[alexbosworth]

Is it open source?

[flybird]

if you have installed, let me know your registration email. I will offer free bitcoin to get feedback.

[alexbosworth]

I installed it, - my hn nick at gmail

My feedback is

- Hard to trust any app for btc that isn't open source

- Requiring a photo is pretty severe, scale factor is wrong mode in the uiimageview

- The security is pretty crazy, unlock pattern + password - make it easy to get started

- Seed value should require repeating back to the app

- Multisig looks complicated, I'd like it to work with Electrum

- Seed should give me some idea of its standard, can I restore it with another app

- It's missing press states on a lot of stuff

- Would be cool to integrate with trustedcoin api

The gold standard is breadwallet, have to beat that. I like the multisig angle, but it has to be done correctly

[flybird]

I could send coins to nick at gmail. please correct? -point taken; -any suggestions to make more secure with good user experience? -input 12 english words for opening app every time? -Is Electrum simpler? -Seed is BIP standard -point taken; -If there is a standard, we will follow;But if it's another 3rd party, then we hesitate; BreadWallet is cool. But it doesn't support email and multiSig. And the UI is not very good.

[alexbosworth]

my email is alexbosworth at gmail dot com

- I'd incorporate touchID, I've used it in iOS and it's easy to add.

- One feature I'm thinking about for my iOS apps is using the Apple Watch as a 2nd factor auth mechanism. I haven't looked into the feasibility of it yet though and probably not many people have smartwatches

- After the user writes down the seed when setting up the wallet, challenge them to verify their written seed. I think this is how Electrum works, try that out

- BIP standard is a good idea for the seed, but try and mention other wallets that the seed can be used in, for reference purposes

- Multisig is definitely the winner here, but I'd go farther, really look into trustedcoin API

[flybird]

Please check your wallet for 1mbtc as my appreciation. -TouchID is in the plan; -AppleWatch as well; -challenge with seed? Users already complain the current process why to write down the seed. Very hard to balance security and usability; Electrum is for pro; -Good suggestion; -Our multisig has some specific security design. Not sure if bitGo or Trustedcoin supports. We will certainly support more 3-rd parties once we have bandwidth; thank you again.

[alexbosworth]

Thanks for the 1mbit :) The absolute killer feature for me is multisig with a second party, based on a standard BIP backup seed - so 2 of 3, I hold 2 keys on a paper wallet, the mobile app holds 1 key, the trusted other party holds 1 key, 2 keys are needed to send transactions.

Basically my preference for bitcoin software is like this:

1. If there is a bad update to the software, I feel safe that it doesn't matter too much because there is a secondary signature needed to approve a transfer

2. If the software is discontinued or I want to stop using it, I feel safe it doesn't matter because I can restore from a seed elsewhere

I appreciate safeguards to the device like the touchId etc, however there's a tricky balance there of security vs usability. I think using the touch movement pattern is a great idea for a backup method and touchId can be the primary method.

[flybird]

plan to be since it's decentralized.