Topic: Trezor AOPP Integration - page 2. (Read 689 times)

I've checked the GitHubs of all the wallets I use and have found no mention of it, which is reassuring. Implementing it in secret isn't really going to work, since the user will either have to choose to activate it to approve a certain address for an exchange, or will link their wallet to the exchange to have the exchange do it for them, in which case it will be obvious what is happening in the background. They might be able to add it to their wallet in secret, but everyone will know it is there as soon as they are presented with the option to start using it.

Among the popular wallets, yes, BitBox is the one that still hasn't turned its back on AOPP. But there are also less-known service providers like Bittr and Pocket, or Aktionariat (whatever that is). Maybe there are more wallets but they haven't publicly announced their support. Seeing the shit they had to take once it became known who did it, the next step could be to try and implement it in secret without telling anyone about it. Especially if they are already closed-source.     

Yeah, I've been less and less impressed with some of the decisions being made by Mozilla as time goes on, not least of a company supposedly focused on privacy, security, and self ownership of your data deciding to no longer accept cryptocurrency donations.

A great point made by Samourai:


Requiring that a bank or exchange gives you permission to hold your own coins means, by definition, that said bank or exchange can refuse to give you permission to hold your own coins. This is the exact opposite of what bitcoin stands for, and by supporting AOPP you are supporting this nonsense.

Now that Trezor, BlueWallet, and Sparrow Wallet are all removing support, that leaves only BitBox, correct? And considering they helped to design it I can't see them removing support for it any time soon.

Good job to the community for speaking out so loudly against this privacy invading nonsense. Now you just need to stop using centralized exchanges altogether!

Many developers are now afraid of losing customers because of the shitstorm AOPP caused.

Samourai Wallet has stated they will not be implementing AOPP and gave a long list of reasons why.

The mobile lightning wallet Zeus has said the following about AOPP:
Source: https://twitter.com/ZeusLN/status/1486788819198218241

Blockstream also doesn't want it.

after the disastrous reception of Trezor's implementation of AOPP, which they were basically forced to rollback, i doubt Ledger or any other hardware wallet will freely implement it.

I think they will only do such implementation if forced by legislation. My guess.


edit:
Blue wallet also removed AOPP integration:
https://twitter.com/bluewalletio/status/1486805550608392194

Isn't Mozilla doing something similar with Firefox like Brave, behind the scenes? They even returned google as their default search option
If you want more privacy open source browser than try using Librewolf that is fork of Firefox, and for real privacy just use Tor browser.

Getting back to AOPP, what do you guys think will be next hardware wallet to make AOPP integration? Maybe Ledger is next?
I know Keystone wallet is strongly against it and they even had 10% discount code for seven days using Coupon code NoAOPP  
https://nitter.kavin.rocks/KeystoneWallet/status/1486817891202654211

If you really need to use a Chromium based browser for some testing or some broken website which won't work otherwise, then Ungoogled Chromium or Bromite for Android are probably your best bet. But no matter how much tweaking you do of Chromium, you will never be able to remove all the deeply embedded crap from Google.

There are lots of different tools you can use to harden Firefox. Probably the most comprehensive one is to download and use the Arkenfox profile: https://github.com/arkenfox/user.js. If you want something more specific, then you can use this tool to build a custom profile suited to your needs: https://ffprofile.com/. There are also forks of Firefox with a lot of hardening built in, such as: https://librewolf.net/.

I use firefox as well.

I recently added up these settings to get a better privacy experience in firefox. They called it hardening firefox. This guides helps to prevent telemetry and a few configurations which harms our privacy in the default firefox configuration.
https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/

I heard Chromium ('degoogled') should be a good choice as well, but I don't really like the idea of using it myself.

I feel the same; but I have to be cautious not to sound like a Passport shill, lol. Though I can always point people to my review, that I think did criticize everything that's wrong / bad about it. Excited to see what changes will be in the v2 and of course going to review it sooner or later as well..

I take major issues with how it is run. While marketing themselves as this magic bullet of privacy and anti-tracking, they accept money from companies such as Facebook and Twitter to whitelist their trackers. They still serve ads, just ads that they get paid for instead of other people, and in doing so inject their code in to every single website you visit to remove the native ads and replace them with their own, which is a security risk. They secretly hijack your browser and auto-redirect URLs you enter to include their referral codes. They accept a lot of money from Binance to inject Binance widgets in to the browser and to share your data with Binance. And don't even get me started on how a "privacy" browser can be asking its users for KYC.

All in all, it's probably better than Chrome, but it's far inferior to Firefox in terms of security and privacy. They do a lot of shady stuff behind the scenes, accepting money to sell out on both the privacy and the security of their users, while outright lying in their advertising and marketing.

