The Bitshares GUI wallet currently has 2 types of logins that operate 2 differnt wallet types. It is a cause of confusion and one source of constant password and login issues. I propose here that it is not necessary. Only a single wallet type is required. A user should never have to "switch" wallet types.
The Givens
The Cloud wallet derives private keys from the password.
The Local wallet gets private keys from an encrypted local file.
Either way you are loging in with your private-keys.
After obtaining the private key they operate in exactly the same way.
There's clearly no reason to seperate into two different wallet types after this point.
Unifying the Two Types
The only function a local wallet has that a cloud wallet doesn't is storing multiple accounts keys.
It is possible to unify the 2 types, while retaining all the vaious functions like multiple accounts, login from anywhere, backup files, etc while still maintaining the same levels of security we offer now.
Bringing the two types together is fairly simple in design, I don't know how difficult the actual code changes would be.
A user would be given a login window. Username and Password. The password can be either the private key for the account or the password from which the keys are derived(same as current cloud login).
Within any account you have what I'm calling a Key-Ring, or Key-File, or just simply a backup file. For a single account this is just a list of that accounts private keys. The Key-Ring can be downloaded(backup) and encrypted with a password of their choice. This isn't really necessary if you only have 1 account and have the password but the function is there anyway if someone has a use for it. Maybe for offline storage with simplified password, unencrypted or maybe a brain-key.
Loging in with the password or private key is the equivalent of the cloud-wallet-login. Access from anywhere.
For the local wallet I propose a simple button in the field for username that allows you to select a Key-File (key-ring , backup). The user then enters the encryption password for the key-file. The first set of keys found can work as the active account while the remaining keys can be easily switched to from a menu item(like we have now in local wallet).
A user would be able to add and remove accounts from their key-ring(backup) file whenever they want. As well as create and save any number of different key-files containing the accounts of their choosing.
Security
Currently the cloud wallet auto generates a password that is roughly equivalent in difficulty to brute-force as the private-key itself. No change is necessary here so a single account retains the same level of security as we have now.
The local wallet we have now is just an encrypted file containing the private keys for the various accounts. This is no different than the proposed Key-File(backup). The Key-File can be just as secure as an individual account depending on the strength of the encryption password used. The local file is also secured by the fact that it is not a public file on the internet and only the user should ideally have access to it. I want to point out that logging in with a key-file is not necessarily more secure than logging in with the generated password or private-key. As all accounts are subject to brute-force against the private keys. The file isn't necessary for this. The keys and generated passwords are long enough though, that this kind of attack should be impossible.
Switching accounts
The current Local Wallet enjoys the ability to hold multiple accounts and can switch between them easily without having to supply a new password. The proposed model would have exactly the same feature. Supplying the password for the Key-File gives access to all the keys for the multiple accounts within.
Do you see any problems with the above rough outline for a consolidated login/wallet ?
Please let me know in the comments.
I appreciate any feedback, suggestions, and criticism.
Thanks.
-Xel