sudoquai wrote: biolizard89 wrote:
sudoquai wrote:Trezor supporting Namecoin is a game changer. Go for it. It will help many traders to get their NMC out of exchanges and keep them in a safe place for long term trading (and holding).
I support this idea and will donate for it, as soon as it is finished.
If you like, you can put up a bounty for Trezor support at https://www.bountysource.com/issues/365 ... et-support
What do you think about the complexity to realize this? Is this possible for you, Bio ? I am thinking about a donation - i've never did donations over this system. Pay-Before-Work or Pay-After-Work?
There are a number of ways that this could be implemented.
The method that the Trezor people mention basically involves setting up a blockchain explorer API that can provide the Trezor web wallet with enough data for the web wallet to interact with the user's Trezor.
That method, as I understand it (anyone want to confirm?), has some security issues. Specifically, while it is not possible for the web wallet operator to steal your NMC (since the keys stay in your Trezor), they are able to falsely claim that you have received NMC (which might let someone commit fraud against you), as well as make your legitimately owned NMC unspendable (which might let someone punish users monetarily, or even steal names by forcing a name to expire). In my opinion, this is not adequate security.
The other method, which the Trezor people didn't mention, is to directly implement the Trezor hardware library into a Namecoin client which validates the blockchain as normal (this could be a full client, or a libcoin-style light client, or an SPV+UTXO ultra-light client). This gives the same security guarantees as the standard Namecoin client, with the additional benefit that your wallet is effectively in cold storage. I'm pretty sure that the Armory guys are planning on doing this; I'm not sure about other clients since I don't follow them as much. In my opinion, this is a better route to take.
So, if I were working on this, my approach would be to add Namecoin support to Armory, and let the Armory developers handle the details of Trezor integration for us. Other developers might choose to do different approaches. Given this, I guess it may be desirable to have separate bounties for different approaches, so that donors can have some kind of control over how their bounties are used.
With regards to whether I'm willing to work on this: I would be potentially interested. Whether I end up doing it depends on how much time I have once school starts (which isn't particularly predictable at this point), and how much funding is available. If I'm not able to do it, I suspect that someone else would, if there's enough funding.
BountySource accepts the donations prior to the work, but doesn't release the funds to the coder until the work is done (basically an escrow system). If there is any dispute, the BountySource people will mediate and decide whether to award the funds to the coder. They seem to have a pretty good reputation from what I've seen; I've never personally seen anyone upset with resolutions.
So, I will adjust the GitHub issue to clarify that there are multiple approaches, and set up a separate tracking issue for the two approaches I described. Then you're welcome to provide a bounty to either of your choice (although I certainly would encourage you to support Armory integration rather than the web wallet).
Does this sound good?