4

What are the scenarios (value-add businesses) that would get users to edit the default ripple client and use a custom

  • Web Socket IP: Port

  • Blob vault URL

Why even make this a configuration option? What is the envisioned benefits? Is this related to a "gateway"?

Stephen Gornick
  • 26,990
  • 12
  • 67
  • 141
makerofthings7
  • 12,656
  • 11
  • 60
  • 129
  • 1
    @Downvoter / Closer: [According to meta Ripple questions are on topic](http://meta.bitcoin.stackexchange.com/q/335/1878) . Please provide constructive feedback for the down vote. – makerofthings7 Feb 28 '13 at 05:52

1 Answers1

4

The blob vault URL lets you choose who you trust to hold your wallet. While the wallet is encrypted, the organization that holds your wallet could attempt to brute force your password with the only limits being their computational resources.

The selection of web socket IP and port allows you to choose what Ripple server you want to connect to. The plan is to eventually let you have multiple servers saved in your wallet.

These choices have to do with how your client connects to the Ripple network and finds out your account information and annotations. It is not related to a choice of gateways, what IOUs you wish to hold, and so on.

David Schwartz
  • 51,308
  • 6
  • 106
  • 177
  • Hmm, I kind of thought that "the cloud is my blob vault". So currently is https://blobvault.payward.com is taken down, my wallet is gone unless I saved it (in my local browser cache?) – ripper234 Apr 02 '13 at 21:39
  • 4
    Yes, your wallet would be gone unless you saved it someplace else. Note that this won't cause you to lose your funds -- your funds aren't stored in the wallet. (Make sure your account secret is stored somewhere safe!) – David Schwartz Apr 02 '13 at 21:40
  • @DavidSchwartz If someone gets my wallet do they automatically have access to my funds, or do they also need the secret key separately? – Manish Apr 25 '13 at 19:32
  • 2
    @Manish: It depends what you mean by "gets my wallet". If you mean they get the wallet *file*, then no. It's encrypted. If you mean they get the wallet *data*, then yes. The secret is stored in the wallet. The wallet is encrypted with the user name and password, so someone who somehow got your wallet without knowing the password would find it useless to them. (Unless they were able to brute force the password.) – David Schwartz Apr 25 '13 at 19:41
  • @DavidSchwartz The username and password is what the Ripple client calls "Wallet name" and "Passphrase"? Is this part of the Ripple protocol, or is this just a client feature (so another client could use a different scheme)? – Manish Apr 25 '13 at 19:45
  • 1
    @Manish: It's just a client feature. Wallets are entirely client side. – David Schwartz Apr 25 '13 at 20:04