Abuelau, ChuckOne, you should really read this:
https://blockchain.info/wallet/technical-faqand pay attention to TwinWinNerD. If you can't sign transactions offline (that is without transmitting private keys to anyone), you can't build a secure web wallet. Period.
The way to do this in the browser is via JS a-la blockchain.info.
It has nothing to do with
TRUSTLESS as it is promoted.
As I already pointed out:
In the end, you have to trust somebody.I know what you mean, but it is not really trustless.
Blockchain.info is as trustless as possible.
""""""""
Server Side
The site currently runs on 4 dedicated servers, hosted in a locked cabinet. All servers run behind a dedicated cisco security appliance with intrusion detection. On the servers themselves various "booby traps" are set to alert the webmaster if an intrusion is detected.
The java code deployed to the Site is deployed in a single war (zip) file. Each server monitors the checksum of this file to detect any unauthorised changes to the code. In order to make reverse engineering our encryption schemes more difficult the the java class files are obfuscated using proguard.
A copy of every wallet is stored all our servers. Additionally the latest 50 versions of a wallet are stored on Amazon S3 and can be restored from the [Import Export] section.
The server side code that handles wallets is open source.
The site is not vulnerable to CSRF requests as no login details or sensitive data is ever saved in session cookies.
In the time the Site has been running there has been handful of XSS vulnerabilities reported. None of these were on a wallet page and could not have resulted in any direct loss of funds.
"""""""""
