We’ve been talking about this for a long time, and now we are finally opening a new Idea to do it.
For security and privacy reasons, we want to decouple the whisper key from the wallet key, so that users don’t expose their Ethereum address while chatting in one-to-one and public chats.
It’s still a work in progress PR but I would like to open a discussion here so that everyone can join and give their ideas and opinions.
Things to think about:
1 - A new key can be derived from the HD wallet to be used for the whisper identity. For the wallet we are using the
BIP44 derivation path of the first accoun/wallet (
m/44'/60'/0'/0/0). Which derivation path should we use for the whisper identity?
2 - I would propose to extend the current key store to have a new field for this key, is there any risk in doing that? (we already added a new key on that, the one derived at
m/44'/60'/0'/0/1. it was initially added as a parent to derive sub-accounts, but it’s never been used. code: https://github.com/status-im/status-go/blob/develop/vendor/github.com/ethereum/go-ethereum/accounts/keystore/key.go#L51, and https://github.com/status-im/status-go/blob/develop/vendor/github.com/ethereum/go-ethereum/accounts/keystore/key.go#L153)
3 - compatibility
3a- after the upgrade, the wallet address will be the same. The contact/chat address will be different, so users will need to exchange again the contacts to be able to interact.
3b - We will need a change in the protocol so that user A can request the address to user B before sending a transaction.
3c - Client A is using the old/current app, and client B is using the new version; A can send a transaction via chat to B, but that would be sent to the address derived from B’s contact code (whisper public key).B won’t see the transaction in its wallet, since with the upgrade it’s a different key.
I hope a lot of people can join and help. There will be a lot of work in all the fields, security,
status-react, UX/UI, design, etc…