Main

Secure Design

Known for the everywhere.computer (/ec), /unglish (unglish.co.uk), the /secure-design WG, WalletUncon, Causal Islands + drumming in all-genre power trios.

@depatchedmode what's that one secure UX flow chart you've shared where it is a spectrum of friction severity levels based on things like whether the action can be taken back easily?

Haven't organized a call recently due to personal obligations. Focusing on writing for the summer.

Excited to introduce Friction Observer as the vehicle for that writing! And happy to consider additional contributors:
https://friction.observer/points-of-friction

Will boot up again in the fall.

next week on web3galaxybrain.com:
@july from @faust

creating and destroying; built flying cars & autonomous vehicles, now building /faust, more here: /july, web: july.rocks

Capture verifiably real moments in the age of AI

Farcaster

Hey all - just wanted to share some of my concerns about the public nature of our casts/behavior on FC.

Hoping for an open dialogue on where we think this is headed, and in the long run, how to provide privacy protections from a user content perspective.

https://paragraph.xyz/@barrycollier/farcaster-content-graph

More on /secure-design 

cc: @depatchedmode 😏

This is a particularly misguided addition of a security prompt by Apple. The user already explicitly indicated their intent to paste using the system-provided paste UI. If that’s part of client code, that’s a small mistake to fix: must be system level, then bake the auth into it.

Ethereum

"One bad signature will be able to drain your account on Ethereum after EIP-3074."

Yes; this is true. 3074 coauthor here! Let me put this concern to rest a bit before it gets more out of hand.

This is a phenomenal breakdown of 3074, and what kind of support it needs from wallets.

Hosting some conversations on wallet UX tomorrow from 9:30am to noon at Denver central Market.

EOA -> Contract Account Migration UX
Account Recovery Specs/Standards

Hosting some conversations on wallet UX tomorrow from 9:30am to noon at Denver central Market.

EOA -> Contract Account Migration UX
Account Recovery Specs/Standards

https://hackmd.io/x5nuU1x2QLCn1o2OVbiqQw

https://github.com/web3privacy/web3privacy/blob/main/README.md#sunset-projects-archive