Skip to content

The Signer

@brianflanagan Something that we didn't discuss yet: the signer part. Basically each account can be unlocked by one of the following methods:

  • password
  • QR code on mobile phone
  • hardware wallet (like nano S)
  • a private key JSON file

Obviously for v1 we will only implement the password unlocking, but it would be good to keep in mind that we will extend that in the future. The question is: when should the user unlock his account?

The UX MetaMask has is one password for all accounts, unlocked at the very beginning. This would not work with us because some accounts are password-protected, while (in the future) other accounts can be unlocked differently (which MM doesn't offer). Moreover, I won't store the password anywhere, which is a security +.

I'd suggest prompting the user to input his password only when needed, i.e. when confirming sending the transaction.

The - is that if the user has 6 accounts, he'd need to remember 6 passwords.