TODO.txt

Todo:

v1.3 - Part 3.

+ BIP70 (Payment Requests) support.
+ put currency formatter in the backup
+ restore currency formatter from backup object
+ upload to mycelium backup
+ upload to iCloud
+ put account labels in backup object
+ restore account labels from backup object
+ add apub to request.
+ store various metadata in transactions (BIP70 memo, recipient, arbitrary label etc.).
+ put tx labels and receipts in backup object
+ restore tx labels and receipts from backup object
+ display memo / sender / recipient in tx details view.
+ edit tx recipient / sender
+ allow editing transaction memo
+ display transaction receipt full-size
+ add payment process object to handle BIP70 workflow in Send screen.
+ store and format fiat amounts for transactions.
+ delay backups until going to background; show alerts about backup error when possible.


v1.2 - fix and hardening of Keychain handling

Tests:
+ new wallet: catalog way tower dinosaur ostrich harvest another plastic dance champion bargain sing 
+ restore wallet
+ monthly reminder + backup verification flow
+ send: see how UI handles missing seed
+ receive: see how UI handles missing seed
+ cold storage: see how UI handles missing seed
+ settings: see how UI handles missing seed
+ check that restore actually restores the seed
+ check that cancelling restore shows correct alert
+ check plain prompt UI without TouchID
+ check TouchID prompt UI
- create new wallet with v1.1 so TouchID-protected keychain item is set
  - update with v1.2 and see how UI handles lockout.
  - update with v1.2recovery and see if item becomes accessible again.


+ make migration to TouchID manual with dialog "Do you want to update to Passcode/TouchID protection?"
  + if not backed up, warn about it and ask if they want to Cancel migration or Back up Now.
+ log keychain error messages to crashlytics (without secret data).
+ if the seed cannot be read anymore when we unlock the wallet, show a clear warning
+ show error messages to user when keychain access fails.
+ on receive screen, if not backed up, show alert every time screen opens: "Please Back up: OK, Later".
  + if asking to deposit > 0.1 BTC, show overlay "You must back up wallet before depositing XXX BTC. Back up now."
+ on import cold storage screen, if not backed up, warn and not allow import at all
≠ when creating a new wallet, store the copy of the seed outside the keychain in a file with no icloud backup, and data protection.
  ≠ when backed up for the first time, overwrite and erase that file.
-> this may open a can of worms and potentially leak the secret elsewhere on the file system or hard drive.
   It's much safer to warn the user many times about making the backups.


Part 1

A few bugfixes:
+ QR code overlapped by keyboard on Receive screen.
+ stability improvement when exchange rate is not available yet (error or missing).

Enhancements and new features:
+ invite friend to download the app via sharing screen.
+ TouchID / passcode protection for critical actions.
+ move cold storage import to Receive and/or Send screen for easier discovery.
+ show everything in one currency (e.g. USD), allow switching currency from anywhere on the screen.
+ multiple currencies / sources picker.
+ allow removing empty accounts.
+ share Bitcoin address via SMS/Email/Twitter/etc.


Part 2


## 1. BIP70 implementation

+ Payment Request
+ X.509 Signature verification
+ Payment/PaymentACK support


## 2. Storing labels within transactions

Metadata (all fields are optional):

* `memo` (string)
* `recipient` (string)
* `sender` (string)
* `payment_request` (binary PaymentRequest object per BIP70)
* `payment_ack` (binary PaymentACK object per BIP70)
* `fiat_amount` sent or received in fiat currency that was current when transaction created/arrived (string with dot as a decimal separator)
     (sent amount must be negative). Sent amount should not include the fee (so it'll be "-10.00" instead of "-10.03" if the fee is 0.03)
* `fiat_code` -  ISO 4217 currency code in  (string "USD", "EUR", "CNY", "GBP" etc)


## 3. Backup Format

JSON object encrypted and signed according to spec: https://github.com/oleganza/bitcoin-papers/blob/master/AutomaticEncryptedWalletBackups.md

