Hallo liebe Community,
seit der neuen BitBoxApp „BitBox 12.2023 Sustli“ Version 4.40 gibt es das neue Feature „Remember wallet“.
In der BitBoxApp steht folgende Beschreibung:
Enabling “Remember wallet” lets you see the accounts for this wallet in the BitBoxApp even when the BitBox02 is not plugged in. This allows you to check your balance and portfolio whenever you want. The BitBox02 still needs to be plugged in and unlocked to send or receive coins. Disabling “Remember wallet” requires you to plug in the respective BitBox02 (or passphrase wallet) to see those accounts in the BitBoxApp.
Im Blog von BitBox 12.2023 Sustli update steht folgendes:
The newest version of the BitBoxApp can now remember your wallet and display your balances without plugging in your BitBox. This makes keeping track of your wallet easy and allows you to check whether transactions have arrived, even if you don’t have your BitBox02 with you.
Of course, your funds are always protected by the BitBox02. You still need the BitBox02 to sign a transaction and create a receive address. The BitBoxApp never learns your private keys and can only „watch“ the wallet.
Please note that for now, access to the BitBoxApp on desktop computers is not password protected. If you share your computer account with other people, they might be able to see your wallet balance and transaction. This is why the „Remember wallet“ feature is purely opt-in and off by default.
Dazu habe ich folgende Fragen:
- Was passiert im Hintergrund?
- Wird der xpub in der BitBoxApp zwischen gespeichert?
- Wo ist das Feature im Source Code implementiert?
- Ich konnte es im github-Repository (GitHub - digitalbitbox/bitbox-wallet-app: The BitBoxApp for desktop and mobile.) nicht finden.
- Welche Sicherheitsrisiken können durch dieses Feature entstehen?
Ich danke euch bereits jetzt für die Antworten.
Grüße
Hieronymus