Don't let clients with insufficient entropy generate wallets

[dternyak]

Old browsers that do not support Window.crypto should be provided with a message explaining this, and be prevent from generating a wallet.

[wbobeirne]

Should we just prevent generation, or should we block the whole site?

[dternyak]

Good question.

Currently, I believe we block generation (because calling window.crypto results in an exception), so I believe we can follow in the footsteps of V3, albeit with an improved UX.

If the user is using an old browser but has a hardware wallet, I don't see any reason to block them from using the site.

[wbobeirne]

Sounds good. I'll check out what v3 does, and make any improvements I can along the way.

[tayvano]

As far as I have experienced the UI of the v3 site will generally not render if window.crypto is not supported. e.g. IE9. So the user is presented with a completed fucked up screen and cannot find the button, let alone click it, let alone get a private key.

If there is a case where the UI does render but there is no window.crypto available, then nothing happens. It just errors out in the console.

I am more than happy having a whitelist of browsers and blocking the entire site for these browsers. This is crypto. Users should be on the latest browsers. Period. For every other site we can progressively fall back and make sure things are pretty on ie8 but for this one, it is in the users' best interest to be on a modern browser / modern computer without 0-days everywhere—from both a financial and security standpoint.

I believe the biggest "why won't it work?" question is regarding is TOR Browser / other security-minded browsers. These have to do with Javascript being off be default, handling of specific local storage items, and so forth. Supporting TOR browser would be nice, but is simply not a priority at this time. Users are much better off running completely offline than relying on TOR to protect them.

We should keep in mind that support of all browsers is not required and that it is a "better safe than sorry" situation. The one benefit of simply presenting and ie9 user with a bork'd screen is that they then email us. And in that email, we can kindly explain to them why it's important to be secure, in a personalized manner, and what risks they are taking. We also generally send them info on how MEW is different than Coinbase and how to protect themselves from phishing while we are at it.

While the UI not rendering and not having error messages would typically be a no-brainer, "terrible UX", the overall experience and personalization that (hopefully) will protect them as they explore crypto is arguably a better UX at the end of the day. So that's interesting, right?