<br>
<span class=3D""><br>
> I have some experience with hardware wallet
development and its<br>
> integration and I know it's a mess. But it is too
early to define such<br>
> rigid standards yet. Also, TREZOR concept (device
as a server and the<br>
> primary source of workflow management) goes
directly against your<br>
> proposal of wallet software as an workflow manager.
So it is clear NACK<br>
> for me.<br>
<br>
</span>The current question =96 as already mentioned =96 is=
we
ACK to work together<br>
on a signing protocol or if we NACK this before we even
have started.<br>
</blockquote>
<div><br>
</div>
<div>ACK for Ledger. What's necessary to sign a transaction
is well known, I don't see how driving any hardware wallet
from the wallet itself or from a third party daemon
implementing that URL scheme would make any difference,
other than providing better devices interoperability, as
well as easier maintenance and update paths for the
wallets.</div>
</div>
<div><br>
</div>
-- <br>
<div class=3D"gmail_signature" data-smartmail=3D"gmail_signatur=
e">
<div dir=3D"ltr">
<div>
<div dir=3D"ltr">Nicolas Bacca | CTO, Ledger
<div><br>
</div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class=3D"mimeAttachmentHeader"></fieldset>
<br>
<pre wrap=3D"">_______________________________________________
bitcoin-dev mailing list
<a class=3D"moz-txt-link-abbreviated" href=3D"mailto:bitcoin-dev@lists.li=
nuxfoundation.org">bitcoin-dev@lists.linuxfoundation.org</a>
<a class=3D"moz-txt-link-freetext" href=3D"https://lists.linuxfoundation.=
org/mailman/listinfo/bitcoin-dev">https://lists.linuxfoundation.org/mailm=
an/listinfo/bitcoin-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>
--------------18535687597DE6451029934F--
--nikL78kOlXPJr0mn8Dqrlh7m0LV4umUH2--
--ckc5xFo7o7AFwS3JoEMdKtm1lIxqgSQlh
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXvXd4AAoJED6nkklm0EibBm4P/jbOG4SMilkgFqcBBNH5/ppl
y3p8McJTm0visqkOAXLpmGeLvM5xkw8gdo+MsKUG98+m/bS0NWwSYteeoMC8yWNb
mL4QCaX2j0uxCv4Y1VBqNjPc4pzl1vNOYaHpkiYE88QvVxo8VY+m0fKqxmSZjHRn
Gc2IlHOF6ZNoxIMgBTfxw/XjeLSxisTlr1IUZZP9M3tIldRgJcbH/nskqtYaPlVb
jbTtKqRUC6Y49rxMrVSXACPgdHofbQBmnyttugDO4QdUw4hDtRVyF/OELyo+oi+X
wlIOcjXt7LY6TBHpaeggA2W9nu1okntdIXw3sZlvcZ6KRo7r5C+0FEzH3gz3n/3p
cCi0RRdf7ClBFK3yUNBrGMEJgTAb0nV837hYMDmB5iM1It/EqRJ5XeeZj94+kg9/
wem5S31nBgjIm4Ql6yLKXMvfv/2rR0lYC9KMVjJhcN11MgpqF59RLXhS1fngC26V
Qnf3RSQoihxpubtlhmPjIK/vCbcJ4Y10w54U7ryU0FvoXB+uKLnlwFrKtfuXR8Mt
TY4bmdwIVENPwxyqPtiF8ChtS/7m4N7gyXwIqcaZgZI+AJxjHHT9W4CI1w0bAqKT
6oq4NwPzLhKphdEA8/IR3evr2itrjkEOzq1TId1z+4c3X3ACPNbH1mwf+fbpg2Jq
doYkZsN2Cwe/CHn0YuwW
=jyRT
-----END PGP SIGNATURE-----
--ckc5xFo7o7AFwS3JoEMdKtm1lIxqgSQlh--
|
