Harbor Wallet 1.0.7 Release

[Di3twater]

Harbor will auto update if you have a previously installed version.

If you are on Mac and you have version 1.0.0 you will need to go to the site and download the newest version that includes auto updates

Download the new release here.

Harbor Wallet

Release 1.0.1 includes:

• Fixed issue when newly generated wallets would not display the user's address but only showed "loading" text if the wallet was not funded.
• A new Wallet info tab was created with a "Copy Secret" button that copies the secret to the  user's clipboard.

Minor Fixes:

• The address label in the account screen was pushed down after integration of the "wallet info" tab this is now resolved 

Release 1.0.2 includes:

• Added Auto Updates for OSX

Release 1.0.3 includes:

• Fixed an issue where in certain windows environments where the destination tag failed to submit and caused orders to fail.

Release 1.0.4 includes:

• Minor adjustments to Wallet GUI that improve usability. 
• Added Terms of Service to login screen. Acceptance of terms is now required to use the wallet.

Release 1.0.5 includes:

• Fixed bug in transaction history page effecting users with less than 100 transactions. 
• Minor Adjustments to Wallet UI on Transaction History and Deposit History Page. 
• Enabled right click menu and unlocked users the ability to copy and paste data.

Release 1.0.6 includes:

• Fixed bug in transaction history page that caused 429 limit errors. 
• Added the ability to add memos to escrows per user request.

Release 1.0.7 includes:

• Fixed bug in transaction history page that caused the date to show incorrectly. 
• Combined history for all transactions into on page.

Notes:

There are certain anti virus softwares that flag electron apps after installation or during a scan. If you run into this issue please provide us with a detailed bug report.

Bug Report

Edited March 14, 2018 by Di3twater

[pucksterpete]

1 hour ago, Di3twater said:

Download the new release here.

still showing ver 1.0.0

[Di3twater]

@pucksterpete If you are on windows you will just need to close and re open the application we are currently working on auto updates for mac. 

[pucksterpete]

I be talking about your download link  sorry

[Malloy]

5 minutes ago, Di3twater said:

@pucksterpete If you are on windows you will just need to close and re open the application we are currently working on auto updates for mac. 

on your web page the harbor-setup for Windows is still at 1.0.0...I think that's what @pucksterpete meant

[Di3twater]

Ahh Yes we are changing that. We will be pushing version 1.0.2 that includes auto updates for mac once that is live we will change the version number on the site.

[Di3twater]

@Malloy @pucksterpete Links should now show correct version number  

I would also love to hear your feedback on the wallet.

[pucksterpete]

@Malloy is my test dummy

no offense Malloy

[Malloy]

@Di3twater same result with 1.0.2...

First test I run shows no problem...when I click the installer Windows gives a me a warning of unsigned software that I bypass...then the create wallet window opens...I create one...and the antivirus just freaks out and cleans everything....got this message:  "Real Protect ECI98*****"

 

[Di3twater]

When you create a new wallet an encrypted file is saved to your local machine that contains your wallet information. Your antivirus software may be seeing this as malicious, so what you can do is add harbor to your antivirus exclusion list.

Let me know if this helps   

[Professor Hantzen]

Enabling auto-updates for wallet software is a security risk IMO, especially when the wallet software itself is closed-source - which is already a security risk. 

In the case of auto-update, if the vendor is compromised malicious wallet code can be pushed out to all users who've enabled auto-update for instantaneous exploit on the part of the malicious actor.  Discovery of the malicious nature of the code will surely follow, but potentially only after a successful exploit against every user who enabled auto-update.

I would strongly advise users disabling auto-update for any and all wallet software.  Wait a while before downloading any update to any software, verifying other users have checked it out first.  Obviously this is an imperfect solution (someone has to be the guinea pig), and there may always be victims to any wallet hack.  However, at least with auto-update off the effect is minimised, as opposed to maximised.

