Unverified Commit 7031777d authored by Thibaut Sardan's avatar Thibaut Sardan Committed by GitHub
Browse files

chore: mention Kusama and or substrate in the T&Cs (#342)

* chore: mention Kusama and or substrate

* chore: update

* Apply suggestions from code review
parent e2ab9e5b
Pipeline #50891 failed with stage
in 14 seconds
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
Parity Signer is a mobile application that allows any smartphone to act as an air-gapped crypto wallet. This is also known as "cold storage". Parity Signer is a mobile application that allows any smartphone to act as an air-gapped crypto wallet. This is also known as "cold storage".
Once the app has been installed, users can create Ethereum accounts, sign messages/transactions, and transfer funds to and from these accounts without any sort of connectivity enabled on the device. Once the app has been installed, users can create Kusama or Ethereum accounts, sign messages/transactions, and transfer funds to and from these accounts without any sort of connectivity enabled on the device.
Users can opt to shut off and even physically remove the smartphone's Wifi, Mobile Network, and Bluetooth to ensure that the mobile phone containing these accounts will not be exposed to any online threat. Users can opt to shut off and even physically remove the smartphone's Wifi, Mobile Network, and Bluetooth to ensure that the mobile phone containing these accounts will not be exposed to any online threat.
...@@ -16,7 +16,7 @@ Users can opt to shut off and even physically remove the smartphone's Wifi, Mobi ...@@ -16,7 +16,7 @@ Users can opt to shut off and even physically remove the smartphone's Wifi, Mobi
Have a look at the tutorial on our wiki to learn how to use [Parity Signer together with Fether](https://wiki.parity.io/Parity-Signer-Mobile-App-Fether-tutorial) or [MyCrypto app](https://wiki.parity.io/Parity-Signer-Mobile-App-MyCrypto-tutorial). Have a look at the tutorial on our wiki to learn how to use [Parity Signer together with Fether](https://wiki.parity.io/Parity-Signer-Mobile-App-Fether-tutorial) or [MyCrypto app](https://wiki.parity.io/Parity-Signer-Mobile-App-MyCrypto-tutorial).
Any data transfer from or to the app will happen using QR code scanning. By doing so, the most sensitive piece of information, the private keys, will never leave the phone. The Parity Signer mobile app can be used to store any Ethereum account, this includes ETH, ETC as well as Ether from various testnets (Kovan, Ropsten...). Any data transfer from or to the app will happen using QR code scanning. By doing so, the most sensitive piece of information, the private keys, will never leave the phone. The Parity Signer mobile app can be used to store any Kusama or Ethereum account, this includes ETH, ETC as well as Ether from various testnets (Kovan, Ropsten...).
## Device security ## Device security
......
...@@ -7,7 +7,7 @@ This policy (together with our terms of use on our websites [https://parity.io]( ...@@ -7,7 +7,7 @@ This policy (together with our terms of use on our websites [https://parity.io](
## What data do we collect from you? ## What data do we collect from you?
The Ethereum client written in the programming language Rust known as Parity does not collect information from you, however any information you publish onto a blockchain like Ethereum is public by design. The Ethereum and Substrate based blockchain clients written in the programming language Rust known as Parity does not collect information from you, however any information you publish onto a blockchain like Ethereum is public by design.
If you go to our Sites or utilise other services, we may collect and process the following personal data about you: If you go to our Sites or utilise other services, we may collect and process the following personal data about you:
......
...@@ -4,7 +4,7 @@ export default ` ...@@ -4,7 +4,7 @@ export default `
## LEGAL WARNING SHORT VERSION ## LEGAL WARNING SHORT VERSION
### Disclaimer of Liability and Warranties ### Disclaimer of Liability and Warranties
- The user expressly acknowledges and agrees that Parity Technologies Limited makes the Parity Signer application available to the user at the user's sole risk. - The user expressly acknowledges and agrees that Parity Technologies Limited makes the Parity Signer application available to the user at the user's sole risk.
- The user represents that the user has an adequate understanding of the risks, usage and intricacies of public and private key cryptography, cryptographic tokens, mobile wallet technology, blockchain-based open source software, the Ethereum platform and Ether (ETH). - The user represents that the user has an adequate understanding of the risks, usage and intricacies of public and private key cryptography, cryptographic tokens, mobile wallet technology, blockchain-based open source software, the various platforms that Signer supports, including the Ethereum platform and any platforms built on Substrate including Kusama and Polkadot, and the blockchain tokens native to the various platforms supported by Signer, including Ether (ETH), Kusamas (KSM) and DOTs.
