Would you really want to base decisions on a few foolish users that cant take care of their account?
We already have 4 keys, most blockchains have 1. Most blockchains have no staking and no 13 weeks to pull their funds. How much more security do you need?
Making the security argument seems extremely misplaced to me.
You cant base decisions for the whole community based on a few irresponsible users that would potentially lose their funds.
If you cant figure out in 1 week, let alone 4 weeks that some are proposing, that your account is being powered down, then you really have no place in crypto. Those should go back to keeping funds in a bank.
STEEM is my third largest holding, and the only one not protected using hardware or 2FA. Talk to me again after you have immediate power down ability that some people want and get hit with a 0-day attack. There are some vulnerabilities you can't escape from based on your level of responsibility. Combine that with the fact the intent is to achieve mass adoption, that means continuing to lower the sophistication of users.
There's also a difference between investing in a coin, trading a coin, or staking a coin. I stake decred and the ticket maturation period can take up to 142 days for example, meaning your 120+ decred is inaccessible for that time. When I decide to stake it, I make the trade-off.
I would argue that ANY lockup period for a potential trader or short term investor would be unacceptable, so whatever time frame you make it that isn't instantaneous, is a solution looking for a problem. So what is the problem you solve by making it 1,4, or even 6 weeks?
Then development of a 2FA should take place.
The benefits are varied. Investors would be more likely to invest and power up. The problem with Steem is that if you hold it, you suffer the 9% inflation and if you power it up you suffer from volatility due to the 13 week powerdown.
That is enough to discourage investment. I know a few former whales here that explicitly stated that they will not power up for those exact reasons.
If you allow for shorter powerdowns you potentially increase trading volume due to being able to access funds much faster. That as well brings more dynamic into the platform due to being able to powerup quickly during sideways action and play the market during the high volatility. That is why im proposing 1 week rather then 4 weeks or 13 weeks.
You can ofc expand on that mechanic even more with different proposals ive seen here in this comment section as well as on other discussion threads that would encourage longer staking times.
Exchanges are very reluctant in listing low volume tokens because they make less money and Steem by design will remain one. And we all know that more often then not more exchanges mean higher prices.
If 2FA would satisfy people on the security side of things, i see no problem with that being a part of the 1-4 week powerdown discussion.
Seems like the low hanging fruit would be to just add your savings balance to your steem power as is, but don't count it for witness or proposal voting. It's not like many people use savings anyhow. The bucket is already there, and already has a 3-day withdrawal period. You satisfy both sides of the argument with a solution such as this.
I'm not sure how you could actually build 2FA into the blockchain itself or if you'd really even want to try. It's more of a middleware problem.
I would be more for ledger integration with steem middleware, where I could pull my owner key into my ledger wallet and then integrate that with steem keychain or steemconnect. EOS already has the ability to manage multiple keys via the ledger. Hell, the new ledger even uses encrypted bluetooth which you could use to support phone apps like eSteem.