Apple approved my Electrum-compatible watch-only wallet!

[skidvis]

I was pretty sure they would reject it, but it passed!
If you're looking for a way to keep track of your Electrum addresses and balances on iOS:

http://www.electsum.com/

Feedback welcomed!

[LiteCoinGuy]

electsum or electrum   ?

should you be banned instead?

be carefull, smells fishy to me.

[R2D221]

I don't have an iPhone to test it, but it looks good

[bytemer]

Thanks! Downloading to my iphone now and test it. 

Congrat! 

[crazy_rabbit]

From the Website:

"Enter Your 12-Word Mnemonic [offline]
Enter the 12-word mnemonic that Electrum generated for you, feel free to do this part in Airplane Mode. Your 12-words are then encrypted using Military-Grade AES encryption, using the password you created, and your Public addresses are generated and stored. Your private keys are never stored or transmitted."

Your 12-word mnemonic IS the key to your private keys. Anyone can regenerate and steal your bitcoin from your 12-word mnemonic.

Sorry, but this sounds like literally giving all your bitcoin away. If your not an honest person, then you could be basically tricking people to render the security that Electrum offers moot. If you are an honest person then you need to find some way to prove it.

Unless I'm missing something- I'd need some solid proof you can't upload the 12-word mnemonic at some time in the future to your servers or something.

[crazy_rabbit]

Also on the website:

"Safe and secure: No private keys are used, that's why it's Watch-only, so your private keys stay safe. All data is encrypted with top-grade encryption."

Yet you ask for the 12 word mnemonic. That directly compromises your private keys.

[msc]

Sorry, but this sounds like literally giving all your bitcoin away. If your not an honest person, then you could be basically tricking people to render the security that Electrum offers moot. If you are an honest person then you need to find some way to prove it.

Unless I'm missing something- I'd need some solid proof you can't upload the 12-word mnemonic at some time in the future to your servers or something.

Right, the only solid proof would be in the source code.  If the app is honest, what it does is convert the mnemonic to the private key, and then to the public address, then throw away everything but the public address.

Maybe someone could analyze the data that the app stores on the phone.  But if it's stored using its own encryption, that might not be possible.

[minerpumpkin]

Nice idea, but entering the seed, mnemonic or private key is a big no no!
Even if you're honest, this practically may be intercepted by software running on the device. Chances are not that big on iOS, but technically this may happen.
Please, do this in a public-key-only manner and we'll be glad. Oh, and do this for the Mac as well!

[LiteCoinGuy]

and i guess bytemer and skidvis are the same person. please ban. 

[msc]

Please, do this in a public-key-only manner and we'll be glad. Oh, and do this for the Mac as well!

If it's an HD wallet, wouldn't you have to enter ALL of the addresses?  Maybe if there's an export from Electrum that you can import to iOS somehow.

[theFork]

Enter Your 12-Word Mnemonic [offline]
Enter the 12-word mnemonic that Electrum generated for you, feel free to do this part in Airplane Mode. Your 12-words are then encrypted using Military-Grade AES encryption, using the password you created, and your Public addresses are generated and stored. Your private keys are never stored or transmitted

ban them, some one alert apple


perhaps this is why apple let this one through!!!!

[cr1776]

Wow, just wow. This has lots of stolen bitcoins written all over it.

I'm not spending $0.99 to point this out in itunes, hopefully the author will rethink this approach - unless his motives are impure.

From the Website:

"Enter Your 12-Word Mnemonic [offline]
Enter the 12-word mnemonic that Electrum generated for you, feel free to do this part in Airplane Mode. Your 12-words are then encrypted using Military-Grade AES encryption, using the password you created, and your Public addresses are generated and stored. Your private keys are never stored or transmitted."

Your 12-word mnemonic IS the key to your private keys. Anyone can regenerate and steal your bitcoin from your 12-word mnemonic.

Sorry, but this sounds like literally giving all your bitcoin away. If your not an honest person, then you could be basically tricking people to render the security that Electrum offers moot. If you are an honest person then you need to find some way to prove it.

Unless I'm missing something- I'd need some solid proof you can't upload the 12-word mnemonic at some time in the future to your servers or something.

[OgNasty]

It is a little disturbing to see a 3rd party offer an app like this.  I had similar concerns when having my app developed for nastyfans.org.  Ultimately, I decided that I needed to review, rewrite, build, and upload the source code myself to a developer account in which I was the only person that had access in order to safeguard nastyfans.org users.  I couldn't imagine trusting something like this to a 3rd party.

[EvilPanda]

Op's first post, and this gets immediately bumped by bytemer (2 posts), probably his puppet account. This proves restricted newbie area should be brought back.

[skidvis]

Wow, sorry I haven't responded quicker, I was answering these very questions on Reddit: http://www.reddit.com/r/Bitcoin/comments/1x3vee/apple_approved_my_electrum_watchonly_wallet/

This app was rapidly developed to see how it would fair through Apple's approval process. As the site mentions, I don't store the private keys and encrypt the mnemonic which never leaves the app and is only used to generate the public addresses.

As you'll see on Reddit, many people agree with not sharing the mnemonic, which I understand. The update will use the Master Public Key to generate the addresses. I may be new to bitcointalk, but trust me this is no throw-away account, look at my reddit history.

You don't HAVE to use this, but it's not a scam of any sort, the site describes exactly what and how it all works. Nothing leaves the app except the public addresses to blockchain.info to get balances. But feel free to wait till 1.0.1 when I switch to the MPK.

[theFork]

Wow, sorry I haven't responded quicker, I was answering these very questions on Reddit: http://www.reddit.com/r/Bitcoin/comments/1x3vee/apple_approved_my_electrum_watchonly_wallet/

This app was rapidly developed to see how it would fair through Apple's approval process. As the site mentions, I don't store the private keys and encrypt the mnemonic which never leaves the app and is only used to generate the public addresses.

As you'll see on Reddit, many people agree with not sharing the mnemonic, which I understand. The update will use the Master Public Key to generate the addresses. I may be new to bitcointalk, but trust me this is no throw-away account, look at my reddit history.

You don't HAVE to use this, but it's not a scam of any sort, the site describes exactly what and how it all works. Nothing leaves the app except the public addresses to blockchain.info to get balances. But feel free to wait till 1.0.1 when I switch to the MPK.

A person should never give away their MPK either.

[Sonny]

A person should never give away their MPK either.

What does the Master Public key do? 

[ryansatria123]

wow, i'am sorry, can donation in my adress 1Ep1CBWahGbxNkGo5uTkfQpQczvRXMMSXr I'm needed for my school 

[LiteCoinGuy]

Op's first post, and this gets immediately bumped by bytemer (2 posts), probably his puppet account. This proves restricted newbie area should be brought back.

yep, and we should close this thread (and ban the guy).

[skidvis]

A person should never give away their MPK either.

What's wrong with sharing the MPK? That's what Electrum uses on their Watch-only wallet.