Skip to content

Commit

Permalink
Merge pull request #1 from nagydani/patch-2
Browse files Browse the repository at this point in the history
[EIP] Security Warning
  • Loading branch information
ligi authored May 16, 2018
2 parents 0e8b5b4 + 3603fa2 commit 9ea398f
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions EIPS/eip-1001.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ Where all of the key + value pairs are optional, allowing for maximum flexibilit
`name` (optional) is a name ofthe private key - e.g. "paper wallet"
`type` (optional) is the type of key (STRING) - Defaults to ECDSA

### Security Warning

Since private keys are highly sensitive information, it is considerably safer if input (via QR code, keyboard etc.) is handled directly by the target application, rather than going through some IPC mechanism (e.g. the Intent mechanism in Android OS), trusting third-party applications (such as a QR code reader) with the private key. Thus, it is **recommended** to display a security warning, whenever the application receives a private key through IPC messaging, warning the user about the risks associated with using a third-party application to input private keys.

## Compatibility and Versioning
Future upgrades that are partially or fully incompatible with this proposal must use a prefix other than `private_key-` that is separated by a dash (`-`) character from whatever follows it, as specified by ERC #831.

Expand Down

0 comments on commit 9ea398f

Please sign in to comment.