- The user acknowledges and agrees that, to the fullest extent permitted by any applicable law, the disclaimers of liability contained herein apply to any and all damages or injury whatsoever caused by or related to risks of, use of, or inability to use, the Parity Signer application under any cause or action whatsoever of any kind in any jurisdiction, including, without limitation, actions for breach of warranty, breach of contract or tort (including negligence) and that Parity Technologies Limited shall not be liable for any indirect, incidental, special, exemplary or consequential damages, including for loss of profits, goodwill or data. - The user acknowledges and agrees that, to the fullest extent permitted by any applicable law, the disclaimers of liability contained herein apply to any and all damages or injury whatsoever caused by or related to risks of, use of, or inability to use, the Parity Signer application under any cause or action whatsoever of any kind in any jurisdiction, including, without limitation, actions for breach of warranty, breach of contract or tort (including negligence) and that Parity Technologies Limited shall not be liable for any indirect, incidental, special, exemplary or consequential damages, including for loss of profits, goodwill or data.
- Some jurisdictions do not allow the exclusion of certain warranties or the limitation or exclusion of liability for certain types of damages. Therefore, some of the above limitations in this section may not apply to a user. In particular, nothing in these terms shall affect the statutory rights of any user or limit or exclude liability for death or physical injury arising from the negligence or wilful misconduct of Parity Technologies Limited or for fraud or fraudulent misrepresentation. - Some jurisdictions do not allow the exclusion of certain warranties or the limitation or exclusion of liability for certain types of damages. Therefore, some of the above limitations in this section may not apply to a user. In particular, nothing in these terms shall affect the statutory rights of any user or limit or exclude liability for death or physical injury arising from the negligence or wilful misconduct of Parity Technologies Limited or for fraud or fraudulent misrepresentation.
- All rights reserved by Parity Technologies Limited. Licensed to the public under the GNU General Public License Version 3: https://opensource.org/licenses/GPL-3.0 - All rights reserved by Parity Technologies Limited. Licensed to the public under the GNU General Public License Version 3: https://opensource.org/licenses/GPL-3.0
...@@ -16,13 +16,13 @@ The following Terms and Conditions ("Terms") govern the use of Parity Technologi ...@@ -16,13 +16,13 @@ The following Terms and Conditions ("Terms") govern the use of Parity Technologi
The User acknowledges the following serious risks to any users of Parity Signer and expressly agrees not to hold liable Parity Technologies or the Parity Technologies Team should any of these risks occur: The User acknowledges the following serious risks to any users of Parity Signer and expressly agrees not to hold liable Parity Technologies or the Parity Technologies Team should any of these risks occur:
### Risk of Security Weaknesses in the Parity Core Infrastructure Software ### Risk of Security Weaknesses in the Parity Core Infrastructure Software
Parity Signer uses open-source libraries and components developed by third parties. While Parity Technologies Limited generally aims to use only widely adopted open-source technology and develop it in line with industry standards, such open-source technology may contain bugs and errors and may not function correctly in all circumstances. As a result, there is a risk that Parity Technologies or the Parity Technologies Team may have introduced unintentional weaknesses or bugs into the core infrastructural elements of Parity Signer causing the loss of private keys stored in one or more user accounts in the application, Ethereum tokens ("ETH") or sums of other valued tokens. Parity Signer uses open-source libraries and components developed by third parties. While Parity Technologies Limited generally aims to use only widely adopted open-source technology and develop it in line with industry standards, such open-source technology may contain bugs and errors and may not function correctly in all circumstances. As a result, there is a risk that Parity Technologies or the Parity Technologies Team may have introduced unintentional weaknesses or bugs into the core infrastructural elements of Parity Signer causing the loss of private keys stored in one or more user accounts in the application and sums of valued blockchain tokens such as ETH, KSMs or DOTs.
### Risk of Weaknesses or Exploitable Breakthroughs in the Field of Cryptography ### Risk of Weaknesses or Exploitable Breakthroughs in the Field of Cryptography
Cryptography is an art, not a science, and the state of the art can advance over time. Advances in code cracking, or technical advances such as the development of quantum computers, could present risks to cryptocurrencies and Parity Signer, which could result in the theft or loss of private keys stored in one or more user accounts in the Parity Signer application, ETH or sums of other valued tokens. To the extent possible, Parity Technologies intends to update the software underlying Parity Signer to account for any advances in cryptography and to incorporate additional security measures, but it cannot predict the future of cryptography or guarantee that any security updates will be made, timely or successful. Cryptography is an art, not a science, and the state of the art can advance over time. Advances in code cracking, or technical advances such as the development of quantum computers, could present risks to cryptocurrencies and Parity Signer, which could result in the theft or loss of private keys stored in one or more user accounts in the Parity Signer application, ETH, KSMs, DOTs or sums of other valued tokens. To the extent possible, Parity Technologies intends to update the software underlying Parity Signer to account for any advances in cryptography and to incorporate additional security measures, but it cannot predict the future of cryptography or guarantee that any security updates will be made, timely or successful.
