aragon / nest

A grants program to support the development of the ecosystem
https://aragon.org/project/grants
Creative Commons Zero v1.0 Universal
140 stars 78 forks source link

Aragon Wallet mobile app #189

Open izqui opened 5 years ago

izqui commented 5 years ago

The following is a request for a team to build it, I'm happy to hop on a call with potential teams to talk about some of the features in depth.

Aragon Wallet should be a React Native mobile app to hold and send ANT, ETH, any ERC20 on Ethereum, Aragon Chain's ARA and any 'ERC20-like' token on Aragon Chain.

It should be released on both iOS and Android.

Extended features wishlist

Ordered by importance:

izqui commented 5 years ago

Pinging @luisivan, @lkngtn, @osarrouy, @sohkai, @dizzypaty, @floating, @pcowgill for feedback and ideas.

prastut commented 5 years ago

@izqui interested to deep dive and come up with a proposal. Do you have a recommended team in your mind for this proposal's delivery?

izqui commented 5 years ago

No team in particular comes to mind. I don't even think a team that has already worked on crypto projects is required. A high quality mobile development focused shop would be amazing

mikedemarais commented 5 years ago

cool ideas!

my feedback would to build a mobile app specifically for the aragon functionality, and to just leverage walletconnect/deeplinking so users can keep using their wallet of choice (which is likely going to be more deeply feature-full/broadly scoped than just aragon)

most consumer wallets will have all the non-aragon-specific features within a couple months. (fiat onboarding, uniswap, push notifications, etc)

izqui commented 5 years ago

Thanks for the feedback @mikedemarais!

I'd love for us to implement as little stuff as possible, and take advantage of a purposely built product (it is so much work to build a wallet as solid as Rainbow, so if we can avoid it that'd be great).

In any case, I worry about the onboarding experience for new users if they need to download and set up two apps instead of one. I guess we could have them download Aragon Wallet and then teach them how to get the actual wallet. But, it would be pretty cool if we could embed the minimum amount of functionality from one of these wallets as a framework, and then when users need more (e.g. HW support, FaceID for signing, etc) they could download the full proper wallet and start using that connected to Aragon Wallet.

Also out of curiosity, do you know if anyone is working on this type of experience for mobile dApps:

'Frame Mobile', use Aragon Wallet as your signing provider that can be used from the phone's browser or other apps (Android intents)

I hate wallet in-app browsers to use dApps (wallets shouldn't build browsers, that's a lot of work), and I'd love to have my signing provider app that manages my keys and all other apps or browser in my phone can use it for signing with a proper UX.

mikedemarais commented 5 years ago

@izqui seems to me that Frame Mobile = walletconnect

izqui commented 5 years ago

@mikedemarais By 'Frame Mobile' I refer to bringing the https://frame.sh desktop experience to mobile (one signing provider at the OS level that other apps use for their signing needs).

I always saw WalletConnect's flow as 'use dapp on desktop, sign with mobile wallet', although I guess there should be no problem if both the dapp and the wallet are running on the same phone cc @pedrouid

mikedemarais commented 5 years ago

@izqui i’m a big fan of frame.sh!

i don’t think a perfect Frame Mobile can ever exist at the OS layer for iOS, maybe android but im not an android expert.

and yeah, walletconnect supports your desired mobile flow! it’s functional today, but the mobile flow could definitely benefit from some improvements (we are working on a couple at @rainbow-me, and would love to collab if y’all pursue this direction)

micksabox commented 5 years ago

Very interested in this proposal. As part of a discovery process, I'd like to surface the rationale for the mobile app explicitly, for community discussion.

For example:

Thoughts about:

That's all I can think of for now. Looking forward to this.

andriytyurnikov commented 5 years ago

I would be happy to talk about this, however, while it is WIP, I would like to highlight few things: 1) The way I see it is that "Frame mobile" is in many ways core topic, there is no such thing as crossplatform mobile browser extension, and author would have to implement JS injection into WebView component to have feature parity with Metamask.

Speaking of MetaMask -- metamask mobile is in beta, and it is opensource, so aragon web UI going to be much closer to mobile (and those who have no patience check out cypher dapp browser). 2) Platform in general is a topic f it's own. 100% native, ReactNative, NativeScript (very promising), and to add complexity this topic is kinda dependent on choice of 1) All platforms are fast moving targets, and not exactly smooth. Compiling crypto libraries may require messing with build toolchain, etc (I've prototyped RN EOS wallet year ago). 3) AragonDesign System is evolving, and reusing substantial effort of Aragon Web sounds as an attractive trajectory.

From this perspective topics of platform and access to web are interdependent, and are full of related risks, so maybe having minimal ethereum web browser integration on platform(s) of choice is a good first step for such roadmap.

