Development Roadmap

[sethsethseth]

Crashing bugs, any bug that might result in loss of bitcoins, and security fixes are always highest priority, but here are the big things I think are very high priority that, as far as I know, nobody is working on.  I think they all need to be done before we can say we have a "Bitcoin 1.0" :

• finish download-only-blockheaders client mode
• password-protect the wallet private keys (mitigate the steal wallet.dat problem: see https://gist.github.com/803170 )
• import a backed-up wallet
• figure out how to do click-to-pay
• design/implement a secure DNS-like "map string to bitcoin address" system  (so I can send bitcoins to "gavin@acm.org")
• export+encrypt part of your balance (for long-term storage; I still waffle on whether we want to encourage that right now)

Stumbled upon Gavin's post from over a year ago and wondered about the status of these points.  It looks like the pace of development is slow, but not being a programmer, I feel all I can do to help is tell businesses and friends about bitcoin, play bitcoin poker, order the magazine, and bomb hundreds of coins at SatoshiDice.

[Qoheleth]

I think #2 and #4 are done (encrypted wallets and bitcoin URIs, respectively) and #5 seems like it could be done with Namecoin integration.

[Eli]

Crashing bugs, any bug that might result in loss of bitcoins, and security fixes are always highest priority, but here are the big things I think are very high priority that, as far as I know, nobody is working on.  I think they all need to be done before we can say we have a "Bitcoin 1.0" :

• finish download-only-blockheaders client mode
• password-protect the wallet private keys (mitigate the steal wallet.dat problem: see https://gist.github.com/803170 )
• import a backed-up wallet
• figure out how to do click-to-pay
• design/implement a secure DNS-like "map string to bitcoin address" system  (so I can send bitcoins to "gavin@acm.org")
• export+encrypt part of your balance (for long-term storage; I still waffle on whether we want to encourage that right now)

Stumbled upon Gavin's post from over a year ago and wondered about the status of these points.  It looks like the pace of development is slow, but not being a programmer, I feel all I can do to help is tell businesses and friends about bitcoin, play bitcoin poker, order the magazine, and bomb hundreds of coins at SatoshiDice.

Figure out how to do click-to-pay - it's pretty easy, the bitcoin URI is pretty well defined by now, all you need to do is register the URI in the OS so that when it's accessed, the OS will know to forward it to the bitcoin client. This works well with bittorrent URIs, I don't see why it can't work the same way with Bitcoin.
The problem that I foresee is fraudulent bitcoin URIs. Consider the following:
You're surfing Amazon.com, and want to buy a book. You click on the "Pay with Bitcoin" button, but at some point a malicious factor in your system (or on the host site, Amazon.com for this example) replaces Amazon's tried and true Bitcoin address with it's own, trying to force you pay to the hacker instead to Amazon. Bad for Bitcoin, bad for the client, and bad for Amazon.
What is needed is a list of "Trusted" and "Registered" addresses that clients can look up and verify before sending out the payment.
I have a feeling that this is very related to the "DNS-like map string to bitcoin addresses" issue - it's one problem that compliments another, and it the click-to-pay requires you to have some kind of verified address that you can identify before making a payment.

[Qoheleth]

You're surfing Amazon.com, and want to buy a book. You click on the "Pay with Bitcoin" button, but at some point a malicious factor in your system (or on the host site, Amazon.com for this example) replaces Amazon's tried and true Bitcoin address with it's own, trying to force you pay to the hacker instead to Amazon. Bad for Bitcoin, bad for the client, and bad for Amazon.

I don't think this is a failure case against which technology can secure. If you're running malware on your computer, any ability to secure your Bitcoins is out the window. If Amazon, heaven forbid, has malware on their servers, that's the end for them. Even today, either of those situations would at the very least mean your credit card gets stolen.

I have a feeling that this is very related to the "DNS-like map string to bitcoin addresses" issue - it's one problem that compliments another, and it the click-to-pay requires you to have some kind of verified address that you can identify before making a payment.

How about address signing? If you're running an online storefront, you probably already have an SSL certificate from one of the big CAs. Use that key to prove control of the address, and the only checking that needs to be done is a glance at the blockchain to make sure that the keys match up.