[TekMol]

I don't know Stellar, but I am interested in crypto and blockchain technology.

You say you are working with the Stellar blockchain. But then you say it's a thin wrapper around an API.

Are you doing the crypto (creating private keys, signing transactions) in your code? Looking through the code it looks like you call something called 'stellar-sdk' for it. Which is not part of the repo. I have the feeling the magic is happening in this external code. Which conflicts with the statement that the wallet is "easy to understand at a glance and transparent enough to be easily customized and fully trusted". One would have to also analyze that stellar-sdk: https://github.com/stellar/js-stellar-sdk/tree/master/src Something that is way too big to understand easily.

Also, I see some account creation code in your repo. If it is using a blockchain, why is it creating accounts on a service via an API? Can't I have my Stellar assets under control without having an account somewhere?

[brown-dragon]

The Stellar network is a new-ish blockchain network managed by https://www.stellar.org/

They provide a REST API for interacting with the network itself and JS/Go/Python/Java standard libraries that can be used. Of these, the JS library is the most developed which is why I picked it.

Using the standard stellar library to connect with stellar is secure and transparent enough. What the wallet does is encrypts and protects your account keys (which are what give you control over your accounts). It does this using `scrypt`(https://www.npmjs.com/package/scrypt) for PKDF and sodium (https://www.npmjs.com/package/tweetnacl) for the actual encryption. Having access to the code should show you that there are no backdoors built in, no information being sent across to any third-parties, and so on. This is what people care about when protecting their accounts.

Your second question is also very insightful. Creating accounts is at the heart of Stellar. You cannot start performing any transactions on the network without first creating an account. And, in order to create the account, it needs to be be funded. This is why the wallet allows you to create (and fund) a new account on the network. You can read more about it here: https://www.stellar.org/developers/guides/get-started/create...

[TekMol]

    Using the standard stellar library to connect
    with stellar is secure and transparent enough

How would one know that there are no backdoors or bugs in the library?

[brown-dragon]

There could be bugs, of course, but the library is open source and developed by the Stellar network team.

Of course you are right in a sense - the core team also should not be blindly trusted. But, because your account is managed by the wallet and stays local to your machine, there is nothing much the library _can_ do IMHO.

[TekMol]

    there is nothing much the library _can_ do IMHO

It's code that runs on your machine. What would prevent it to do whatever it wants? Like sending your private keys somewhere? Or using a weak form of crypto to create them so that somebody can guess them?

[brown-dragon]

That's an excellent point. The only place the library has access to the private keys are during account creation and message signing. Perhaps I should implement both directly in the wallet so it's visible and clear to everyone.