A few observations I had while implementing this:
By default they want you to essentially pay to IP addresses. This was stupid when Satoshi tried it 10 years ago, and it's stupid now. At the very least you should strongly encourage (ie. nearly force) people to give out public keys along with their IPs, since otherwise MITM attacks are trivial. Even then it sucks to require the recipient to run an open-to-the-Internet server at all. And for goodness' sake, don't use the broken/centralized HTTPS system; the Bitcoin Core devs have been going to a lot of trouble trying to remove that garbage from Core.
A better protocol for the copy/paste method is needed. For one, you shouldn't have to use intermediary files. I was annoyed when I did grin wallet send -m file -d - and it actually created a file called "-" instead of writing to stdout like it should.
grin needs to be much better at handling transactions that never continue beyond the first or second step in the three-way transaction process. They probably shouldn't even show up in the main transaction log.
Currently I think that there's no way for the recipient to get the modified slate after running receive the first time (eg. if it gets lost), which is nuts. And currently there appears to be no reasonable method for proving that you sent a transaction.
By default they want you to essentially pay to IP addresses. This was stupid when Satoshi tried it 10 years ago, and it's stupid now. At the very least you should strongly encourage (ie. nearly force) people to give out public keys along with their IPs, since otherwise MITM attacks are trivial. Even then it sucks to require the recipient to run an open-to-the-Internet server at all. And for goodness' sake, don't use the broken/centralized HTTPS system; the Bitcoin Core devs have been going to a lot of trouble trying to remove that garbage from Core.
A better protocol for the copy/paste method is needed. For one, you shouldn't have to use intermediary files. I was annoyed when I did grin wallet send -m file -d - and it actually created a file called "-" instead of writing to stdout like it should.
grin needs to be much better at handling transactions that never continue beyond the first or second step in the three-way transaction process. They probably shouldn't even show up in the main transaction log.
Currently I think that there's no way for the recipient to get the modified slate after running receive the first time (eg. if it gets lost), which is nuts. And currently there appears to be no reasonable method for proving that you sent a transaction.
The community is working pretty hard on addressing these. Right now, it's all about getting the infrastructure going, and then hopefully soon we'll get a better user experience around it. Just a matter of time (and of course, everyone can help and speed things up).
Sweet
)