I'm just getting my feet wet with Bitcoin wallet development and I'm unsure where I should create transactions. The mobile wallet will maintain the private keys and my server will maintain a full node. Is it possible to have the server create the transaction, the mobile wallet signs it, and the server broadcasts it? Or should the mobile wallet be responsible for creating and sending the transaction?
Thanks,
Johnny
I think you're touching on something of a holy grail for bitcoin user experience design. The inherent contradiction of bitcoin is that if someone else is in custody of your keys you don't control your coins. This makes it very hard to create services for bitcoin because you basically need to win user trust AND if you fuck up someone will steal all deposited coins.
A way forward would be a model like you're describing - webapps that provides all the
logic but the keys and transaction signing still resides at the user end, distributing risk which is good for both developers and users. If a webapp can coordinate multiple users to create multisig addresses, then suddenly we have "dumb" smart contracts - perhaps not self-executing, but still programmable money on top of a webstack which everyone already knows how to use!
I've been trying to talk to people on reddit about this, but the interest has been mild. The obvious missing component here is a BIP standard employed by all wallets. There is already a way to do payment requests, which is basically the above but with simple one-way payments. What we need is support for multisig, message signing (authentication) so that we can write more complex applications with minimal risk.
This is really the missing link for bringing about the "internet of value".