**Top-level keys reference:**

* `version` is `"1"`. Should be changed when the format becomes incompatible with older versions, or should be handled differently.
* `network` is `"test"` or `"main"`. If the wallet app supports both testnet and mainnet wallets, separate backup payloads should be created.
* `accounts` is a dictionary of Account Objects keyed by BIP44 account index (from 0 to 2^31) as a string.
* `transactions` is a dictionary of Transaction Objects keyed by transaction ID (256-bit hash of transaction, byte-reversed and hex-encoded)
* `currency` is a dictionary of Currency Objects specifying currency preferences.
* unknown top-level keys must be preserved after restoring from backup and carried to future backups.

**Account Object keys reference:**

* `label` is a string containing user-specified account label
* unknown keys must be preserved after restoring from backup and carried to future backups.

**Transaction Object keys reference (all fields are optional):**

* `memo` is a free-form string describing transaction. When payment is made via BIP70 Payment Request, this is pre-filled with "memo" field from PR.
* `recipient` is a name of the recipient of transaction. Typically empty for received payments. Pre-filled with signer's name extracted from X.509 certificate in Payment Request.
* `sender` is a free-form string describing the sender. Reserved for future use when sender can be identified automatically or when app prepares an invoice with named sender.
* `payment_request` contains hex-encoded protobuf-encoded PaymentRequest (see BIP70).
* `payment_ack` contains hex-encoded protobuf-encoded PaymentACK (see BIP70). This is a payment receipt.
* `fiat_amount` is an ASCII string containing signed decimal number of the amount transferred in the fiat currency (selected at the time of transaction). No group separator must be used. Dot "." must be used as a decimal point. Amount is negative if payment is outgoing and must not include mining fees (so it'll be "-10.00" instead of "-10.03" if the fee is $0.03).
* `fiat_code` -  ISO 4217 currency code corresponding to the "fiat_amount" (string "USD", "EUR", "CNY", "GBP" etc)

**Currency Object keys:**

* `fiat_code` - ISO 4217 currency code
* `fiat_source` - exchange rate source (market or index name). E.g. "BitcoinAverage", "Winkdex", "Coinbase", "OKCoin" etc.
* `btc_unit` - which denomination to use for BTC amounts: "BTC", "mBTC", "uBTC", "satoshi".

Example:

    {
      "version": "1",
      "network": "main" or "test",
      "accounts": {
        /* key is a decimal string encoding index of BIP44 account (from 0 to 2^31) */
        "0":  {"label": "label for bip44 account 0"},
        "1":  {"label": "label for bip44 account 1"},
        "17": {"label": "label for bip44 account 17", /* unknown keys must be preserved */ },
      },
      "transactions": {
        /* txid is reversed transaction hash in hex, see BTCTransactionIDFromHash */
        /* transactions without any data do not need to be included at all*/
        "txid1":  {
            "memo": "Hotel in Lisbon",
            "recipient": "Expedia, Inc.",
            "payment_request": "1200849c11778f127d66...",
            "payment_ack": "478e8a0e260976a30b26...",
            "fiat_amount": "-265.10",
            "fiat_code": "EUR",
            /* unknown keys must be preserved */
        },
      },
      "currency": {
        "fiat_code": "USD", "EUR" etc,
        "fiat_source": "Coinbase",
        "btc_unit": "BTC" | "mBTC" | "uBTC" | "satoshi",
        /* unknown keys must be preserved */
      }
      /* unknown keys must be preserved */
    }


## 5. Backup Backend API

Backups will be uploaded overwriting the previous copy.

iOS wallet will upload backup to both public and private databases in CloudKit container indexed by *WalletID* (see the spec) and to Mycelium backend.

Mycelium backend provides two APIs: to upload and retrieve a wallet. Upload API contains a simple proof-of-work requirement proportional to the size of the backup.

