Toms Blog

Where I talk about Bitcoin and Technology

Everything you know about (Bitcoin) wallets is wrong

2018-04-13 bitcoin cash

In Bitcoin Cash the level of innovation is amazing, and we have several wallets that used to be for Bitcoin Core that have now been made compatible with Bitcoin Cash.

The problem is that new wallets coming to market are essentially doing the same as the old wallets, with very minor changes. And here is the thing, all current wallets are doing it wrong.

The first wallet that existed was the one that Satoshi put in the full node software. It had a mode of operation that made sense because it was part of the fully validating node. Since then most SPV wallets have followed but they have barely changed the ideas and mode of operation. The user experience is essentially still the same as the original Satoshi one.

Which is to say, it sucks.

Address based

The main issue is that for all wallets the usage is through addresses. Send money to your phone wallet by sending some funds to an address generated on the phone. For instance though a QR code.

Being address based has a side-effect, it means that a user will expect the wallet to understand if I send multiple payments to that address. Over days or weeks. The expectation is that the wallet should see all of them and make them spendable.

These are assumptions that make no sense when you look closer. First of all, the wallet now will need to connect to the Bitcoin network and listen for incoming transactions. Not just until it received exactly one, no, for the entire lifetime of the wallet. This is a serious limitation because for every address I accept funds on (a new one per transaction) I need to tell the network I want to see transactions for those addresses. This incidentally has been labelled as a privacy concern. And there is merit to this concern.

There are no full hardware-wallets

What is a full hardware wallet you ask? It is a device that allows you to do payments in stores or in person without owner needing any other (typically internet connected) hardware.

OK, let me explain what I mean.

In the case of most hardware wallets they are just small devices that really don’t do much more than allow you to press ‘OK’ when it gets a request from your phone or laptop. The real wallet lives on the phone or the laptop. The hardware token just does one small function and calling it a wallet is a real stretch of the truth.

A full hardware wallet is a device that actually stores the full state of your funds and it is capable of paying without you needing any second device. This is actually simpler than you think, as all your wallet is, is a series of “coins”.

To be clear, the other party, or the merchant you are paying to needs his own hardware. That hardware will typically be connected to the internet.

Which leads me to the next issue;

When a payment is sent between two consenting parties, at most 1 is required to be internet connected

Bitcoin is in actual fact not centralised and this means that when I create a transaction to pay someone that payment is a small file that the receiving end doesn’t require any 3rd party to validate. They can validate it themselves.

In fact, 90% of the validation of a payment can be done while both parties are off-line. The other 10% is where you need internet to avoid a double-spend. Merchants want to connect to the internet to exclude that possibility.

What most wallets today do is that when two people are a meter apart from each other, instead of the payer handing the transaction (a small file) to the payee, they send it to some random host on the internet.
Then the payee waits for another random internet host to send him that transaction back.

Hands up if you think this is the best solution.

No hands? I thought so.

The downsides of this approach are many, the most obvious one being that if I were to go abroad (out of phone-service) I can’t pay the person that is standing right in front of me.

For the merchant it would also be much easier to protect himself against double-spends if they were the first one to see the transaction and the merchant then sends it to the internet.

Simple way forward

A wallet that doesn’t require the internet.

A wallet that is much easier to use (mostly because it lacks all those expert mis-features)

A wallet that is cheaper and doesn’t require a phone or laptop.

Such a wallet will use a payment-protocol much like BIP70 (with small modifications) in that it will not show some bitcoin-address. Users never see an address. Just some text and maybe a signature proving who it is that wants to get paid.

The advantage here is that addresses are made very clear to be of one-time use. You won’t even see it!

A wallet is no longer obligated to expect someone in the future to reuse it.

As part of the protocol the actual, fully signed transaction is send from the payer to the payee. This actually already is part of the protocol so should be a rather trivial change.

What I expect to happen then is that the merchant is the one that validates the transaction for things like low-fee and if the actual amounts are proper etc. Then when its OK, the merchant sends it to the internet. This makes sense since they are the most interested in getting it mined and as such they will appreciate a lot of power over how it is send. For instance they combine it with a child-pays-for-parent tx if they fee is too low. And they can send it directly to as many hosts on the internet as possible.

This also means that a shopper in a foreign country never needs to connect to the internet to pay the money they already have on their device.

A wallet can operate completely without ever seeing an internet connection. The only changes you make to get there are the above two points. 1) Payments to the wallet are always requested. 2) All in and out payments happen by sending the actual transaction.

When you fulfil those two points it suddenly becomes easy to make full hardware wallets that have no need for any second device to do normal payments. You just need a bigger wallet on your laptop or in-store payment-terminal to top it up every now and then.

This might work over a QR code, but you likely want to move to NFC or another bi-directional protocol.