Perseverance commented 5 years ago

@izqui At LimeChain we would love to partner up with Aragon on this. We are a blockchain development company and have previously done some stuff with Status, Maker and more. The feature list sounds feasible and we have experience with React Native as we recently built the Frank dapp, partnering up with the Abridged team. Also we've developed mobile wallets for many projects - both as part of a dApp and standalone :)

In addition to that, we've got quite an experience with fiat onramps and have a payment solution ourselves (LimePay.io, funded by MakerDAO)

Would love to jump on a call and discuss technical details! Furthermore, we are also working on a cORG/bonding curves tool and it would be interesting to explore synergies with Aragon on this as well.

prastut commented 5 years ago

Happy to jump on a call to understand and iron out features in detail. This seems like a crazy opportunity:

Frame Mobile', use Aragon Wallet as your signing provider that can be used from the phone's browser or other apps (Android intents). I hate wallet in-app browsers to use dApps (wallets shouldn't build browsers, that's a lot of work), and I'd love to have my signing provider app that manages my keys and all other apps or browser in my phone can use it for signing with a proper UX.

TL;DR instead of downloading Metamask mobile and then using it's browser, web3 functionality is integrated at OS level. My team is going to investigate whether it's possible on Android.

sohkai commented 5 years ago

and yeah, walletconnect supports your desired mobile flow! it’s functional today, but the mobile flow could definitely benefit from some improvements (we are working on a couple at @rainbow-me, and would love to collab if y’all pursue this direction)

@mikedemarais It'd be great to get a demo of what this looks like today, and see where we could go with this


I'm also curious if we could shift this effort so that instead of building an Aragon-specific signer app, we contract with a team already working on a good wallet experience (e.g. Rainbow), and commit them to supporting the Aragon Chain and some of its basic native functionality, e.g. "Browse validators and ability to delegate ARA".

Almost everything else, aside from DAO-specific push notifications, native voting support, and Fundraising discovery, is pretty generic and I've yet to see a good mobile signer unrelated to us do a good job on them all (not that I've really tried to).

izqui commented 5 years ago

instead of building an Aragon-specific signer app, we contract with a team already working on a good wallet experience (e.g. Rainbow), and commit them to supporting the Aragon Chain and some of its basic native functionality, e.g. "Browse validators and ability to delegate ARA".

@sohkai I do agree on not starting from scratch and potentially working with a team that has built a great wallet already.

If the WalletConnect flow has reasonable UX, I can totally see Aragon Wallet being a super thin app with just the Aragon specific features we need (Voting, Fundraising, Notifications, etc) that then uses an Ethereum wallet as it's signing provider for all things Eth and a Cosmos SDK/Ethermint wallet for all things Aragon Chain (WalletConnect supports Cosmos chains, see Trust Wallet support for Binance Chain).

We should actually reach out to Trust Wallet because they already support Ethereum and a Cosmos chain cc @vikmeup

pcowgill commented 5 years ago

@izqui Definitely interested in working on this as part of Tasit. Happy to hop on a call anytime to discuss (or we can flesh details out further here - whatever works best). Thanks!

sohkai commented 5 years ago

I can totally see Aragon Wallet being a super thin app with just the Aragon specific features we need (Voting, Fundraising, Notifications, etc) that then uses an Ethereum wallet as it's signing provider for all things Eth and a Cosmos SDK/Ethermint wallet for all things Aragon Chain

This is my ideal end state for a native Aragon experience in the next 6-12 months.

I'm assuming we may also be able to integrate WalletConnect into the Aragon Client so that users could use a normal mobile browser and go through the same signing flow as the native app?

Perseverance commented 5 years ago

Came back to provide a bit more info on how I would approach all of this and add couple of remarks

Approach

I would pretty much create it using a layered approach. The base layer which would be the regular ERC-20 wallet. The extensions layers would be for additional feature functionalities like the ones described in your features wishlist.

I would go for react-native application. This would give us both speed of implementation and similar look and feel.

The base layer

This would be the regular ethereum ERC-20 compatible wallet. Once we decide to add the Cosmos SDK/Ethermint we will extend this base layer to also be able to route the correct calls to the correct network.

There are plenty of open-source ETH+ERC20. One that we've used previously -> https://github.com/goldennetwork/golden-wallet-react-native . It is not great, not terrible, but good enough for a start. We've a version that is pretty stripped bare in order to start from it.

Push notifications

There are two approaches here: a) Subscribe to a (hopefully decentralised) middleware service and allow them to push a notification to us whenever there is new event we are interested in. Alternatively we can do it ourselves instead of relying on third party server. b) Emulate push notifications, and use the client side app as listener for events. In this case we will have to register a Background Task. BGTasks are limited and the OS can kill them sometimes.

I'd prefer the first.

FIAT on ramp

I think that this is much more complex than just integrating with an on-ramp provider. The on-ramp provider can give us at best DAI/ETH or something similar. I've been playing recently with ramp.network and I think they can do the job.

However when it comes to actually getting ANT or ARA integration with DEX will be needed. I believe integration with Uniswap would be needed in order to achieve this.

Still this would need much more clarification. See my question about smart wallets below.

Frame

Have not played with it to this point. If it does what it says it does it should be of great help. I also second the opinion that WalletConnect integration is very good idea.

Apiary

Havent done such integration myself previously, but cant imagine to be impossible.

Ledger Nano X BLE

Isnt this supposed to be supported by Frame, or did I misunderstand something?

Questions

Smart wallets

As far as I understand this app will be a crucial piece in the Aragon ecosystem. I was wondering if having a smart wallet (think Argent) might be a good idea. This would allow some transactions to be batched (ex. on-ramping, complex Aragon interaction scenarios?). Also it would allow for better account recovery on this and any other platform. What is your take on that?

UX/UI Design

How do you want to approach the UI/UX design part. Do you want to be providing these, or would you like the team approaching it to also help with that?

dao-dasha commented 5 years ago

@izqui that’s a great idea. We’d like to suggest a joint effort of MixBytes and our partners Mobile Up, mobile app developers with vast expertise in fintech, blockchain, media and other domains.

In our turn, we have a solid development experience and understanding of Aragon dapp ecosystem basing on previous audit experience with the network teams. We also have validation and delegation experience, and thus could cover all blockchain-related features (validation, voting, fundraising, etc).

Could you tell which of the above stated wallet spec tasks are of higher priority? Let us know if we could discuss further.

lkngtn commented 5 years ago

Before diving into this proposal would like to understand the rationale and objectives a bit more clearly. I'm not sure an Aragon Wallet is necessary, but I do believe that understanding the onboarding process for a user who doesn't have a wallet to start using Aragon, and engage with organizations that exist on Ethereum and/or Aragon Chain (or other potentially other compatible chains), and potentially engage in interactions which span multiple chains using Aragon Agent and the planned cross-chain agent functionality.

In the context of this proposal I think it may be helpful to break up the conversation into specific applications:

1) Do we want a mobile app experience for interacting with Aragon organizations? And what does that look like? For me I would like to see the ability to aggregate my activity across multiple orgs, see a news feed of things like votes that need attention, and then take action on those events immediately from within the app.

2) Do we want a mobile app experience for specific applications (eg voting, fundraising, projects/bounties)?

3) Do we want a full wallet experience that bridges desktop and mobile, and which has specific support for cross-chain interactions and agent support? We want people to be able to browse dapps which may exist on Ethereum or Aragon Chain, and interact on behalf of themselves or organizations they are participating in and that is not necessarily something that will be prioritized in the same way among the larger wallet/signing ecosystem.


With Aragon Chain we are going to be pioneering these types of interactions and directly funding a project and organizing our UX requirements feels like a reasonable effort. Though I'm not certain how Aragon specific it should be, or what layer Aragon specific functionality should be.

Imo we should aim to address both 1 and 3, but try and leverage as much common (not-aragon specific) infrastructure that either already exists or is being actively developed elsewhere as possible.

I've spoken with @pcowgill as well as some of the other teams working on contract based wallet architectures and web based wallets (Abridged, Authereum, and torus specifically) about contract wallets / identity contracts. My feeling is that the use of emphermeral (app-specific keys) and a contract based wallet allows for a significant improvement in the UX of web3 and can be essential in reaching a larger audience. Rather than having the application specific interface always require forwarding (to an external signer with something like wallet connect), the application specific interface may be granted specific permissions... allowing a user to cast votes for example without ever seeing a transaction signing interface. But if they try and move tokens they would need to use a different interface, and those actions may require multi-factor authorization.

Contract Wallet Interface

Application specific interfaces

Essentially, this approach separates account management, permissions/authorization, and the multi-factor auth queue into one interface, and pushes specific interactions like trading/asset management/voting to applications specific interfaces which may or may not be bundled together depending on the use case.

micksabox commented 5 years ago

Before diving into this proposal would like to understand the rationale and objectives a bit more clearly. I'm not sure an Aragon Wallet is necessary ...

This is what I was trying to say with my previous answer, since the requirements should be guided primarily by the rationale. In my opinion, a strong rationale is to be able to provide Aragon functionality for users who possess only a mobile device (these users exist out there). I would rank the following rationale second: our relationship with our mobile devices is very personal, and having a spot on the home screen is the same as having a spot in the users lifestyle. An interface to notifications and specific mobile-optimized functionality, third.

