• 12月23日 星期一

Neutrino追问AMA第7期|imToken商务总监:新版本将可访问任何DAPP

Neutrino追问AMA第7期|imToken商务总监:新版本将可访问任何DAPP

imToken 商务总监 Philipp Seifert

在第7期Neutrino追问®AMA交流中,我们邀请到了imToken商务总监 Philipp ,就《数字钱包的边界在哪里》主题展开有趣的探讨。在交流中,他透露imToken目前正在集成可以通过蓝牙安全使用的硬件钱包,另外后面会开放Dapp浏览器,让任何链的Dapp都能在imToken里面访问。


以下为12月20日第7期追问®AMA交流整理


话题主持@Neutrino Q1:There are various crypto wallets in the market, for example, cold wallet/ hot wallet, full node wallet/ light node wallet, centralized wallet/ decentralized wallet, etc. What’re the differences between them and also the benefits and drawbacks? How to choose a crypto wallet? what should the wallet users pay attention to?’

Philipp Seifert :People perceive wallets as applications that store their tokens. But where are tokens stored?

Ultimately tokens are stored on the blockchain, such as the Bitcoin blockchain or Ethereum. What the ‘wallet’ really provides is access to those tokens.

One example: If I lose my wallet and password, somebody else has access to those tokens. If I only lose my wallet, and still have my backup with password, I still own access to my tokens.

Now, to the actual question: What are the differences in those ways to access my tokens?Short answer: The way your Private Key is stored. With or without the Private Key you gain and lose access to your tokens.

The two major differences between wallets are:

1) Wallets that store the Private Key for you (such as exchange apps), and

2) wallets that access your Private Keys stored on your own device (such as imToken).

Think about the Private Key as the key to your tokens. If you lose the key, you won’t be able to access your tokens anymore. If you give this key to somebody else (like an crypto exchange) is up to you, but I would rather trust my own devices.

The second difference is in the way the wallet sends and receives information to the blockchain:

A so-called ‘full-node’ stores all the information available on a blockchain, whereas a light-node saves data by reducing that amount of information being stored. As of now, most wallets are either connecting to a full-node, not on the user’s device but on a remote server.

话题主持@Neutrino Q2: The medium KOL indicated that all the crypto wallets and exchanges have security issues, for example, the stories about DEXs hacked. Moreover, the recent published 《Crypto Wallets APP Security Status White Paper》 noted there are numerous security issues as well, especially the Private Key Storage. What’s your opinion about it? Is it also a hurdle for imToken? If it’s not, what’s your prevention mechanism?

Philipp Seifert :In case your Private Key is stored on your own device, you can take security in your own hand: I suggest setting strong passwords and always updating your system. Even better using a cold wallet or hardware wallet for you biggest amounts of tokens.

It’s harder to control security if the Private Key is stored on an exchange or with another third party. The only thing you can then do is setting a strong password.

Technically speaking, the most prominent way to store a Private Key on mobile phones is in a secure environment. imToken also accesses your Private Key in that way.

Cold wallets and hardware wallets involve more effort but are generally regarded as more secure. Let me explain:

Cold wallets are wallets that are not connected to the internet and therefore ‘cold’. Not being connected to the internet means that a hacker also won’t be able to connect and steal a Private Key from the offline device.

A cold wallet is very easy to set up: You can simply install imToken 2.0 on your old Android or iPhone and make sure that it is never connected to the internet.

Hardware wallets store the Private Keys on a hardware chip which are designed to make access almost impossible. At imToken we are currently working on integrating hardware wallets that you can use securely via Bluetooth.

话题主持@Neutrino Q3: It is known that crypto wallet will be a crucial portal for connecting to Blockchain. Meanwhile, imToken announced open source on Oct 24th, the China Programmer Day. So what’s the intention and strategic significance for this decision? Create barriers to competitors? ( Chrome dominates market share after the open source announcement)

Philipp Seifert :With going open source we can build trust and confidence in our solution.

Every person in the world can now go on Github and do two things:Verify the code that runs imToken themselves.And collaborate on our project.

