Topic: Are BTC Devs Doing Enough To Encourage Adoption of BTC? (Read 2105 times)

The only thing stopping you developing and fixing the problem, is your own incompetence.  Learn to code and do what ever you want.

My idea of the best form factor for BTC is really out there and perhaps very impractical.

Keeping the private keys in something similar to a SIM card and then a device taking in the "wallet" simply by plugging it in. The device would never be able to access the keys itself.

You're really not giving the core devs enough credit IMO by claiming their only significant contribution (even if filtered to "mainstream" promotion) is the Bitcoin Core client itself. Where would Bitcoin as a whole be without BIP32, BIP7x, mutlisig, P2SH, etc. despite that fact that some of those are only partially (if at all) implemented in Bitcoin Core (not to mention contributions to the bitcoin.org website as well)?

Core dev work is *almost* orthogonal to making it go "mainstream".  

It's like arguing TCP/IP developers aren't doing enough to make Facebook go viral.

You want Core devs to make sure the core consensus mechanism is humming along. Almost nothing else. 

edit: The blockchain is to give a partial ordering off data published. Nothing else. It's not magic.

Don't sell the blockchain short on it's capabilities and what the technology can evolve into despite what it looks like today. 

Look, I'm technical minded but my expertise is not in bitcoin.  I'm a network engineer.  I recently closed out a VoIP cluster project that connected two countries at five different operating locations scattered across North America and the ENTIRE time my colleagues said it couldn't be done.  I even doubted it based on very specific vendor imposed limitations.  But me and another guy kept plugging away and just the other day we got it working.

But you do go on to say Electrum is looking at 2FA.  Great.  That's great news.  Really looking forward to how that develops.  Thanks for posting that.

Charging for the service hopefully decrease the likelihood that they will go out of business, but ultimately it's a judgement call: is the added protection against malware (although not bulletproof) worth the extra transaction fee and the inconvenience should they go offline? I rather think so (although the fee is a bit high for my taste), but to each their own.

With the Ledger Wallet, we are trying to achieve "Apple like" user experience, in conjonction with high levels of security thanks to hardware securing your private keys.

It starts with a well designed white box, at a reasonable price point (29 EUR + taxes).

To see more:
https://www.youtube.com/watch?v=PFvHq8zEgd8

I'm not a big fan of this approach because a third party service owns one of your keys. With 2 of 3 sigs, if they go offline you have to get your 3rd key out of cold storage. Plus they charge for the service.

grendel25,

To put it in a less technical way, any 2FA-style device has to provide a way to prove to someone else that it is in the operator's control. This is done by the 2FA device providing a code.

For Google Auth, YubiKey, and the like, both the device and the someone else (a centralized online service provider) have a common "shared secret", and this secret can be used to generate short codes that are just a few digits long. The shared secret can't be stored in the blockchain because then anyone could generate the codes.

Hardware wallets (and Bitcoin in general) use public-key cryptography and can use a publicly-viewable blockchain to prove that the codes they generate (called signatures) are valid. Unfortunately, the codes that they generate as proof are 155 digits long (or 88 if encoded in Base58), so it wouldn't be very practical to ask a user to type these codes in. That's (one reason) why they transfer these codes via USB.

The point is that you can't have the advantages of both: you can't have a 2FA device which uses public-key cryptography and would be publicly verifiable via the blockchain which also provides short codes. This means we're stuck with either centralization, or hardware wallets which need a digitial connection (USB today, possibly Bluetooth or audio in the future?).

Incidentally, Electrum 2.x does plan on implementing both styles of 2FA, with Trezor and HW.1 on the hardware wallet side, and with TrustedCoin on the centralized short-code side.

$100 gadgets like the trezor aren't fantastic, but the cost can be reduced with mass production. I predict we will see $20 hardware wallets with Apple-like user interfaces. there is already the bwallet which is $30 and implements Trezor 100%

Is it really their responsibility to do so?

You're a bit too loose with your terminology for a dev oriented board. I don't mean to offend you, it's just that it's hard to understand what you say when you associate seeds with 2FA. Maybe you could explain your use case instead.

Exactly! "2FA" like Yubikey or Google Authenticator or SMS passcode couldn't be decentralized and integrated into the bitcoin infrastructure BECAUSE bitcoin is transparent.

You don't really understand what you are proposing, unless you are talking about something else like multi-sig transaction.

2FA uses a client/server handshake but the client/server doesn't have to be what we typically think of it as.  2FA doesn't have to be into the same implementations that may be standard use today.  2FA is simply 2-Factor-Authentication.  It's a method of authentication that doesn't have to involve the memorization of 'seeds'.

Why couldn't 2FA be decentralized and integrated into the bitcoin infrastructure?  It's already proven that bitcoin is transparent and traceable.  If people want widespread adoption then the niche anonymous market won't be part of the solution so why not embrace the mainstream attraction of it all?