Further, I encourage any users considering which wallet software to use to weigh up the risks of using a close-source offering versus and open-source offering (meaning one that provides all source code for perusal, and includes hashed/signed code).  It works out like this:

Closed source --> high risk
Open source --> some risk, but is likely the minimum amount possible

The creators of this software may be well-intentioned, but IMO - and with all due respect - encouraging users to protect and administer their decentralised, trustless funds with a closed-source proprietary software betrays a basic misunderstanding of what users want, expect and require of software in this space.

[SBC-Daniel]

When you consider that the majority of the programs the average person uses on a daily basis, especially those that are involved with financial transactions, are not open source... I think our policy reflects the standard in the software development world. We will not steal or freeze your funds, that would be bad for business. We recognize that there are other options in the marketplace that are open source, and if that is the #1 feature you require in an XRP wallet, then I encourage you to select one of those options.

No major trading platform that we are aware of has made their github repo public. Schwab and Etrade’s trading platforms aren’t open source. Most online banking platforms nor their associated apps are open source. There is a great possibility that the browser your using right now isn’t open source and if you are on reddit via iPhone like I am, there is nothing open source about your experience. 

It is admirable that some software developers gift their labor to the community by releasing their work open source, but that is not what we have chosen as part of our business plan. If open source is something that you need, then we aren’t your wallet developer. If a fast and versatile XRP management and trading platform that isn’t reliant on Ripple’s development node to process transactions is what you are after, consider our wallet. And if you have some specific software questions about our app that might ease your concerns, we would be happy to take your questions. 

[Professor Hantzen]

3 minutes ago, SBC-Daniel said:

When you consider that the majority of the programs the average person uses on a daily basis, especially those that are involved with financial transactions, are not open source... I think our policy reflects the standard in the software development world. We will not steal or freeze your funds, that would be bad for business. We recognize that there are other options in the marketplace that are open source, and if that is the #1 feature you require in an XRP wallet, then I encourage you to select one of those options.

No major trading platform that we are aware of has made their github repo public. Schwab and Etrade’s trading platforms aren’t open source. Most online banking platforms nor their associated apps are open source. There is a great possibility that the browser your using right now isn’t open source and if you are on reddit via iPhone like I am, there is nothing open source about your experience. 

It is admirable that some software developers gift their labor to the community by releasing their work open source, but that is not what we have chosen as part of our business plan. If open source is something that you need, then we aren’t your wallet developer. If a fast and versatile XRP management and trading platform that isn’t reliant on Ripple’s development node to process transactions is what you are after, consider our wallet. And if you have some specific software questions about our app that might ease your concerns, we would be happy to take your questions. 

Your policy does reflect the standard in legacy software development, particularly as you say, for financial software.  This serves to illustrate the final point I made:

I think you, as developers, may have missed the core value proposition of cryptocurrency and blockchain in general.  The old systems are broken, because they rely on centralised trust.  The only thing any of your users have to protect their *previously-protected-by-the-system* funds is your statement that you won't steal them.  The new solutions we are collectively building together, including Ripple, Ethereum etc, are designed to *replace or augment* the existing infrastructure which is clearly lacking in precisely this regard.  The main "additions" being made to the existing systems are the various benefits of transparent source code and decentralisation and the security and resilience these offer specifically over the existing systems such as online banking platforms or e*trade etc.  Ripple's code is all online.  Ethereum's too.  Almost all wallet software for both platforms and just about any blockchain project is open and available online and always has been.  (iPhone is somewhat of a special case as software on that platform operates within a tightly-controlled "walled-garden" operated by a company that has established a large amount of trust, and audits all of its own code before publishing.)

There are in fact several trading platforms that are also open-source, but as this is a new field they are somewhat "cutting-edge" (aka, crap) - it remains to be seen, but is somewhat likely that decentralised trading systems will eventually disrupt the existing closed solutions once they reach maturity, which is some ways off (give them a year or two).

I wholly disagree with your final point.

When entering a market dominated if not characterised by open-source software, where your target demographic of blockchain enthusiasts largely expect your software to be open-source, and even if they don't expect it is arguable they still require it (as the converse negates the primary value proposition of blockchain system they are choosing to adopt in the first place), and where every single one of your direct competitors has open-sourced their wallet software, one could argue the converse of your statement:

In order to protect your investment, you may need to open-source your code.

For example, given that just about everyone influential in this space is a strong advocate and proponent of open source software, and may further actively discourage the use of closed source wallet software for reasons of security and negating the primary benefits of blockchains and cryptocurrency in general, if you are to win over said influential personalities in this space to promote your software and sing its praises, and to prevent those same from discouraging its use, you would very likely need to open your codebase.  Place as restrictive a license on its subsequent usage as you see fit, but make it publicly available and auditable, or IMO it is unlikely to gain traction, and you are likely therefore to lose your investment as users understandably will prefer open alternatives.

Further, given that many open source alternatives already exist for building XRP wallet software, while you have much to gain, I don't particularly see how you have anything to lose by opening your source code - as anyone wanting to acquire external source to build their own wallet is already readily able to do so.

[SBC-Daniel]

We hear what you are saying but regardless of open-source enthusiasts desires, that’s not the product we are offering. We have the right to not hand out the hundreds of hours of labor to the community for free, and you have the right to choose a developer that does provide free and open-source software.

Making our code open-source would negate our ability to charge users for our service as users could simply clone the software and remove the bit that pays the company that built the wallet. If Toast wallet had any plans of making their wallet profitable, it would have been negated by the clones of their wallet that have been made.

Additionally other wallet providers are relying on Ripple’s development node to process transactions, which means they have no server costs associated with processing transactions. We maintain multiple Rippled nodes to serve our customers. This means our wallet continues to function when Ripples development node becomes overcongested like it does on a daily basis. Additionally, Ripple has clearly stated that their development node is not to be used with production applications. They can shut the node down or restrict use at ANY TIME rendering the users of our competitors wallets “up the creek without a paddle”. Providing these services costs money, we have chosen to protect our ability to provide these services by not releasing our code. 

We understand that many in the community desire open source. We encourage those individuals to develop their own solution and gift it to the community. Hopefully the community will donate the required funds to put food on the table in the developers houses and pay for server costs. From our discussions with other wallet providers, the community has NOT come close to pulling their share of the weight here and simply demand cutting edge niche software for free. 

[Sukrim]

2 hours ago, SBC-Daniel said:

Making our code open-source would negate our ability to charge users for our service as users could simply clone the software and remove the bit that pays the company that built the wallet.

No. You could choose a license that doesn't allow redistribution of binaries and while some enthusiasts might try to dig around in your code and remove features that are actively hurting your users (such as charging them a fee) and recompile, it is definitely not something that your average user is going to do.

2 hours ago, SBC-Daniel said:

Additionally other wallet providers are relying on Ripple’s development node to process transactions, which means they have no server costs associated with processing transactions.

Not really, many other wallets allow one to choose any rippled server as back-end with the public ones simply set as a default. I also know of at least one other startup doing Ripple wallet software (open source) that will operate a public full history rippled cluster and they'll probably also open source their connection pooling solution I guess.

2 hours ago, SBC-Daniel said:

From our discussions with other wallet providers, the community has NOT come close to pulling their share of the weight here and simply demand cutting edge niche software for free.

I agree that monetizing wallet software is a hard problem, going closed source to make sure nobody can patch out your "pay fee to operator" function however is also not a satisfactory solution. I already asked you about a bug bounty program when you announced your last product and didn't get an answer, how do you actually ensure that your product is trustworthy and safe? At the moment it boils down to "trust us" which is not my initial reaction when it comes to a software from a small startup overseas that wants to process my private key(s) and connect to its own cluster of servers.