That seems very obvious, but as you said, Open Source is how the really powerful projects are profiting from the community: Linux, Ubuntu, Firefox and of course Bitcoin.

话题主持@Neutrino Q4: imToken 2.0 updated lots of features and functions, for example, support multi - chain assets ( ETH, BTC, EOS ), built - in DEX, Browser DApp, etc. How do you make the balance between security and usability? Generally speaking, the more complex the product features, the greater probability of bugs.

Philipp Seifert :Going open source is a big part of building trust in our security. Everybody can see the code and verify that your tokens are safe with it.

Similar to any prominent financial app (like Alipay), we run a strict Quality and Security process.

You don’t even need to believe me: Just find a bug in our code and we give you up to 12ETH for reporting! On top of that, we have what I think is top talent in security and partners such as Slow Mist (慢雾).

话题主持@Neutrino Q5: We noticed that imToken has integrated lots of 3rd party DApp, what’re the requirements for DApps to integrate to imToken? We noticed “imToken Term of Sercices” states that “Users shall, at their sole discretion, decide whether there would be any risks to accept the services provided by or to conduct transactions on the third-party-developed DApps.”Is it can be understood as imToken will not be responsible for the account stolen or realvation with using 3rd-party-developed DApps . It is hard for users to accept the terms since you provide the 3rd-party services on imToken.

Philipp Seifert :Good question. The terms of services simply reflect reality: We are able to control the integrated DApps as much as Google Chrome is able to tell Baidu.com what to do.

Still, we are personally in contact with almost every single DApp in our DApp browser. Mostly I am. And if you find any problem, we are usually quick with fixing it together with our partners.

If you want to become one of them, you can contact us via our website and we help you to meet the requirements: Security, Functionality, Design.

Recently we also opened our DApp browser, which let’s you access any DApp on EOS and Ethereum out of your wallet. And in a few days we will have another big update coming to our DApp browser, you will see!

话题主持@Neutrino Q6: Could you introduce the features of Compound and IEX, the new products released on imToken recently? What’re the determinants of their interest rates and exchange rates respectively? How to arbitrage with these tools?

Philipp Seifert :IEX is our decentralized exchange tool. You can use it to trade tokens without having to send them to an exchange. Simply one click in your wallet, and the tokens arrive in your wallet. The tool is based on Kyber Network, and decentralized exchange with transparent pricing on the Ethereum blockchain.

Do you have tokens? Well, you can get interest on those using Compound.Compound is a recently released financial DApp which lets you lend and borrow tokens in a money market. That means you can put your tokens on Compound and earn interest.

You can not only lend but also borrow tokens: If you want a specific token (e.g. DAI), you can give ETH into the market and receive DAI, paying an annual market interest rate.

Both of those interest rates change constantly. The rates depend on liquidity available in the market:If many people supply e.g. DAI tokens and few people borrow DAI, the lending interest rate of DAI becomes low.

In reverse, if less people lend and more people borrow, the interest on your supplied tokens increases. This way the interest rates change constantly.

Now that we showed how the interest rates on Compound change constantly, you can borrow DAI on the MakerDAO CDP Portal to a fixed rate of 2.5% annually, and supply them into Compound earning the current market rate.

话题主持@Neutrino Q7: Crypto wallet is rigid demand for token investors, so it reaches large amount of customers and tokens. However, many crypto wallet companies are still exploring their business models (Online Ads (Banners), transaction fee, DApp integration, Financial Products (Yu’ebao), etc.) What’s your opnion to this? What's the plan related to this for imToken?

Philipp Seifert :Mostly fee sharing with existing financial applications, in an transparent way. I personally don’t think that advertisement would be sustainable, and people that use our application don’t like to be the product themselves but more empowered to experience what blockchain is able to give them: Financial opportunity and freedom.

话题主持@Neutrino Q8: Since imToken2.0 launched, it is more than a crypto wallet. We are looking forward to more features and functions releasing in the future. What’s the roadmap for imToken? Can you tell us some information about the upcoming new features and functions? Also, what’s the brand image imToken wants to deliver to customers?

Philipp Seifert :There is going to be great news in the coming months. One is focusing on security: Namely integrating with hardware wallet producers that focus on mobile application. Second, strengthen our decentralized exchange and financial applications.

My personal favorite is probably the upcoming update of our DApp browser, including open access to any DApps, categories and more DApps. I promise you will see it very very soon ;)

I think, with DApps such as Compound and our updated imToken 2.0, we showed that we follow the market very closely and bring our user all the new innovations from the blockchain space.

Neutrino社群成员 Sherry 提问: when can we download imTokenfrom App Store in China?

Philipp Seifert :Short answer, you will always find the verified source on our website https://token.im/

Neutrino社群成员 Jiang LJ 提问: imtoken2.0 is characterized by a set of mnemonics to manage assets on multiple chains, which provides users with convenience, but there is also the possibility that multiple asset accounts may belost or stolen. What do you think of this?”

Philipp Seifert :I think I partly answered this question before. I myselfthink, there is different ways of key management (how is the private key stored). There is a scalefrom having all control as a user (in imToken) to having no control over my tokens (e.g. exchanges). We provide the full control. But of course that comeswith responsibility.Other than that weare of course exploring more ways such as hardware wallets.

Neutrino社群成员 东海冲浪手(币乎菜菜) 提问: Can you expalin MakerDAO CDP to us, which has been intergreated to imToken recently? Can user deposit collaterals (eg. ETH) to imToken to borrow Dai from CDP? Is Dai like US dollar?”

Philipp Seifert :DAI is a cryptocurrency coupled to the US Dollar value.You can buy it on exchanges. There are several of them in imToken.The way DAI iscreated is via a set of smart contracts called ‘CDP’. In short, you are right: You deposit an amount in ETH and get backan amount in DAI.

Neutrino社群成员 刘鹿鸣 提问: Hi Philipp, I’m using imToken a lot, and I wonder ifyou guys will release any financial products just like Yu’ebao (under Alipay)?”

Philipp Seifert :We are working on integrating the latest Ethereum and EOSapplications. If there are new, promising onesthat fit our requirements, we integrate them.If you know some let me know. In short, we are alwayslooking for something like that.

Neutrino社群成员 AnneJiang @Maker 提问:imToken2.0 version, when the token is transferred, there will be an address book, which is to help the user to establish a common transfer account address, so that you can directly select one of the transfer addresses you need from the address book to transfer the transaction. I have a bold The idea, if I want to forward the same amount of tokens to dozens of different addresses, can I choose multiple transfer addresses at once, and only need to trade once, can I send dozens of transactions?

Philipp Seifert :Right now, you can’t. But it seems like a nice idea that didn’t came up (with me). I will forward to our handsome product lead Ashu :) And how knows, maybe it will be a feature soon !

Neutrino社群成员 Joey 提问:@Philipp S @imToken https://github.com/IMToken20/TokenCore When is the release date?

Philipp Seifert :@joey https://github.com/consenlabs/token-core-ios;https://github.com/consenlabs/token-core-android

----以下为本期追问 AMA翻译内容----


话题主持@Neutrino 问题1:据了解,我们经常听到有不同类型的数字钱包名词,诸如冷钱包/热钱包、全节点钱包/轻节点钱包、中心化钱包/去中心化钱包等等,它们之间有什么差别或优缺点?作为普通用户,应该如何选择数字钱包?以及在使用过程中应注意什么?

Philipp Seifert :人们认为钱包是存储通证的应用。但是这些通证到底存储在哪呢?最终,通证是存储在区块链上,例如比特币或者是以太坊。钱包真正提供的是能访问这些通证。

举个例子:如果我的钱包和密码丢了,其他人可以得到我的通证。如果我只是钱包丢了,还有密码备份,我仍然有权拿到我的通证。

现在,一个很实际的问题:获取通证的方式都哪些不同?简单的说:取决于你私钥存储的方式。是否拥有私钥,意味着你获得和失去通证的访问权限。

钱包之间的两个主要不同点是:

1)帮你存储私钥的钱包(如交易所应用);

2)私钥存储在自己设备上的钱包(如imToken);

考虑到私钥是你的通证的钥匙。如果你私钥丢了,你将再也找不回你的通证。你也可以把私钥交给其他保管(如去中心化交易所),但是宁愿相信我自己。

第二个区别是钱包在区块链上发送和接收信息的方式:

所谓的“全节点” 钱包存储着区块链上可获得的所有信息,而轻节点钱包减少所存储的信息量,保存自身相关数据。到目前为止,大多数钱包要么连接在一个完整的节点上,要么连接在远程服务器的用户的设备上。

话题主持@Neutrino 问题2:市面上很多数字钱包都打着安全可靠保护隐私的旗号,但在Medium上有KOL说所有的钱包和交易所都存在安全性问题,例如有很多交易所被黑的故事,另外在最近发布的《加密数字钱包APP信息安全现状白皮书》中,也提到加密数字钱包APP仍然存在大量安全问题,特别是私钥保护方面,实现安全性存在严重不足。对此你有什么看法呢?imToken是否也存在这方面的问题?以及你们有什么防范机制?

Philipp Seifert :如果您的私钥存储在您自己的设备上,那么您可以自己掌握安全性:我建议设置安全系数高的密码,并经常更新系统。甚至最好使用冷钱包或硬件钱包,如果您拥有大量的通证。

如果私钥被存储在交易所或由第三方保管,这样很难保证它的安全性。你唯一能做的是设置一个安全系数强的密码。从技术角度说,在手机上存储私钥最显著的方式是在安全的环境中。imToken也是通过这个方式确保私钥安全的。

冷钱包和硬件钱包付出更多的努力,但通常被认为是更安全的。我来解释一下:

冷钱包不连接互联网的,所以被称为“冷”。不联网意味着黑客也不能轻易入侵,从脱机的设备中盗走私钥。

冷钱包很容易安装:你可以很容易地安装imToken2.0在旧的安卓或苹果手机上,并确保手机再也不会连接互联网。

硬件钱包将私钥存储在硬件芯片上,该芯片被设计成几乎不可能访问。imToken目前正在集成可以通过蓝牙安全使用的硬件钱包。

话题主持@Neutrino 问题3:业界有一个普遍的共识,数字钱包将是区块链时代重要的流量入口。而今年10月24日程序员节那天,imToken宣布了开源。这是基于快速建立拓展市场建立竞争护城河,还是其他什么考虑?(像Chromium开源后,Chrome 得到了飞速发展,市场占有率稳居第一)以及开源对你们意味着什么?

Philipp Seifert :随着宣布代码开源,imToken能在自己解决方案中建立信任和信心。

世界上每一个人现在都能到Github做两件事:验证imToken运行的代码;和我们的项目进行合作。

这似乎很明显,正如你所说,开放源码是让真正强大的项目从社区里获利以及有价值的信息的一种方式:Linux, Ubuntu, Firefox,当然还有 Bitcoin.

话题主持@Neutrino 问题4:相比于1.0,imToken2.0增加了需要功能与服务,除管理多条链上的资产外(ETH、BTC、EOS)外,还有去中心化交易、Dapp浏览器等。你们如何在安全性与易用性间做平衡?毕竟产品功能越重越复杂,相对而言出现bug的概率也会增加。

Philipp Seifert :开放源码是在安全性上建立信任的重要部分。每个人都能看见代码,并验证你的通证是安全的。

和任何著名的金融类应用相似(如支付宝),我们实行严格的质量和安全程序。

你甚至不需要相信我:只要在我们的代码中找到一个bug,我们就会为您提供高达12ETH的回报!最重要的是,我们拥有安全领域的顶尖人才和合作伙伴,如(慢雾)。

话题主持@Neutrino 问题5:目前,imToken2.0对接了很多第三方的Dapp,Dapp开发者接入你们钱包平台需达到哪些硬性条件?另外我们在使用里面Dapp时,常会看到这样的服务条款“由某某DAPP直接并单独向您承担责任”,这是不是说在使用dapp中出现了账号被盗或泄露,就与你们没关了?对用户而言这似乎很难理解,毕竟是你们提供了接入服务。

Philipp Seifert :这是个好问题!服务条款只是反映了一个我们的现实情况:就像“Google Chrome告诉Baidu.com该怎么做一样”,我们只能够以这种程度去控制接入的那些DApp。

尽管如此,我们自己还是会和我们的DApp浏览器中的每一个DApp保持联系的,这方面主要是我在负责做的。并且如果你们在使用中发现了任何问题,我们一般都会立刻和我们的合作伙伴一起解决掉这些问题。

如果你想成为我们的一员,可以在我们的网站上联系到我们,我们会帮助你并满足你对imToken的需求,包括安全性、功能性以及设计等等这些方面。

有一些激动人心的新闻:最近我们也开放了DApp浏览器,可以让你直接在你的钱包里体验到任一以太坊或EOS DApp。并且,最近DApp浏览器还会有另一个比较大的更新,让我们一起期待吧!

话题主持@Neutrino 问题6:关于imToken新上线的Compound产品,你能具体介绍一下这个产品特性吗?还有闪兑也介绍下,它们各自的利率和汇率是由什么决定的呢?用户该如何在上面保值或套利的?(投资有风险,炒币需谨慎)

Philipp Seifert :闪兑 (IEX)是我们的去中心化交易所,你可以直接用它来交易加密货币免去了把它放去另外的交易所的麻烦。只要简单地在你钱包里轻轻点击一下,加密货币就到你钱包里去了。这个工具是基于Kyber Network的,以公开透明的价格在以太坊区块链上进行去中心化交易。

你有代币吗?如果有的话,你可以用它们在Compound上面获取利息。Compound是今年刚刚发布的金融DApp,可以让你在货币市场中借入以及借入代币。这就意味着,你可以将代币放入Compound并赚取利息。

记住,你不仅可以借出代币,你也可以借入代币(划重点):如果你想要某种特定的代币(比如:DAI),你可以将ETH投入市场并获得DAI,支付年市场利率。

这两种利率都是根据市场上的代币流动性,在不断变化的。比如,如果市场上有很多人都供应DAI,而只有一小部分人想借入DAI,那这个DAI的贷款利率将变低。

相反的,如果供应的人少了而借入的人变多了,那这个对应的代币的利率将会提高。所以这就是利率一直在变动的决定因素以及方式。

所以,在我们展示过Compound的利率是怎样一直变化的之后,你们就可以尝试在MakerDao CDP Poartal上面以2.5%的固定利率借入DAI,然后再将他们放到Compound上面去赚取目前市场利率。

话题主持@Neutrino 问题7:我们知道数字钱包是持币用户刚需产品,不仅用户量大,同时也沉淀了很多代币资产,但对钱包类产品的商业模式(流量广告、交易费、Dapp接入、余币理财等)似乎还在探索中,对此你是怎么看的,还有imToken会有怎么的规划?

Philipp Seifert :目前大部分的费用是以透明的方式与现有的金融程序共享的。我个人并不认为广告会是一个可持续的方式,并且那些用我们应用程序的人他们也不喜欢自己成为产品,而是更有能力去体验区块链能够带给他们的东西:金融机遇以及自由。

话题主持@Neutrino 问题8:从imToken2.0开始,我们似乎已经不能简单的将imToken归类为一个简单的数字钱包了。未来你们会有什么新功能与服务上线?用户在上面还可以做什么?以及你们期望给用户传递怎样的品牌形象?

Philipp Seifert :接下来的几个月将会有些激动人心的好消息。一个主要是安全性方面的:我们将会接入硬件钱包生产商并专注于手机程序上。第二个就是,会持续加强我们的去中心化交易所和金融程序。

我个人最喜欢的即将上线的更新可能就是我们的DApp浏览器,包括开放访问任何DApp,各种各样和更多的DApp。我保证你很快很快就能体验到了!

我认为,就像我们提供的这些DApp比如Compound和我们更新后的imToken 2.0所展现的,我们一直在密切关注并且贴近市场,给我们的用户带去区块链中所有最新最酷的创新产品和功能。

Neutrino社群成员 Sherry 提问:imToken 什么时候能在中国App store里下载?

Philipp Seifert:简短的说,你总能在官网https://token.im/ 上找到经过验证的下载链接。

Neutrino社群成员 Jiang LJ 提问:imtoken2.0一个很大的特点是一套助记词管理多条链上的资产,这提供了用户的便利,但也有着可能多个资产账户丢失或被盗的可能,对此你是怎么看的?

Philipp Seifert:我认为在之前的固定问答环节已经部分回答了这个问题。我认为根据私钥存储方式的不同,有不同的管理方式。这个范围从可以全权管理自己的私钥(如:imToken)到没有权利掌控你的token(如:交易所)。imToken提供完全的控制权。当然随之而来的就是责任。除此之外,我们当然还在探索更多的方法,比如硬件钱包。

Neutrino社群成员 东海冲浪手(币乎菜菜) 提问:关于imToken新集成的CDP产品,你能具体介绍一下这个产品特性吗?用户可以在上面抵押借 Dai ?

Philipp Seifert:DAI是和美元有着同样价值的数字货币。你能够在交易所买到。在imToken有很多DAI。DAI是通过叫CDP的智能合约创建的。简而言之,你说得对:你抵押一定数量的ETH能够取回对应数量的DAI。

Neutrino社群成员 刘鹿鸣 提问:你好,飞利浦,imToken是我常用的数字钱包,针对里面存放的代币资产,你们是否会推出类似余额宝这样的增值服务?

Philipp Seifert:我们正在整合以太坊和EOS上的最新应用。如果有新的、有前景的应用符合imToken的需求,我们就会整合上来。如果你知道这样的应用请让我知道。简而言之,我们一直在寻找这样的产品。

Neutrino社群成员 AnneJiang @Maker 提问:imToken2.0版本,代币进行转账的时候,会有一个地址本,是帮助用户建立常用的转账账户地址,方便直接从地址本里面选择你需要的某一个转账地址进行转账交易,我有一个大胆的想法,如果我想给几十个不同地址转发一样的数量代币,是否可以一次性选择多个转账地址,只需要交易一次,就可以发出几十个交易?”

Philipp Seifert :目前,不能做到。但这似乎是一个我没有想到的好主意。我将转达我们帅气的产品经理Ashu。说不定,这个很快就能实现!

Neutrino社群成员 Joey 提问:@Philipp S @imToken https://github.com/IMToken20/TokenCore 这个什么时候会推出?

Philipp Seifert :请参考 https://github.com/consenlabs/token-core-ios;https://github.com/consenlabs/token-core-android

End

-------------------------------

Neutrino追问AMA第7期|imToken商务总监:新版本将可访问任何DAPP

欢迎咨询

关于[追问®AMA]

这是一档以Ask Me Anything(简称AMA)形式进行的在线互动问答交流活动,每期Neutrino会结合当下技术趋势、政策风向、项目应用等行业热点话题,邀请相关领域嘉宾大咖就该话题进行深度探讨拆解,旨在帮助社区伙伴答疑解惑,扫除知识盲点,扩大认知边界。

关于Neutrino

一个原生于区块链的分布式创新协作社区。目前,我们已在东京、新加坡、北京、上海等地建立实体协作空间,并计划拓展至首尔、泰国、纽约、伦敦等重要区块链创新城市。借由全球社区资源与合作伙伴关系,Neutrino会在世界各地组织形式丰富的线上或线下活动、研讨会等,帮助不同区域的开发者们更好的沟通与分享彼此的经验和知识。

上一篇新闻

外汇交易基础知识——新手扫盲篇

下一篇新闻

「龙腾网」在华印度人讲述印度人在中国受到怎样的对待

评论

订阅每日新闻

订阅每日新闻以免错过最新最热门的新加坡新闻。