Full node protection?

can it be achieved to protect your full node desktop wallet by securing your wallet location by ip adress &gps so out of this location nobody can enter your wallet from other country or region​:man_shrugging: just brainstorming guys​:wink::grin:

No. Your wallet is not on your computer. You have on your computer an instance of the keys required to access your wallet.

In addition to @georgem1976’s point: GPS is never a good location security measure. It is determined on the potentially attacking device and that one can just pretend to be anywhere. There is no certification that you are really at that location.

Yes, very true. GPS won’t help at all unfortunately.

I am thinking along the lines of bank time locks instead, it should be easy to implement a settable timed delay in a wallet? For example, transfers of more than [x percent] of wallet content automatically is delayed [y hours] and during this period the transfer can be cancelled?

This would be a user settable security measure against attackers on hot wallet, obviously it wouldn’t stop anyone in possession of the 15-24 words who can restore wallet on another device.

Question is if this shall be implemented on-chain or in a wallet application?

If it is in a wallet application, it does not work in other wallet applications that the user might have connected to the same wallet.

And most attacks don’t look like they actually used the user’s computer to submit the transaction, but either got the seed or (perhaps more often) got the file with the stored keys and key-grabbed or brute-forced the spending password.

Perhaps, someone could implement a Plutus contract that does this delay with possibility to cancel thing on-chain. Would it be usable enough to get wide adoption? Don’t know.

(Sometimes, you need to transfer in a given time frame. For these, you would still need funds outside this lock, anyway. All very complicated.)

It has a reason that so many people recommend hardware wallets. Period.

I’m thinking wallet setting, maybe your right - i might have gotten the wrong impression but it does look like people get owned on computers by hackers?

A timed delay would just be in the software to give the person time to react, just like bank time locks this setting could be turned on or off - but of course one would still have to wait the set timeperiod before it is turned off once set.

Personally i would never be in such hurry that i would need large amounts of cardano in shorter time period than days and would love a feature like this.

Yes of course hardware wallets is the best option but not everyone will buy that no matter how many times its repeated.

That is very broad. I have seldomly seen an attack really analysed to the very details.

Wallet apps like Yoroi store the secrets (encrypted with the spending password) on the computer. I would guess that that is the main target of malware/hackers. That is still “owned on their computer”, but it is the same case as: “obviously it wouldn’t stop anyone in possession of the 15-24 words who can restore wallet on another device.”

Also, malware/hackers could screen grab the seed on wallet apps that require the input of the phrase quite often.

A delay in the app would only help if the malware/hacker uses this particular app to submit the transaction. But if they are powerful enough to remote control the app, they are in most cases also powerful enough to get the secret/restore the wallet at their place and do the transactions from there.

FWIW: A lot of the reports claim that the transactions were done, when all of their devices were turned off, which would indicate that the seed/secrets were stolen.

1 Like

I view it this way; there is little harm in adding the feature other than make the wallet slightly bigger on disk. There is too many people getting tricked out of their funds just because they are new to crypto and have yet to do their homework.

The problem seems to be big enough not to be viewed as a user issue, but a community issue. When potential new users read about thefts they may turn away.

1 Like

thank u guys wondeful to read your reply’s,lucky this forum has some people with brains😎

I think most of what you want could be implemented by a smart contract. It could require a yubikey or similar in order to transfer coins. Or a time delay or similar. It would require a web address so that you could speak to it. I have never written such code so I really don’t know.

The protection of your wallet depends only on the company whose services you use. I used to use vpn and thought that it was possible to protect my node in this way, but it turned out that I was wrong.