Initiative to solve most of the problems with Toast Wallet

[letscracktoast]

Hi there,

As a former user of Toast Wallet, I'm very frustrated by the current state of the app. There's a lot of users here that only want to recover their zerps, so that's why I'm starting with this project. Details can be found on the website, but basically I'm offering a reward of 25 000 XRP to the person(s) capable of deliver a working solution to crack the encryption of the app.

The solution will be free and available on Github once (if) accomplish. I'll be very grateful if you can share this post or the link to the site.

More details can be found on https://letscracktoast.com

[at3n]

I get that the benefit of open source software is that anyone can have a crack at breaking it, so I guess fundamentally there's nothing wrong with this project...

But the reasoning and attitude behind it is so flawed...

[letscracktoast]

Why tho?

[at3n]

Well to start, your premise is that there is some problem with Toast, but from reading your site, the "problem" seems to be that the encryption is working exactly as intended.

If you break the encryption, you break the security for all users, not just the subset who have lost their keys. In other words, you're looking to create a problem where there is none currently.

Secondly, you're implying on the site that if the developers would continue to support the wallet, somehow they would be able to help all the people who have lost their keys to access their account again. This is simply not the case.

Thirdly, you seem to be failing to understand the whole point of a cryptocurrency wallet, which is to give full control of the assets to the user and no-one else. This comes with a price: if you screw up, you lose acces to your coins. This is how all cryptocurrency works (and I expect you know that already). If your "problem" was fixed across the board, crypto wouldn't be a thing. It doesn't make sense to hold crypto, and simultaneously complain about and try to undo the fundamental mechanics of it.

I'm probably getting more worked up about this than is warranted, but honestly the biggest thing that annoys me is the tone that the website is written in: it's written in a way that's trying to shift the blame onto the app and the devs, neither of which deserves any such attitude because everything is working as intended and advertised. If not for that I wouldn't have commented.

 

 

If you want to try to find weaknesses or exploits in a crypto app or an encryption algorithm, then by all means go ahead and organise people to do it, such things are important and helpful when done right. But please don't frame it as "fixing a problem" unless you actually think you've identified a security issue, it's misleading and disrespectful.