### Risk of Mining Attacks ### Risk of Mining Attacks
The blockchains for which Parity Signer creates accounts are susceptible to mining attacks, including but not limited to double-spend attacks, majority mining power attacks, "selfish-mining" attacks, and race condition attacks. Any successful attacks present a risk to the ecosystems of those blockchains, for example in respect of the Ethereum ecosystem a successful attack would present risks to the expected proper execution and sequencing of ETH transactions, and the expected proper execution and sequencing of contract computations. Despite the efforts of Parity Technologies and the Parity Technologies Team, known or novel mining attacks may be successful. Some of the blockchains for which Parity Signer creates accounts are susceptible to mining attacks, including but not limited to double-spend attacks, majority mining power attacks, "selfish-mining" attacks, and race condition attacks. Any successful attacks present a risk to the ecosystems of those blockchains, for example in respect of the Ethereum ecosystem a successful attack would present risks to the expected proper execution and sequencing of ETH transactions, and the expected proper execution and sequencing of contract computations. Despite the efforts of Parity Technologies and the Parity Technologies Team, known or novel mining attacks may be successful.
### Risk of Rapid Adoption and Insufficiency of Computational Application Processing Power on the Ethereum Network ### Risk of Rapid Adoption and Insufficiency of Computational Application Processing Power on the Ethereum Network
If Ethereum is rapidly adopted, the demand for transaction processing and distributed application computations could rise dramatically and at a pace that exceeds the rate with which ETH miners can bring online additional mining power. Under such a scenario, the entire Ethereum ecosystem could become destabilized, due to the increased cost of running distributed applications. In turn, this could dampen interest in the Ethereum ecosystem and ETH. Insufficiency of computational resources and an associated rise in the price of ETH could result in businesses being unable to acquire scarce computational resources to run their distributed applications. This would represent revenue losses to businesses or worst case, cause businesses to cease operations because such operations have become uneconomical due to distortions in the crypto-economy. If Ethereum is rapidly adopted, the demand for transaction processing and distributed application computations could rise dramatically and at a pace that exceeds the rate with which ETH miners can bring online additional mining power. Under such a scenario, the entire Ethereum ecosystem could become destabilized, due to the increased cost of running distributed applications. In turn, this could dampen interest in the Ethereum ecosystem and ETH. Insufficiency of computational resources and an associated rise in the price of ETH could result in businesses being unable to acquire scarce computational resources to run their distributed applications. This would represent revenue losses to businesses or worst case, cause businesses to cease operations because such operations have become uneconomical due to distortions in the crypto-economy.
......
...@@ -38,12 +38,19 @@ export default class About extends React.PureComponent { ...@@ -38,12 +38,19 @@ export default class About extends React.PureComponent {
developed by Parity Technologies. It allows users to use a developed by Parity Technologies. It allows users to use a
smartphone as cold storage. smartphone as cold storage.
</Text> </Text>
<Text style={styles.text}>
This application is meant to be used on a phone that will remain offline at any point in time.
To upgrade the app, you need to make sure you backup your accounts (e.g by writing the recovery phrase on paper),
then factory reset the phone, then install Parity Signer's new version either from the store
(iPhone or android) or from a sd card, and finally turn your phone offline for good
before recoveing or generating new accounts.
</Text>
<Text style={styles.text}> <Text style={styles.text}>
Any data transfer from or to the App will happen using QR code Any data transfer from or to the App will happen using QR code
scanning. By doing so, the most sensitive piece of information, the scanning. By doing so, the most sensitive piece of information, the
private keys, will never leave the phone. The Parity Signer mobile private keys, will never leave the phone. The Parity Signer mobile
app can be used to store any Ethereum account. This includes ETH, app can be used to store Ethereum or Kusama accounts. This includes ETH,
ETC as well as Ether from various testnets (Kovan, Ropsten). ETC or Ether from various testnets (Kovan, Ropsten…) as well as KSMs.
</Text> </Text>
<Text style={styles.text}> <Text style={styles.text}>
This app does not send any data to Parity Technologies or any This app does not send any data to Parity Technologies or any
...@@ -59,21 +66,6 @@ export default class About extends React.PureComponent { ...@@ -59,21 +66,6 @@ export default class About extends React.PureComponent {
{'https://github.com/paritytech/parity-signer'} {'https://github.com/paritytech/parity-signer'}
</Text>) and licensed under GNU General Public License v3.0. </Text>) and licensed under GNU General Public License v3.0.
</Text> </Text>
<Text style={styles.text}>
The cryptographic library used by Parity Signer has been audited and
the report is available at
<Text
style={[styles.text, { textDecorationLine: 'underline' }]}
onPress={() =>
Linking.openURL(
'https://www.trailofbits.com/reports/parity.pdf'
)
}
>
{' https://www.trailofbits.com/reports/parity.pdf'}
</Text>. Although the most critical part of this app has been
audited, bear in mind that the entirety of this application hasn't.
</Text>
<Text style={styles.text}> <Text style={styles.text}>
Find on the Parity Signer wiki more information about this Find on the Parity Signer wiki more information about this
application as well as some tutorials: application as well as some tutorials:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment