commit 12a3571f5de4b3751973b3f50d149edb938a7018
parent d5b6f10842f2b378d5e5a7ee65801af8ef794e36
Author: Florian Dold <florian@dold.me>
Date: Fri, 6 Nov 2020 18:15:12 +0100
some ideas
Diffstat:
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/design-documents/009-backup.rst b/design-documents/009-backup.rst
@@ -62,6 +62,9 @@ Supported Operations
The abandoned wallet marks explicitly in its backup blob that it is abandoned.
Abandoning a wallet will set the backup state to "uninitialized".
* **backup**: Do a backup cycle.
+* **rekey**: Change to a new wallet root secret, in case the old one has been
+ compromised. Only protectes future funds of the wallet from being
+ compromised. Requires a new payment to all configured backup providers.
Backup Format
@@ -92,8 +95,8 @@ Open Questions
* What happens if the same Anastasis user has multiple wallets? Can Anastasis somehow
support multiple "instances" per application?
-Future Work
-===========
+Future Work / Ideas
+===================
* Incremental backups?
@@ -102,6 +105,14 @@ Future Work
be updated incrementally once the journal is full.
* Leaks more information and is more complex.
-* Real-time synchronization, either over some signaling server
+* Mult-device synchronization, with synchronous communication either over some signaling server
or P2P connectivity (WebRTC, etc.)
+ * Destroys the "wallet" metaphor, now the wallet is more like an account.
+ * We should first agree on the requirements from the perspective of end users
+ * P2P payments in Taler might also make sync less important
+ * Maybe only parts of the state (purchases / contracts, but not coins) should be synchronized?
+ * WhatsApp web model: The wallet runs only on one devices, but other devices
+ can connect to it as clients. (Allows my browser wallet to temporarily access
+ money from my phone wallet and vice versa.)
+
