I absolutely love Darkcoin and all the people that make up this community, but reading through all that's just happened to xxxgoodgirls and what stonehedge went through with the hack he suffered recently one would have to come to the conclusion that managing your locally stored Darkcoin is far from certain and assured. It's alarming to me that substantial amounts of value can be lost so easily and with such accompanying confusion that entraps even very experienced people.
Until the retention and securing of coins in wallets can be lifted up and out of this level of technical confusion and need for extreme (almost forensic) troubleshooting, Darkcoin is NOT going to be used by regular people. To read through pages and pages of someone battling to understand where their thousands of $ have gone and finally admitting defeat is terrible (so sorry for your loss xxx; l sure hope something gets resolved and you can retrieve your DRK somehow).
This really is an aspect of crypto that will prevent many people from getting involved (read: virtually everyone who is outside of these levels of technical ability which is 99.9%), We really need to spend a whole lot more time and effort on firming up wallet apps and infrastructure if Darkcoin is to be taken seriously as the potential to inexplicably lose all your DRK is very real.
I think you're being a bit pessimistic, but what I would like to see is automatic periodic backup to a second location of the wallet.dat, and a big popup on initial startup of a new wallet (or creation of a new address) encouraging the user to click a button to print out their privkey(s) - with "KEEP THESE PRIVATE AND SAFE!" at the top of the page and instructions on how to import them.
Yes, the concept is not so complex : you have to take care of Only ONE file protect by a complex password. (Mine have more than 25 char lenght).
After you have the dumpprivkey for anoher security feature.
For the hack and stole it's really another thing.
As i say : waiting for the 2FA, maybe enable a virtual keyboard (with randomnly placed key) that will not permit keyloger see you passphrass.
More complex, replace passphrase with biometirc like fingerprints.
Edit: well not sure good idea, if you loose your finger, then you loose you drk too... Lol bad luck
Yes I understand it's not so complex. I'm religiously backing up my wallet.dat, saving it in multiple locations and have it protected by a complex password. I guess my main concerns are that if someone not particularly technical is reading this thread and sees so much complexity when a competent user like xxxgoodgirls goes to move 1005 DRK, performs a basic test first by sending 1 DRK (which is successful) then follows through with the 1004 balance and it all turns to crap, it's hardly assuring. Six pages of intense interaction later and it's resolved (thank goodness; good work everyone) but people who aren't inclined to get that down and dirty into the guts of everything are just going to perceive it's techo-territory, very risky something will go terribly wrong and not a real product yet.
I agree the 2FA will make a huge difference and substantially mitigate the risk of having your coins stolen. And I think the virtual randomly-place-key keyboard would be a great feature too.
Is there a guide somewhere that explains what "dumpprivkey" actually does? It's mentioned here in this thread again and again but I've never seen any real explanation of what this achieves, why it's important and how it helps protect you. I'd really like to see more plain-English explanations of these various functions and how to maintain best practise with wallets re hot and cold storage, paper, etc.
