From 02bdfe1c4a6da148016a3a8299d6da5b8345557b Mon Sep 17 00:00:00 2001 From: Olemis Lang Date: Sun, 8 Dec 2019 11:31:47 -0500 Subject: [PATCH] [guides] refs #130 - Document generic wallet ops. Full wallet contract. --- content/dev-docs/guides/v2.wallet.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/content/dev-docs/guides/v2.wallet.md b/content/dev-docs/guides/v2.wallet.md index 23baf3c..853a513 100644 --- a/content/dev-docs/guides/v2.wallet.md +++ b/content/dev-docs/guides/v2.wallet.md @@ -17,5 +17,23 @@ Wallet also need to interact with the peer-to-peer network to get information fr This leaves us with four necessary, but separable, parts of a wallet system: a public key distribution subsystem, a set of signing strategies, a blockchain aware visor, and a networked component. In the subsections below, we will describe specific contracts and possible relations between them. +In most cases, wallet contracts are obliged to implement generic operations like setting and reading a human readable label. All wallets shall have an identifier. The wallet instance should facilitate a way to calculate balances of the addresses it owns or manages. + +To help protect against theft, the system offers users the option of encrypting the wallet files which contain the private keys. In order to provide support for multiple encryption strategies, this feature is betond wallet contract. + Note: We speak about distributing public keys generically. In many cases, hashes will be distributed instead of public keys, with the actual public keys only being distributed when the outputs they control are spent. +#### Peer-to-peer exchange + +Every altcoin plugin must provide a way to broadcast transactions for further confirmation by peers across the network. Abstract types are used to identify peers either by name or by network routing address identifier. This is a top-level plugin entry point that could usually be implemented by a singleton instance. Since this is a global service not bound to any particular address, generic wallet operartions are not part of this contract. + +#### Full-Service Wallets + +This kind of wallets perform three of the four main functions: it generates private keys, derives the corresponding public keys, helps distribute those public keys as necessary, monitors for outputs spent to those public keys, creates and signs transactions spending those outputs. It does not broadcast the signed transactions though. + +The main advantage of full-service wallets is that they are easy to implement. A single instance does everything the user needs to receive and spend coins. + +The main disadvantage of full-service wallets is that they store the private keys on a device connected to the Internet. The compromise of such devices is a common occurrence, and an Internet connection makes it easy to transmit private keys from a compromised device to an attacker. Encryption is not enough since that approach protects the private keys when they aren’t being used, but it cannot protect against an attack designed to capture the encryption key or to read the decrypted keys from memory. + + +