-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
how to coordinate multiple wallets #2628
Comments
@michaelfig pre-dates on-chain wallet effort, if this is no longer relevant, please close. |
obsolete in favor of on-chain wallet plans (#3995) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the Problem Being Solved?
Users will expect to be able to have multiple coordinated user agents, e.g. one on their phone, and a second on their laptop. All agents should have equal functionality, and changes initiated by one agent should appear on the others.
Most platforms have some form of this (web browsers with synchronized bookmarks/passwords/tabs, chat clients, etc). There are more interesting design/security issues on platforms that are meant to be secure, because there is no central server which has the full authority, and instead each new agent must be embued with authority by an old one. This frequently involves generating some sort of cryptographic value on an existing agent, and having the human transfer it (type it into) the new one, then having the old and new agents communicate (encrypted) through an untrusted central machine to transfer the necessary data.
The cheap/lazy way to enable multiple user agents is to make them all identical. This fails as soon as the agents have any interesting amount of state, because they'll become hopelessly confused ("you think I said what? no that was my identical twin"). Instead, you need each agent to be distinct, but merely granted similar authorities, and to talk to each other to keep their user-facing status in sync.
Our platform makes this even more interesting, because of the dynamic state each vat/swingset holds. We might have a chain-side object that holds a bunch of Purses, which is easy enough to share between the agents, but any larger-scale structures or plans that aren't easily captured in that object, will need to be kept somewhere.
This overlaps a good bit with having a wallet recovery plan: the data that you'd need to recover from offline storage (perhaps as little as a single private key) if all of your agents were to die, is probably the same data that needs to be managed jointly by multiple living agents.
So the task is to allow two or more distinct swingsets, each holding its own wallet vat, to coordinate with each other. We'll probably need some way for all of a user's wallets to find each other and broadcast events to each other. And we'll need a way to add a new agent to the existing set, with some sort of secure authorization process.
Description of the Design
needs to be designed
Security Considerations
The text was updated successfully, but these errors were encountered: