æpps Update: æternity wallet X AirGap

At æternity, our primary goal is to bring the blockchain experience to mass adoption. In order to do so, we need to deliver technology which is not only intuitive and easy to use, but also provides the highest level of security.

Trust Free Systems vs Centralized Systems

There’s a fundamental difference between interacting with a trust-free network like the blockchain and interacting with centralized systems. In a blockchain, much of the data is encrypted and only accessible to the holder of the key with which it was encrypted. There’s no third party who can recover the data if the key is lost.

User Expectations

This is fundamentally different from what most users are used to, especially when it comes to money. For example, if a user has an account with a traditional bank and they lose the password to their online banking they can go to the bank, identify themselves, recover their login and regain control of the funds in their bank account. In a blockchain, if the same user loses their private key and cannot recover it they lose access to their data and/or tokens forever. Additionally, if anyone else gets a hold of their private key they can gain access to all of the data and tokens. For this reason, protecting one’s private key and having a recovery method is paramount to maintaining control of one’s data and tokens.

The Gold Standard in Securing Wallets

In order to facilitate this level of security as well as control of users’ data and tokens, we are looking to provide users with the most secure technological solutions. For this reason we have partnered with Papers.ch in supporting their project AirGap and integrating it directly into our Base app.

AirGap provides the highest level of security one can have in an iOS or Android device. The best way to generate and store a private key is to do so on a separate smartphone. In this way AirGap upcycles any smartphone device as a Secure Vault for a user’s private key.

How AirGap Works

When a user wants to create an account with maximum security, they use a second smartphone to download the AirGap Vault app, generate a secret (which holds their private key), and later sign transactions with it. An internet connection is needed to download the AirGap Vault app, but once the app is installed the internet needs to be turned off for the Vault app to be used.

1. Setting Up a Vault Account in the Base æpp

To setup a vault account the user swipes horizontally within the accounts view part of their wallet. Then they see a sequence of screens, which instructs them how to setup their vault account.

2. Setting Up the Vault App On a 2nd Phone

When the user first opens the Vault app on their 2nd phone, they can generate a new secret (which allows them to recover their private key), import an existing secret, or use social recovery to access a previous secret. The AirGap Vault app uses audio, video and accelerometer input, as input to a random number generator to increase the complexity of the secret it is generating. The user is asked to write down all the words which constitute the secret in the correct order on a piece of paper, verify their spelling and order, and store the paper in a secure place. Additional security includes creating a passcode for the wallet and using Google two-factor Authentication.

3. Preparing Transactions In the Base æpp

When a user wants to sign a transaction, they generate the transaction through the vault account on their primary smartphone, along with a QR code associated with it. Using their second smartphone, where the AirGap Vault app is installed, they open the Vault app, scan the transaction QR code visible on their primary smartphone and confirm that they would like to sign the transaction. The user then receives a confirmation on their primary smartphone. The private key never leaves the second smartphone and is protected from intruders because the second smartphone is not connected to the internet.

4. Signing the Transaction

Once the user has successfully prepared a transaction for signing within the Base æpp, they open the Vault app on their 2nd phone, scan the QR code, and sign the transaction.

Social Recovery

In addition to the personal recovery of their secret users can set up social recovery as well. To set up Social recovery the user chooses how many people the secret is shared between and how many of these people are needed to recover the secret. When social recovery is activated, shares of the private key that are generated are distributed amongst the people who they will need to recover their secret.

Understanding Security

The key to users accessing the highest level of security available to them is understanding the difference between trust-free systems and traditional centralized Financial systems. Once a user understands the importance of their secret passphrase and private key, and the fact that once these are lost there is no third party to turn to recover them, it’s up to them to determine the level of security that they like to have.

For example, if a user holds a sum of tokens large enough to make a significant purchase, such as purchasing real estate, or covering their rent for multiple months, they will likely want to secure the funds in their account in the best way possible. On the other hand if the funds they have in their wallet are a small amount, enough to buy coffee, rent a movie, or pay for daily expenses, they may be less concerned with having the highest security possible.

A Look Into the Future

Making the incentives for using trust free systems like blockchain technology clear to millions of users and providing a frictionless user experience are the keys to facilitating mass adoption of decentralized systems. This is why we at æternity aim to provide the highest level of security, the most intuitive user experience through our æpps, and the necessary education for users to understand the benefits and incentives to using blockchain technology.

Stay tuned for more articles and progress updates on our work towards the goals mentioned above. And, as always, feel free to get in touch directly via our forum as well as on GitHub.

Interested in æternity? Get in touch:

GitHub | Forum | Reddit | Telegram | Twitter | Facebook | Mail

Leave a Reply

Your email address will not be published. Required fields are marked *