expand why section

spirobel_monero_browser_wallet.md

@@ -125,18 +125,20 @@ The Monero Payment Links product is 110, the Browser Wallet extension 125, the M
 
 ## Why
 
-Currently Monero shoppers have to copy and paste addresses from the tor browser into their wallets.
-This can be made more convenient and secure by a browser wallet.
+The goal is to **remove all friction from the privacy enabled web shopping experience**. Currently most **Monero shoppers** have to copy and paste addresses from the tor browser into their wallets. This opens the door to unnecessary opsec failures, as it is easy to get confused and intimidated by long strings of random numbers.
 
-The Monero Browser Wallet PoC that I wrote is fundamentally different from typical browser wallets.
-Instead of injecting Javascript into the page and exclusively communicating via message events, it uses a REST api.
-The initial trigger in the PoC still happens through a message, but the plan is to get rid of that.
-As a result the checkout will work in a Javascript disabled environment while providing the same seamless user experience.
+**A core part of staying private and safe online is to compartmentalize identities.** Qubes OS made some advancements in improving the UX of this activity by coloring different windows that are tied to different identities in a unique way.
 
-The browser is still seen as a potentially large attack surface.
-Even with all the security features and sandboxing techniques that
-modern browsers employ, there is still the risk of 0day exploits.
-This risk can be mitigated by spreading the secret key among multiple devices and necessitating access to all of them to sign a transaction.
-The goal of the last milestone is to make this easy through the use of a multisig companion app.
+The reality is, that installing a different operating system is a large ask for the average person. At the same time we need to onboard as many people as possible to these habits, so we can operate safely in the crowd.
 
-tldr: the browser wallet makes monero web shopping more convenient and secure
+The other venue of attack is **using the browser for compartimentalization.** And before anybody complains: no this does not involve untrusted javascript frontend code.
+
+There is a big difference between a browser wallet and web wallet. A web wallet is a flawed experiment that is borderline custodial, as it runs wallet code inside the context of a website. This is not to be confused with a browser wallet.
+**A browser wallet runs trusted code as a compartmentalized, constrained program inside of a sandbox.**
+
+There is a massive opportunity here to reduce friction by making it easy to separate online identities. The TOR browser currently enables the use of one separate TOR circuit for each tab. **Imagine we have one monero address per tab that is used for login and to send and receive payments.** It makes it much harder to mess up.
+
+The potential that a browser wallet opens up goes beyond that. It opens up a new design space that means that **innovation can be modular**. The barrier to building something new is drastically lowered if you don't have to publish and distribute a wallet application to make the change that you have in mind. Users don't have to install new apps to try what you built.
+
+One last concern that comes up is that there might be zero day exploits in the browser, as it exposes a potentially larger attack surface. This can be mitigated by making the wallet a multisignature wallet and **using a second device like an android phone or a monero seedsigner to authorize every transaction.**
+This means two devices need to be compromised to capture funds, which is unlikely.