I like the idea, let me know how I can help! Thanks!
I like this idea too.
Approved by the Community” Monero wallets are something like these ?
I think they’re the ones getting listed at
This is exactly the sort of thing I think that would help with community engagement and great coming from core team member @Yeastplume - well done!
So for an overall approach, I suggest we proceed something like:
- Collect feedback (in this thread and the wallet-dev channel) as to what the criteria should be
- @joltz and I will collate and present a draft set for review
- Create a short, sharp RFC so the criteria is properly recorded
- We start working with interested wallet authors to get their efforts approved and ready for endorsement
Just a caveat that this is isn’t all going to be done at once and will take some elapsed time to roll out (particularly given the amount of other work going on,) but hopefully this initiative becomes a long-running thread that will continually improve the state of our community wallets.
I know we’ve discussed this before, but bitcoin also takes this approach. https://bitcoin.org/en/choose-your-wallet?step=5
FWIW: bitcoin.org is a privately held website, in no way related to the current Bitcoin Core development team…
True, but it’s still the unofficial “official” bitcoin website, in the same way that grin.mw is Grin’s.
Or it could rather be more like bitcoincore.org.
Usability is everything. I m supporting this idea.
It is open-sourced and has many contributions from bitcoin-core and blockstream employees among many others. Other than people’s beefs with cobra, calling it a privately held website is a bit of a stretch. It is not bitcoin.com…
Regardless, their wallet choosing tool is very cool.
Yeh, prolly more elaborate than Grin could hope for right now but great concept…
Great idear @Yeastplume . We do not need a perfect solution including security audit right now. Just some community endorsement and extra eyes on the code would mean new user will feel a lot safer using these wallet softwares. This proposal and community endoresement is also great for the unity of the Grin community. And no worry, I think most of understand the decission and need for the core team to focus on… wel the core, as the name suggests .
Wallet Listing on grin.mw
It can be beneficial to list available wallets for users on the primary website for Grin, especially considering that there is not a GUI wallet in the mimblewimble github organization and that most users will want to use a GUI wallet.
There are two primary possible identified paths to support this, each with their own tradeoffs for the community.
Option 1: Approval curated by core and security teams
The core and security teams can review and curate each wallet listed on grin.mw by manually reviewing to ensure they adhere to all RFCs and building confidence in the wallet developers ability to responsibly handle vulnerability disclosures.
- Low chance of a malicious wallet being listed
- Guarantee that all listed wallets are compatible
- Ability to more seamlessly deploy security fixes across wallets
- Approval is subjective without an exact checklist of steps that can be followed to ensure the core and security teams have a high degree of confidence (which may not be possible to produce in a comprehensive way)
- “Gatekeepers” become responsible for determining whether a wallet will be listed (and by extension used) in the Grin ecosystem
- There is still no guarantee of eliminating the possibility of malicious wallet activity
Option 2: (Almost) any wallet can be submitted and ranked before listing
Any wallet developer can submit their app to be rated by the core and security teams according to the same metrics used by bitcoin.org. Once rated the wallet will be listed. Wallets are removed by verifiable cases of (willful or not) malicious wallet activity. Wallets that do not verifiably follow accepted RFCs are not rated or considered for listing.
- Less centralized, more open listing method
- Helps users find the right wallet for the right use
- No “gatekeepers” subjectively determining which wallets can be listed
- Though there are still “gatekeepers” doing the ratings
- With a low barrier of entry some users could lose funds to a malicious wallet before it is detected and removed from the list
- Users may not be able to trust any of the wallets listed if there is a mix of “trustworthy” wallets with those that aren’t
Option 2 seems like a decent compromise of openness and quality. However there is a much higher chance of fund loss due to a malicious wallet being listed in option 2. Option 1 doesn’t guarantee a wallet won’t be malicious in the future either so we do want to avoid giving a false sense of trust or security. Maybe there is a mix of these that will produce the best result. It is important that whichever direction is chosen, users are aware of the risk of malicious wallet activity.
Just wanted to share these thoughts ahead of the next governance meeting https://github.com/mimblewimble/grin-pm/issues/290
Option 2 looks better ‘if’ long term wallets are being separated from new admissions. This opens the door for everyone to submit their own wallet. This will lower the bar for new developers to participate in the grin project and it also makes it more divers. I believe this is good as it stimulates to contribute, innovate and also important it blocks a lot of potential fud of people being butt hurt when they can’t submit their wallet.
At the end of the day I firmly believe that every regular person picks a well known wallet like Grin++ or Ironbelly above some new unknown wallet. For the obvious reason.
As I also posted here:
I think it is best to go for option 2, however, give special status to wallets that are endorsed by the Grin core team, passed security audit (Grin++) community endorsed (Grin++, Nifler, IronBelly?).
So simply provide anyone who visits the main website with all the information we as community have on Grin wallets so they can make an educated decission themselves. I agree with @bluimes that it is good to list all wallets to not block innovation or alternative wallet solutions even though most people will go for secure wallets that are endorsed.
(In reference to joltz’s comment)
I would suggest a different sort of compromise between the two.
List wallets that have proven themselves over time; Wallets that gained considerable community traction and trust. The ‘community’ includes both vocal users and actual developers. It’s not measurable, but nothing in this domain really is.
The result is that no new wallets are listed, but the core team doesn’t have the sole responsibility to identify bad actors.
Regarding the concern of perhaps a new, innovative wallet not being featured, I’d make the claim that giving it a period of skepticism and careful trust through the opportunity of acquiring a more ‘sophisticated’ user base organically (aka through community communication channels), would be a very reasonable requirement, as part of the effort in protecting new users stumbling upon Grin for their very first time.
Hello everyone! tell me how with Bibox to withdraw Grin to the wallet Grin ++ v1.0.1 What to write in the fields and what is the address of the brothers from the wallet?[https://www.dropbox.com/s/zh8zl509b5dwxd6/%D0%A1%D0%BA%D1%80%D0%B8%D0%BD%D1%88%D0%BE%D1%82%202020-05-20%2015.05.40.png?dl=0](https://www.dropbox.com/s/zh8zl509b5dwxd6/Скриншот%202020-05-20%2015.05.40.png?dl=0)
There is a Telegram Group for Grin++ Support: https://t.me/GrinPP
As far as I can tell, if supporting all RFCs is mandatory then there is only one wallet with an official release that does this (Grin++). Niffler may be close, but at the least TOR is only available on the pre-release version.