Replying to Avatar nick

One that has been on my mind lately is verifying addresses on a hardware wallet when receiving funds.

It's rather ugly (big string of characters), so we chunk the address up and highlight some chunks at random.

It's also unintuitive, best practice is not to simply check that the address you're giving out from your software wallet matches the address derived on your hardware wallet. Since it could be intercepted and replaced during transmission (this is where most attacks are, clipboard malware).

Rather, you want to check that the **sender** sees the same address as displayed on your hardware wallet. Making the workflow and describing this is rather tricky, it all depends on who you're receiving from - is it an in-person transaction (compare visually)? is it over DMs (ask can you see the address chunks)? Is it a withdrawal from an exchange (compare against confirmation email, if provided)?
Avatar
elsat 8mo ago

How many user testing iterations have y’all done?

Reply to this note

Please Login to reply.

Discussion

Avatar
nick 8mo ago

Not so much, though we've received a lot of feedback during our demos. It's easy to notice when someone is confused, often means we need to redesign something!

We've had so much to work with based on our own experiences as bitcoin users, but we're almost getting to the point where we have exhausted+resolved our personal painpoints. Much more user testing coming soon!