-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bitcoin backups page - feedback and possible improvements #1041
Comments
Thank you so much for distilling my discord ranting into this PR. I wasn't sure that proposing these as a github issue was appropriate without at least having a back and forth discussion with peers first. I finally found some time today and am so pleased this is what you've transformed my rambling into. I am in strong agreement about the need for lightning backup related information including SCB files that is an excellent addition. While I'm still somewhat onboarding and new to this project, I'd love to be the change I seek. I'm not sure it's appropriate for me to dive in and build the page I'd like to see as a first move, but I would like to help build things instead of being a critic. In the short term I'm going to follow your example and start making some issues and PR's on specific pages to gauge whether there is any appetite for these kinds of changes and start a discussion. |
If we cover backups we should be sure to cover VSS too (VSS provides full LN state backup and doesn't depend on peers to cooperate on recovery unlike SCB) |
Good idea to review this page. A few notes.
Regarding lightning, descriptors, etc, I think it's important to keep the purpose of this page in mind. As Daniel wrote, it's meant to be practical for a broad group of people. More like a general user guide. Some of the ideas brought up here might be better to add on other pages, like some of the ones I linked to above. |
Regarding the Bitcoin backups page in the design guide
From discussion and feedback in Discord, how can this page be update and improved?
Page purpose
This page is meant to help users of bitcoin products to learn about good backup practices, and show solutions that are PRACTICAL for a broad group of people. It is concerned equally with SELF INFLICTED LOSS and DELIBERATE THEFT.
It is not specifically about creating wallets from scratch (entropy generation etc).
The target audience includes:
It is not meant to be the ultimate authority on setups for life savings. But it would be good to link to good sources for that for those who seek more advance setups and details.
Feedback and critique
Distilled from Discord message:
I've tried to summarise my take on what we can do to address this below, with action points if applicable.
Improvements and additions
How can we improve the page in light of the feedback?
Backup information
It's fair to say the page mostly mentions recovery phrases over other information. This has a lot to do with that being the most common, sometimes only information that wallet apps share with their users. We can expand on what else might be needed, and what the downsides of only saving the recovery phrase is. Also investigate which wallets provide what, and perhaps update elsewhere in the guide what other information should be shared with users so that they CAN backup more information.
Actions
Encrypted Cloud and Paper backups
The inclusion of these should not be seen as the BEST advice, compared to more advanced alternatives. It is primarily meant to protect agains SELF INCLICTED LOSS, which anecdotally is the most common for beginners. The step up to Metal backups is in most cases too large for casual users to bother with. So some scheme with less requirements (monetary, time) is advisable.
The main question for the target audience (casual beginners, mobile devices, low holdings) of these schemes is:
Is it better to have no backup, or A backup saved either in encrypted cloud or on paper?
I believe the answer is yes, mostly because we know that people lose funds by having NO backups.
Nonetheless, since the page was written we have seen breaches of security both with Lastpass and One Password (via Okta) that have exposed saved information to malicious actors. The only commonly used option we don't yet know has been breached is iCloud Keychain. It is fair to say it is now LESS good advice to use encrypted cloud backups in general than before.
Whether the advice should be encrypted cloud or paper may depend on the situation the user is in at that moment (secluded home or out and about) and what encrypted cloud services they have available.
Actions
Multisig
This page is primarily about backups. Multisig is not a form of backup, although the various keys involved require backups.
This is not the place to teach people how to set up multisig wallets, but we could potentially mention it as an advanced option and what the backup of such a setup requires.
Actions
Backup drills
This would be a good and valuable addition. No backup is good unless the person (or persons) know how to use it.
Actions
Wallet setups are not 'best practice'
Whether BIP39 is the right approach for best practice security for wallet products and user needs is a wider issue than this page tackles. It's a worthy discussion, but let's keep that in a separate issue. The reality is that most consumer facing wallet products expose recovery phrases (and not much else) to people. This page mostly tries to handle what to do with that information.
Lightning wallet backups
This feedback was not specifically mentioned on Discord, but since the page was written before started covering lightning content it is also lacking any information on the complexities backing up the needed information we should address this.
Actions
Feedback on the above action points welcome.
The text was updated successfully, but these errors were encountered: