Create QIP013

[cooper7777]

No description provided.

[0xFF0]

I agree and I think this could also mitigate the risk if a malicious node sends an incorrect OTS index to trick the user to reuse an already used index.

[surg0r]

This is an interesting proposal. Best and recommended practice is to use a hardware wallet to sign and track OTS consumption automatically. Least safe is to rely upon a stateless webwallet instance where current OTS state is taken live from the QRL network leaving multiple potential attack vectors from within the browser, webwallet code and a malicious connected node.

Once an XMSS OTS has been used in a transaction and stored in the chain then reuse no longer is a concern. Tricking the user into signing an unused OTS index and failing to relay that tx (or signing more than once) is a high risk vulnerability which could lead to complete loss of funds.

It does make logical sense then to store OTS index in browser storage as a sanity check and perhaps also check the chain live for agreement. The user would have to be sure to always open their wallet from the same machine to benefit from this of course.

But ultimately users should not ever be storing or entering seed phrases online to unlock wallets in routine practice in my opinion.