Subway cards would probably work just as well but what is the method of authentication?  It needs to be bound to the user in some way and to me that's part of what makes 2FA attractive.  Although 2FA has to steer away from being cumbersome.. it needs to be as seemless as a cardswipe.  I guess we will all just need rfid implants haha

The guy gets shot down because 2FA isn't a suitable solution. It's meant to protect a client/server relationship. If the client is compromised, the 2FA prevents the attacker from logging to the server. If the server is compromised, 2FA doesn't help. With a wallet that you keep on your machine, you are the server.

Personally, I'm looking forward to having a solution as easy as the subway cards. RFID and no touch scanner. The display is on the payment device. Your card signs anything that comes from a set of known payees and up to given amount. Or alternatively, you create an escrow account and they give you a passive card. It can't sign but they will record your usage and they will automatically pay for you.

Thank you.  Your comments were in line with the discussion I was hoping for.

I also use Electrum so you know what I'm talking about when I say "seed".  It's really not that bad.  However, when put in relative terms it's just ridiculous.  I don't think we can get the mainstream to adopt memorization of various seeds depending on how ever many Electrum wallets they end up having.  It's already out of controls when you think of all the various passcode requirements.

So here's what I can contribute as an idea for making it easier for the lay user:

~*~*~2FA embedded in an Electrum-Like wallet may be a possible solution.~*~*~ 

See there, decent discussion can actually breed friendly collaboration and hope for innovation. 

Now, I'm not going to rush out and implement 2FA in an Electrum-like solution.  I honestly wouldn't even know where to start.  But I know there are people that could make it happen.

And that was simply my aim here.  Maybe someone will see this or maybe someone already has it going and will post a link to an Electrum-like wallet that uses 2FA instead of a 12 word seed (or whatever it is).

Oh, and I'm not averse to helping myself and yes there are wheels inside this dome turning as I Google (no one "web searches" admit dominance!)  So it actually auto populates to a commonly searched thing in Google, "Bitcoin wallet with 2FA"

here's a discussion:  https://bitcointalksearch.org/topic/2fa-for-bitcoin-qt-188501

And the guy there gets shot down.  I wouldn't be surprised to see a 2FA solution in the near future.  Or, at least some advancement that isn't a $100 gadget or geek-centric memorization/hash-a-maniac solution.

fun!

Initially I was using Armory and just lately I've switched over to using electrum. If by definition, what you are saying security and user experience becomes the major road blocks to BTC and any crypto adoption, then you should really try out the software. How simple could it get?

For what its worth I'm trying to spread bitcoin awareness and adoption.  I run honeybadgerofmoney.com and do sell wares which help bitcoin evangelists to a point.  The underlying question is how much longer till we have the (ethereum-like) dream of easy diy decentralized contracts utilizing sidechains and what can us casual folks do to assist in the development of these softwares and digital infrastructures that require bitcoin.  I know that Gmaxwell and others raised capital for the technology but forgot its name as I write this.

I think I gave you the most useful piece of advice: If you think something ought to be done, you should consider picking up a shovel and doing it. Or paying someone to do it. It sounded like you were griping that other people weren't going and doing it for you... which is not a helpful perspective.  Especially with comments as vague as yours, I couldn't even respond "Item X is being worked on over there, and item Y was tried but failed, item Z is believed to be precluded by physical reality, and item Q was what we used to do but took it out because consideration R."...

To whatever extent any developer is doing something because you think it ought to be done or suggested it, they're doing it as a volunteer, unless you start cutting them checks.

People have very odd notions about the financial implications of software development in this space. It's interesting and important work, but it's also very challenging. Anyone with (or who develops) the skills and background to participate extensively can be paid very well by stable non-bitcoin industry jobs. Sure, Bitcoins themselves may or may not increase in value, but you can acquire Bitcoins and contribute nothing to the technology and still benefit from that, and many do. Considering the difficulty and risk specific to Bitcoin, I doubt anyone works on it instead of all the other well paying technical work they could do, except out of a deep passion for the technology and what it enables in the world.

My own view is that adoption has already outpaced the maturity of the ecosystem. While I don't begrudge other people going for more adoption, I prefer to see more organic growth and less forced effort trying to get people using things that may not be ready for them or which they may not be ready for in turn.

Coming in and complaining accomplishes nothing.

You don't need to have "expertise" to "fix this".  You just need to be motivated, and willing to make an effort.

Organize a team that has the necessary "expertise".  Arrange funding for your project.  Accomplish something, or fail trying.

This is how innovators and entrepreneurs bring new and amazing products to market.  If you don't do it, eventually someone else will, but apparently other innovators aren't moving as quickly as you personally would like them to.