The browser only interacts with the server to gain information that is publicly available. For example, the brollet server sees nothing more than what can be seen on blockchain.info. Sensitive information -- e.g private keys -- remains in the browser.
Within the browser javascript handles private key storage, transaction construction & signing.
For example, sending bitcoins from brollet to a bitcoin-qt address would take the following steps:
- Brollet-javascript requests available bitcoins from the brollet-server.
- Brollet-javascript constructs transaction of appropriate size and signs transaction using private keys(stored in javascript)
- Brollet-javascript sends transaction to brollet-server for broadcasting.
- Brollet-server broadcasts transaction onto bitcoin network.
Thanks for your interest and let me know if you need more info.