Man, in my search for a new hardware wallet, Passport are really making it hard not to like them. I just wish they would remove all the unnecessary and risky bloatware they fill their device up with. I'll never buy one unless they do.

It was there, I saw it as well. They might have removed the wallets section, but they forgot something else. If you click on 'Ecosystem', you will see some quotes and feedback from wallet developers on what they have to say about AOPP. That's almost the same thing because they posted which companies those people work for.
 
Right now, we have BlueWallet, bittr, BitBox, Pocket, Aktionariat, 21 Analytics.

To be honest, I am from now on going to carefully read the release notes of the wallets I'm using, for sure. It's much better than noticing it like a year later as in this case.

Yeah, that's exactly what I mean. Somehow people collectively noticed just now that half the wallets around have incorporated AOPP in their products.

---

By the way; I just wanted to see if there were any news about Passport v2 and found out that apparently @zherbert and his team have a very strong stance against AOPP, basically saying what we concluded in this topic earlier: it's technically just a shortcut to signing messages (which Passport can do), but they don't want to implement it because of the 'symbolic' of not agreeing to make deanonymizing users easy.

Just wanted to put this out here..

This may sound like I'm trying to defend Trezor ^{[I'm not, even though I'm using one of their products]} but to be fair, Trezor added that feature just "two weeks ago"...

I'm pretty sure I've read the "Trezor Suite's January update" before I installed it, but for some reason, I didn't pay enough attention to that feature until ChiBitCTy created this thread ^[SMH].

What's up with Brave, bad service? I have it and use it sometimes...thought it was pretty legit but what do i know!

It's dEcEntTraLisEd technology wallet so they must add support asap
Just wait for WorldEconomicForum to approve that, they have Aya Miyaguchi as one of Executive Director of eth foundation, just on the left side of mr. V. Buterin.


ethereum.foundation/about/board/

Yeah but we can't actually follow all the updates coming out all the time for various crypto wallets, and people don't pay much attention and they just click update button, especially tiktok short attention span generation.
I was following reactions for BitBox hardware wallet and people are not happy at all about this, but developers don't have any intention to remove full support for AOPP.

I'm honestly wondering how it was introduced in the first place without anyone noticing, and the big negative reaction only coming in January 2022.
For instance, BlueWallet introduced it in April 2021, almost a year ago.


Sparrow also added it in spring last year.


ShiftCrypto added it in August 2021.

In conclusion, it seems to me that many in here (I'm guilty of this as well! ) have been using wallets with AOPP withing the last year without noticing it. Let this be a lesson to better verify what we are actually installing and continue supporting when updating our wallets..

We're at peak cancel culture apparently. A business deal falls apart - yep, that's because people just want you cancelled for no reason whatsoever, definitely not because your sleazy useless "service" is not wanted or needed. What a bunch of petulant children.

They should implement this shit on the web3nftdefimetamask stuff if they haven't done so yet. It will be welcomed with open arms and no pesky privacy concerns.

Surprised it isn't on the Brave homepage yet.

Pretty disgusting. But I guess that's to be expected from a company called "21 Analytics" whose entire purpose is to deanonymize you, your addresses, and your transactions, and report all that information to the government. This nonsense about cancel-culture just proves they haven't listened to the community at all or taken onboard literally any of the things people have been saying.

Their GitLab reveals a lot behind their thought processes:

https://gitlab.com/aopp/address-ownership-proof-protocol/-/issues/11 - It used to refer widely to banks. Good thing they changed that to the less offensive "VASP".
https://gitlab.com/aopp/address-ownership-proof-protocol/-/issues/10#note_524146131 - Should we change the name to "control" rather than "ownership". CTO - no, we need to keep it as accessible as possible for lawyers in every jurisdiction in the world.

Hahaha what? A vital part? Bitcoin will do just fine without your stupid protocol, thanks very much.

Just look at their ridiculous definition of their own AOPP service...
Most exchanges, even centralized with strict kyc don't ask from users some special knowledge for withdrawing coins.
It's simple click of a button and entering your wallet address... I don't see anything complicated there that would need simplification.
Even signing a message is not a big deal with simple instructions, many forum members did it here and they are not experts with some super-secret hidden knowledge.

This (which I only read through Tor, of course) is funny:
There's absolutely no technical reason a user cannot withdraw without this. They're offering a solution waiting for a problem that has to be created by either governments or exchanges.

It gets even better:
I can't even begin to explain how wrong this is. To hold Bitcoin in your own wallet you don't need AOPP, you don't need centralized services, and you don't need government approval!

Maybe they should read again what Satoshi actually wrote. Just the first sentence is enough:
I'll emphasize: