[IDEA][BRAINSTORM] How about a remote wallet ?

[rosengold]

Hi guys hope you are good, 

Sometime ago I started to develop a system to connect easily some NFT game account owners to another people interested in 'rent' his accounts. 

One of main challenge of this project was stablish the 'trust' with both parts without a 3-way or middle man, So I prepared a web3 wallet that instead of sign locally the messages, that wallet uses a watch only address to connect to another computer where the original owner have his original wallet (metamask in this case) so the owner receive a message asking for a signature (not transactions, messages only) and if he approves that connection request so the user can connect on the other side.

My thoughts about this system lead me to a point: instead of use lots of devices with imported seed phrases or private keys out there, why someone can't just use one device with for example a hardware wallet on his computer and a remote wallet on his mobile or all other devices he use, this way you'll have to input a security wall like a 2FA in the wallet before sign any message/transaction directly. I never saw any proposals leading to a remote wallet like this.

how about that ?

[o_e_l_e_o]

My thoughts about this system lead me to a point: instead of use lots of devices with imported seed phrases or private keys out there, why someone can't just use one device with for example a hardware wallet on his computer and a remote wallet on his mobile or all other devices he use, this way you'll have to input a security wall like a 2FA in the wallet before sign any message/transaction directly. I never saw any proposals leading to a remote wallet like this.

Two initial thoughts.

First of all, the master remote wallet will have to be online at all times to be able to be accessed from the other devices, and so the security would be poor.

Secondly, it seems overly complicated since the same set up (being able to access a single wallet from multiple devices) can already be achieved by just importing the same seed phrase in to multiple wallets. This way also has the benefit of not having to host a remote wallet and be dependent on it being online at all times, as well as removing the extensive attack surface which comes with hosting an online wallet which accepts incoming unsigned transactions for signing and the software on your mobile devices to create and transmit such unsigned transactions.

[The Cryptovator]

I am not getting why you have to do many things where you have a seed phrase or the wallet private key? No matter where you are or which device are you using. You always could access it through your hardware wallet, seed, and private keys. You can use the same wallet on multiple devices.

By the way, I am not getting your concept about rent or borrowing accounts.

[NeuroticFish]

From what I understand the actual signing still happens at the user, so it's just an overcomplication with doubtful benefits.

so the owner receive a message asking for a signature (not transactions, messages only) and if he approves that connection request so the user can connect on the other side.

What if a malicious third party intercepts the message and ask for signing a transaction that send coins to a different address? Will your design get the user see and deny that?

like a 2FA

2FA is not as good as you'd think. There can be many ways to go around it if the whole system is complicated.


However, let's say that all goes great. You have basically an online wallet where one still needs a local corresponding wallet to sign the transaction.
What stops the online wallet mine all kinds of data about the customers? And what's the benefit of those customers? (I don't see any.)

[goldkingcoiner]

I am not sure why you would need a remote wallet for a wallet that is already decentralized. Is the remote not connected to the internet? You would still need some kind of connection then, like a phone connection?

To me it seems like this is a lot of mental gymnastics without a clear purpose. What are the use cases for this which aren't already fullfilled by the blockchain technology itself? 

Honestly, unless you explain a bit more detailled why anyone would need this, I do not see any advantages of a remote wallet currently.

[Iron Fist]

instead of use lots of devices with imported seed phrases or private keys out there, why someone can't just use one device with for example a hardware wallet on his computer and a remote wallet on his mobile or all other devices he use...

Basically, you are describing a custodial web wallet. I think there are some existing ones that have API access points. If not, given the large number of open source solutions available, I believe something like this can be done. However, the real question is, what would be the advantage of such a setup? I don't see it, and there are numerous drawbacks, as others have already pointed out.

[NotATether]

For that to work you would need to design your own TCP protocol just to talk to the wallets on those different devices, and maybe even have "agent" services running on each device.