- Aug 18, 2018
1. We are building a secure mobile wallet system called AirGap
AirGap is a wallet solution, allowing the secure generation and storage of secrets on a mobile phone with an approach of two mobile apps. Depending on the security needed these apps can be installed on separate devices or on the same device.
To get the highest security, the AirGap Vault application is installed on a dedicated or old smartphone, which will never be connected to any network again. With the enhanced entropy concept that adds video, audio, accelerator and touch data to the entropy seed alongside the device’s pre-shipped secure random generator it is possible to generate a cryptographically secure seed used for the secret generation on that very same device. This secret never leaves the device it was generated on. The private key is saved in the secure enclave of the mobile device and needs multi-step biometric authentication every time it is accessed to perform cryptographic primitives.
AirGap Wallet on the other hand will be installed on a user’s everyday phone. With this app, users can manage their portfolio of wallets and their valuations. AirGap Wallet deals only with publicly available information as opposed to AirGap Vault, which handles the private key.
¬ How does a transaction work? Detailed step by step guide.
1. Users can create a new transaction with an address, amount and a fee in AirGap Wallet.
2. A QR code with this transaction is generated.
3. This QR code is scanned with AirGap Vault, ensuring one-way communication only with QR codes.
4. To sign the transaction the secure enclave is accessed with biometric authentication.
5. The signed transaction is displayed in a QR code.
6. The QR code is scanned by AirGap Wallet and broadcasted to the blockchain.
¬ What if I want to manage smaller amounts?
AirGap Vault and AirGap Wallet can also be installed on the same device. In this case, the communication between the two apps works with app switching through an URL scheme. This allows the two apps to be entirely encapsulated, which is crucial: For example, AirGap Vault does not have any network permissions and thus is unable to send information out over the network, guaranteed by the operating systems sandboxing.
¬ Which coins and token do you support?
Currently we support Ethereum, Bitcoin and the Aeternity (AE) ERC20 Token. We plan to extend this list in the future. These are all managed by the same private key/mnemonic secret.
2. What does this mean for Dash?
Loss of crypto funds happens on a daily basis, due to software related error but also due to missing education. A sensible approach for private key handling is essential, this is also true for any Dash user. We see AirGap as the solution, an approach to a mobile wallet with the right security without neglecting usability. With the Dash integration into AirGap every user has the possibility to securely store private keys related to his Dash funds.
We also see a potential in markets like Venezuela, where crypto and especially Dash is booming. Transactions in Venezuela happen mostly over mobile wallets some of them without the necessary security in place. For private key storage people in other countries turn to hardware wallets which come at a premium price. With the approach of AirGap an up-cycled smartphone can become that hardware wallet.
With the funds allocated by Dash we aim to further improve the AirGap Vault & AirGap Wallet mobile apps in terms of security as well as usability.
3. Who are we? The project team
- Alessandro De Carli, MSc. UZH – Technical Lead | Twitter
- Dominik Schöni, MSc. UZH – Lead Developer | Twitter
- Lukas Schönbächler, BSc. FHNW – Mobile Developer | Twitter
- Andreas Gassmann, BSc. FHNW – Mobile Developer | Twitter
- Pascal Brun, eidg. dipl. Informatiker – UI/UX & Business Development | Twitter
- Niklaus Knecht, BA. ZHDK – Visual Design | Twitter
4. Our Vision, milestones & deliverables
Milestone 0: Improvements, bug fixing & further reviews of the initial features of AirGap
Milestone 1: Familiarization with the Dash Blockchain & technical feasibility study. (2-3 weeks)
Milestone 2: Requirements engineering with involved parties. (2 weeks)
Milestone 3: Software development of Dash integration (8 weeks)
Milestone 4: Testing and iterative bug fixing of Dash integration (4 weeks)
Milestone 5: Documentation and educational material for Dash integration announcement (2 weeks)
Milestone 6: Dash & AirGap education & general private key security education in collaboration with local Dash groups
5. What do we need to make this happen?
The costs for the Dash Blockchain integration and overall educational efforts come up to 1071 Dash.
The estimated duration of the grant is four months.
Requirements Engineering: 10%
Software Development: 55%
Awareness – Organizing Meetups & Conferences: 5%
6. Progress to date
- AirGap Wallet & AirGap Vault Android versions released, iOS versions currently in review
- Ethereum, Aeternity & Bitcoin integration
- Bitcoin HD wallet support
- AirGap Vault Linux distribution
[email protected] | Website | Telegram | Twitter | Medium | GitHub