**Upload**

    POST /wapi/wallet_backups/<WalletID in hex>
    HTTP body in JSON: {
       "backup": "4982bf9aea517af075423cea...",
       "pow1": "f7a546729..."
    }

**Download**

    GET /wapi/wallet_backups/<WalletID in hex>
    Response in JSON: {"backup": "4982bf9aea517af075423cea..."}


## 6. Proof-of-Work V1 Specification

```
H1 = SHA-256(SHA-256(Nonce || WalletID || BackupPayload))
H2 = SHA-256(SHA-256(H1 || WalletID || BackupPayload))
H3 = SHA-256(SHA-256(H2 || WalletID || BackupPayload))
...
H(n) = SHA-256(SHA-256(H(n-1) || WalletID || BackupPayload))
H(n) must be below fixed target value.
```

**WalletID** is a binary 16-byte Wallet ID according to Automatic Backup spec.

**BackupPayload** is a binary backup payload according to Automatic Backup spec.

**Nonce** is a 32-byte value that constitutes the proof of work.

**Rounds Count** is a number of rounds to hash the backup contents with a *Round Nonce*. To be defined (will be between 1K to 100K iterations).

**Round Nonce** is a 32-byte value used during each hashing round. First value equals *Nonce*. Successive values equal hashes from the previous round.

**Round** is a procedure of hashing data with *Round Nonce* as a prefix:

    H(i) = SHA-256(SHA-256(H(i-1) || WalletID || BackupPayload))

**Result** is a 64-bit big-endian unsigned integer extracted from the first 8 bytes of the final `H(RoundsCount)` hash value.

**Base Target** is a 64-bit fixed integer to require proof-of-work. To be defined.

**Target** is a 64-bit integer computed as `BaseTarget / Length(BackupPayload)`. Empty Backup Payload is rejected.

Proof-of-work is valid if *Nonce* applied to a given *WalletID* and *BackupPayload* yields a *Result* less than *Target*.

Future versions may change parameters or the algorithm. Wallets sending obsolete proof-of-work may have their backup rejected.



- Storing custom labels and historical prices in transactions.
- Adding labels for incoming transactions ("issuing invoices").
- BIP70 Payment Requests support. Storing receipts and labels per transaction.
- Auto-backup for all metadata (transaction labels, BIP70 receipts, historical prices, currency settings).





. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .






________________________________________________________________________________

Release Notes Beta 2:
— Fixed issues with exchange rate update (now updated on app activation and in Send/Receive screens)
— Improved labels for pending funds (Receiving/Sending without "...")
— Improved backup screen layout for iPhone 4S when keyboard is visible.
— Wording fix ("Master wallet seed" -> "master seed of your wallet'")
— "Main account" button is not displayed on balance view when there is only one account (easier on newcomers)
— Better line spacing between status labels.

Bugreports:

+ on initial launch exchange rate is not up to date yet.
  - when trying to request payment for 1 USD, fails to compute correctly.
  - now we update exchange rate on app activation and every time we open Send/Receive screen.
+ Why do we need "..." after "receiving X btc"
  - because it shows that the coins are currently being sent
    and it will take some amount of time before they confirm.
- swiping
  - will conflict with swipe-to-back gesture
+ 4s: backupscreen: The keyboard covers the line where words supposed to appear.
+ "master wallet seed" -> "wallet's master seed"
+ balance: do not show main account if only one account is there

- send: crash when entering USD value when exchange rate is 0 or never updated.


Future todo:


- bug: when both sending and receiving coins, does not show separate sending and receiving status correctly.
- sync: switch to another hostname on timeout.
- accounts: show sending/receiving status too
- move "use all funds" into account details and/or settings.
- update folder icon like in Health.app
- switching between various exchanges
- switching between various fiat currencies
- switching currencies by tapping the fiat amount on the balance screen
- support for legacy mycelium backup format to sweep funds from legacy backups
- labels for transactions (also on send and receive)
- automatic backup for all metadata (account labels, tx labels, currency preferences)
- Touch ID / passcode protection at the moment of payment
- custom password protection for the seed
- local trader support
- offline peer-to-peer transaction sharing (with MC, Bluetooth or local wifi, to investigate)



Notes from talk with Andreas:
- testnet is poorly-connected to show unconfirmed txs, but quick to mine them.
- parent outputs are fetched to check amounts
- support entering password on init, but not on export
- android also stores irrelevant parent outputs, but not used.
- simple keychain usage for now without custom pincode UI.