My feeling is that the use of emphermeral (app-specific keys) and a contract based wallet allows for a significant improvement in the UX of web3 and can be essential in reaching a larger audience. Rather than having the application specific interface always require forwarding (to an external signer with something like wallet connect), the application specific interface may be granted specific permissions... allowing a user to cast votes for example without ever seeing a transaction signing interface. But if they try and move tokens they would need to use a different interface, and those actions may require multi-factor authorization.

This reminds me of Metamask Snaps, the plugin & permission system planned for MetaMask. The trust model for this system is similar to what you're describing, with granular permissions requested up front and then being able to perform actions without needing transaction confirmations every time.

I'm personally excited about these UX improvements and would be interested in porting a similar plugin scheme to mobile.

pascuin commented 5 years ago

@izqui would be interested to have a call and talk more in-depth about the requirements. We at Papers can draw on our knowledge in the mobile security space and are also actively maintaining the protocol agnostic mobile (Android & iOS) wallet AirGap.

Depending on the hard requirements I could see synergies by using for example our library that already handles all the address generation, transaction signing for Ethereum. We're currently also working on the implementation of the Cosmos protocol and have support for various other protocols as well.

The upcoming support for Aragon Chain should probably be included in a discussion if a walletconnect approach is feasible or not. I'm personally not aware if walletconnect will be extended to Cosmos-specific chains, but with a protocol change in mind such an approach should probably only be selected if that support is guaranteed.

0xGabi commented 5 years ago

Hi just wanted to clarify that this proposal is still under the Nest applications. I decided to include it as an idea to hack during ETHWaterloo cause it was great way to have an MVP

pascuin commented 5 years ago

Thanks for the call @izqui

As mentioned we will provide a short summary what we've talked about. We think Papers is perfectly qualified to built the Aragon mobile wallet app. Our mobile development and mobile security expertise has its roots in the Swiss financial sector working on mobile banking and security critical mobile applications for more than 10 years. There are various Fortune 500 companies relying every single day on our mobile security focused engineers.

When we started providing services in the blockchain space, collaborated closely with numerous projects on building web related applications, we became aware that a lack of security was present. With AirGap we started to find the best way between highest security without sacrificing usability.

While building AirGap we were able to apply our mobile security knowledge and built and open sourced the airgap-coin-lib as well as both AirGap mobile apps which are available for Android and iOS. Our mission is to provide the community with the best possible tools so that they can take over the responsibility to manage and store their own assets.

We would love to bring our knowledge to the Aragon ecosystems.

Perseverance commented 5 years ago

What is the process of getting a call? @izqui @sohkai

vikmeup commented 4 years ago

Response to @izqui comment: https://github.com/aragon/nest/issues/189#issuecomment-545184901

I would recommend just to focus on single use case and build fully features Aragon app that has key management build it. As you might have more control over user experience and avoid being dependent on someone else.

But providing an option to connect WalletConnect, WalletLink or even something similar TrustSDK might be a good option if pro user already has other wallet installed.

From Trust Wallet perspective:

vicnala commented 4 years ago

Hi!,

We are building a fundraising DAO for a company, and they want a simple frontend for the presale so the users can contribute witrh a simple button.

Can somebody help us choosing the right direction on building this?

We would like to use WalletConnect, does somebody tried something like this?

Thanks in advance, Víctor.

0xGabi commented 4 years ago

Hi @vicnala we are building two tools to help you with that. Both are on early stage and API will probably change next couple of month. This are:

  1. useWallet(): A wallet provider that help you to connect to the provider of your choice super easy
  2. @aragon/toolkit: A programatic API to interact with Aragon organizations
vicnala commented 4 years ago

Hi @0xGabi!

The members of the organization have no problem using the Aragon UI, but the users who are going to contribute need a very simple (Spanish) interface. Once acquired, they will use their tokens with their wallets.

With WalletConnect you can send transactions to contracts. But I have been trying to interact with the Approve an Contribute functions of the presale without success (keep trying).

So... Do you mean that is possible to run the @aragon/toolkit package in the browser to make things like these?

I have tried and I think it does not work (it raises a very strange error _os.constants is undefined in the browser by importing it in a react app).

Thanks again! Víctor.

0xGabi commented 4 years ago

Hey @vicnala that use case makes sense. About WalletConnect the useWallet() packages that I mentioned allow you to connect that provider.

Then to interact with those particular functions of the presale contract you should be able to do it directly.

I don't think we are still there to have @aragon/toolkit on a browser as the package is huge at this point. Nevertheless I would like to support use cases. like that one. Would you mind ping me on keybase (0xgabi) or aragon.chat on rocketchat (gabi) and we can discuss how you are using the toolkit and how you would like it to be.

vicnala commented 4 years ago

Hi @0xGabi, yes, sure. I'll try to reach you tomorrow in keybase.