bgroff at lavabit.com [ARCHIVE] on Nostr: 📅 Original date posted:2011-08-11 🗒️ Summary of this message: Gavin Andresen ...
📅 Original date posted:2011-08-11
🗒️ Summary of this message: Gavin Andresen plans to prioritize wallet security by implementing Matt Corallo's wallet encryption and Bobby Groff's Multisign patch.
📝 Original message:Matt Corallo wrote:
> On Wed, 2011-08-10 at 12:29 -0400, Gavin Andresen wrote:
>> I've been wading through the pull requests and bug lists to figure out
>> a roadmap for the next few months.
>> ...
>> 3. Wallet security. I'd like to get Matt's wallet encryption shipped
>> soon, along with all or part of groffer's Multisign patch (#319 --
>> since that will enable the creation of trojan-resistant secure wallet
>> solutions).
> I was under the impression all that was left on the to-do for 0.4 was
> wallet import/export testing and merge (and a few bug fixes like #453),
> I agree #319 should be pulled sometime soon, but maybe for 0.4 just the
> IsStandard parts in 0.4 as those need to get out first anyway?
I'm not sure splitting the patch this way makes a big difference. The
IsStandard part depends on the construction of the multisign script, which
is what most of the patch does anyway. In other words, if upon further
review the script construction needs to change, IsStandard will change.
So a full review would be better.
Also, with unit test coverage for both this feature and existing
script.cpp code, I'm hoping that this patch is relatively low risk and
actually pays down some existing test debt.
--
Bobby Groff
🗒️ Summary of this message: Gavin Andresen plans to prioritize wallet security by implementing Matt Corallo's wallet encryption and Bobby Groff's Multisign patch.
📝 Original message:Matt Corallo wrote:
> On Wed, 2011-08-10 at 12:29 -0400, Gavin Andresen wrote:
>> I've been wading through the pull requests and bug lists to figure out
>> a roadmap for the next few months.
>> ...
>> 3. Wallet security. I'd like to get Matt's wallet encryption shipped
>> soon, along with all or part of groffer's Multisign patch (#319 --
>> since that will enable the creation of trojan-resistant secure wallet
>> solutions).
> I was under the impression all that was left on the to-do for 0.4 was
> wallet import/export testing and merge (and a few bug fixes like #453),
> I agree #319 should be pulled sometime soon, but maybe for 0.4 just the
> IsStandard parts in 0.4 as those need to get out first anyway?
I'm not sure splitting the patch this way makes a big difference. The
IsStandard part depends on the construction of the multisign script, which
is what most of the patch does anyway. In other words, if upon further
review the script construction needs to change, IsStandard will change.
So a full review would be better.
Also, with unit test coverage for both this feature and existing
script.cpp code, I'm hoping that this patch is relatively low risk and
actually pays down some existing test debt.
--
Bobby Groff