From e12c01926c9e10e93be83824e29dcb97fb6fde43 Mon Sep 17 00:00:00 2001 From: Henry <64515030+henry-fisher@users.noreply.github.com> Date: Wed, 26 Jun 2024 20:11:04 +0200 Subject: [PATCH] A few proposed updates - Fixed typo in QR code doc - Added @tuxpizza video for Ledger hardware tutorial - Add a security FAQ to authentication doc and link to hardening guide - Added a section to hardening guide to reference application updates - Added a note on trying to prioritize ROMs with verified boot and other security features --- docs/advanced-features/authentication.md | 4 ++++ docs/basic-features/restore-wallet-from-hardware.md | 7 +++++-- docs/basic-features/restore-wallet-from-qr-code.md | 2 +- docs/tutorials/mobile-hardening.md | 12 +++++++++++- 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/docs/advanced-features/authentication.md b/docs/advanced-features/authentication.md index 208dca1..ef5ee0c 100644 --- a/docs/advanced-features/authentication.md +++ b/docs/advanced-features/authentication.md @@ -122,3 +122,7 @@ Using a time other than the default 30 seconds will lead to user experience issu ## Will you support HOTP? We have not yet determined if we want to support HOTP or not. + +## How can I maximize security of both 2FA and Cake Wallet? + +For those needing more security we recommend using a TOTP application on a separate device as an additional security precaution, which requires an attacker to gain access to both the device holding Cake Wallet in addition to the authentication device. Additionally, we recommend following the advice in our dedicated [hardening guide.](/docs/tutorials/mobile-hardening) diff --git a/docs/basic-features/restore-wallet-from-hardware.md b/docs/basic-features/restore-wallet-from-hardware.md index d901fc4..392454e 100644 --- a/docs/basic-features/restore-wallet-from-hardware.md +++ b/docs/basic-features/restore-wallet-from-hardware.md @@ -34,11 +34,14 @@ Once you see your device, select it from the menu and allow access (if applicabl ![Swipe left to right](restore-6.png){:width="32%"} ![Allow Access](restore-7.png){:width="32%"} -### Step 4 +## Step 4 Select your desired account and name you wallet. Then tap `Next`, and you will be in a view mode of your hardware wallet's account, indicated by the icon next to the wallet type. [![Choose account](restore-8.png){:width="32%"}](/images/restore-6.jpg) -[![Balance screen](restore-9.png){:width="32%"}](/images/restore-7.jpg) \ No newline at end of file +[![Balance screen](restore-9.png){:width="32%"}](/images/restore-7.jpg) + +## Tutorial video +[![How to Use Your Ledger With Cake Wallet](https://img.youtube.com/vi/jExAUzETuuo/maxresdefault.jpg)](https://youtu.be/jExAUzETuuo) \ No newline at end of file diff --git a/docs/basic-features/restore-wallet-from-qr-code.md b/docs/basic-features/restore-wallet-from-qr-code.md index b849c82..fe878a6 100644 --- a/docs/basic-features/restore-wallet-from-qr-code.md +++ b/docs/basic-features/restore-wallet-from-qr-code.md @@ -20,4 +20,4 @@ Go to the menu at the top. Tap "Wallets", then "Restore Wallet”. ## Step 2 -Click `Scan QR code`. This will open yoour camera. If you do not see yoour camera, check your app permission settings and enable camera access. +Click `Scan QR code`. This will open your camera. If you do not see your camera, check your app permission settings and enable camera access. diff --git a/docs/tutorials/mobile-hardening.md b/docs/tutorials/mobile-hardening.md index 4981505..db99108 100644 --- a/docs/tutorials/mobile-hardening.md +++ b/docs/tutorials/mobile-hardening.md @@ -11,7 +11,7 @@ Cake Wallet includes many strong protections by default, but there are some step In the best case, you should use a **dedicated, modern phone** that is still receiving software updates. **Factory reset** the phone and only use it as your Cake Wallet phone. Don't use a work phone. Leave the phone off if you aren't using it, so that the encryption is enforced. -Some people prefer using an operating system such as [CalyxOS](https://calyxos.org/) or [GrapheneOS](https://grapheneos.org/) for Android. Typically, first-party phone providers such as Google and Apple provide faster security updates, at the expense of weaker privacy protections by default. +Some people prefer using an operating system such as [CalyxOS](https://calyxos.org/) or [GrapheneOS](https://grapheneos.org/) for Android. Typically, first-party phone providers such as Google and Apple provide faster security updates, at the expense of weaker privacy protections by default. If going with a custom ROM, we recommend ROMs that maintain security features like maintaining [verified boot.](https://source.android.com/docs/security/features/verifiedboot) If you are overwhelmed, start with a modern, factory reset phone from Apple or Google that is still getting software updates. Don't let perfection get in the way of at least starting there. @@ -50,6 +50,16 @@ You generally will want a few apps: You can install apps from your phone's respective app store or from their APKs. +## Keeping Cake Wallet and other applications updated + +We recommending finding a workflow, either through automatic or manual updates, to ensure you're receiving the latest security updates for applications. If a vulnerability is ever patched, you want to receive it as quickly as possible. Additionally, it's not uncommon for applications like Cake Wallet to introduce new security features you can benefit from. + +Some users prefer automatic updates to receive the newest updates automatically, and some users prefer manual updates to verify new software. Regardless of your preference, make sure you're finding a workflow that works for you. + +* [To enable/disable iOS Automatic Updates](https://support.apple.com/en-us/102629) +* [To enable/disable Android Automatic Updates](https://support.google.com/googleplay/answer/113412) +* [Many users enjoy Obtainium as a way to fetch updates regardless of source](https://github.com/ImranR98/Obtainium) + ## You should run your own node(s) For best privacy, you really should run your own Monero, Bitcoin, etc. nodes.