search

Agoric / agoric-sdk

monorepo for the Agoric Javascript smart contract platform
Apache License 2.0
326 stars 205 forks source link

Use WalletConnect #2962

Open michaelfig opened 3 years ago

michaelfig commented 3 years ago

What is the Problem Being Solved?

We need a more standard and robust wallet bridge. #2730 is just one of the issues we face because of our existing ad-hoc iframe/WebSocket wallet bridge implementation. Other problems include its difficulty to port to non-web-based apps as well as mobile.

Description of the Design

We should just use WalletConnect

Their @walletconnect/client package works in browser and Node.js. They also have client libraries for other languages, too, especially under mobile. Their "client" protocol is intended for both wallets and dapps, and uses a non-trusted bridge service (including allowing dapps to specify their own bridge rather than the default).

The rendezvous requires communicating a connection string. By default, they do this via a QRCode since that supports mobile best. Their default dapp connect popup also has a "copy to clipboard" option for getting the connection string. So, it would make sense for our current wallet to have an input to allow pasting such a string.

For seamless desktop wallet (such as Pledger) with HTML-based dapp integration, I plan registering the wallet as a wc:... URI handler, then extending the dapp's wallet connect dialog to include <iframe src="wc:..." width="0" height="0"></iframe>. That way, the browser will prompt for the connection.

The code at https://docs.walletconnect.org/quick-start/wallets/react-native#initiate-connection is pretty clear for how we could adapt their connection lifecycle to do the same work as the wallet-bridge handshake currently does. Then we could tunnel CapTP over the Custom Request API.

Security Considerations

We would actually tunnel the dapp-to-wallet connection over the Internet, but fortunately there is end-to-end encryption provided in the @walletconnect/client library.

Test Plan

michaelfig commented 3 years ago

@katelynsills, @dtribble, @warner please take a look at this proposal for portable, robust dapp-to-wallet communication.

katelynsills commented 3 years ago

From what I can evaluate, this sounds like a good plan.

dtribble commented 3 years ago

I agree.