Done:

+ fix the accidental crash when adding an account with a name in Russian.
+ crash: when adding a mainnet account with name "ваня"
+ fix a bug during account discovery when empty accounts in the middle are not added.
+ bug: restore: discovered accounts #0, #1, #3 but did not create intermediate empty account #2.
+ mark wallet as "already backed up" when restored from backup, not only after backed up correctly.
+ change the balance view to only show the balance and buttons, no QR code or address.
+ balance: new layout to better show balance, buttons; less emphasis on QR code and address
+ okay for not having a QR code on the face, but big balance and two buttons.
+ txs:
+ show date bigger (and maybe denser) on the right
+ show amounts bigger on the left, aligned and padded
+ show currency switch on the top (BTC / USD)
+ show address and status smaller and less highlighted.
+ receive: remember last used currency and focus in the text field.
+ send: remember last used currency and enable it.
+ send: remember if scanned address last time to show scanner right away

+ show credits, legal and help screens in the settings.
+ settings: show credits and other info.

+ tx list: main tab does not change tx list when account is switched.
+ builder: randomize inputs and outputs when given a key or a specific random seed.
+ builder: try to sign tx to compute fees to avoid simulation when not needed.
+ tap QR code to reduce brightness
+ accounts: do not allow another empty account (or more than the scan window)
+ sync: preform automatic sync when app goes active (on active accounts only)
+ sync: preform automatic sync of the active accounts
+ sync: discover accounts by scanning first 20 addresses for each unknown account index within.
+ sync after adding an account.
+ sync after backup restore.
+ backup: when restoring allow entering a passphrase (to be compatible with Trezor)
+ handle bitcoin: URL when clicked in safari or elsewhere.
+ send: auto-jump to btc field after scanning QR
+ settings: spend from WIF private key (fetch all unspents and spend them to current account's change address).
+ show various errors when scanning QR codes

+ bug: when spending all funds, tx was not saved with -1 height and its parents were not properly fetched.
+ bug: stress-test when sync fails mid-way. Should display incomplete data without crashes and sync cleanly.

+ send: add address field and scan UI.
+ send: recognize bitcoin URI from QR code.
+ sync: save all parent outputs (for transaction details), mark our parents as ours in DB to avoid repeating checks.
+ send: compose transactions for sending.
+ sync: keep a reference to wallet.backend so if it changes from testnet to mainnet while in progress, it will connect to the same backend.
+ bug: not updating parent outputs correctly for just broadcasted transaction. Sync from scratch is correct, though.
+ transactions: show a list of transactions
+ transactions: details of a single transction
+ send: align amount inputs to the left, with extra line separators.
+ accounts: add account.
+ accounts: edit account label.
+ accounts: archive/unarchive accounts.
+ accounts: make account current.

+ receive: generate proper QR code for "bitcoin:..." url.
≠ receive: show tip to tap to dismiss. Simply tap the QR code to dismiss.

+ wallet: add API to fetch balance.
+ wallet: add API to fetch unspent outputs.

+ wallet: persist the currency converter.
+ settings: add backup option to allow user backup again.
+ accounts: show all accounts.
+ settings: switch btc formatting.
+ wallet: exchange rate API
+ balance: update exchange rate
+ balance: tap address to copy.
+ balance: show backup button only when amount > 0 and was never backed up.
+ backup: test restore from backup.
+ backup: complete export to backup screen with highlighting words and enabling next button.
+ wallet: btc formatter with btc/mbtc/bits and lowercase mode.
+ wallet: btc formatter placeholder values.
+ wallet: fiat formatter.
+ settings: switch to testnet and back.
+ settings: enable testnet by default from the start.