milvinae
commented
2 years ago Accidentally hit the button - will close and resubmit
Closed milvinae closed 2 years ago
milvinae
commented
2 years ago Accidentally hit the button - will close and resubmit
Wallet name
Numio
Wallet description
Numio is a non-custodial, Layer 2 DeFi app, powered by zkRollups for fast and cheap ERC-20 transactions and token swaps. Numio is available on Android and iOS.
Wallet logo
Background color for brand logo
3F3F3F
URL to the project
https://www.numio.one/
When did the wallet go live to users?
31/12/2020
Does the wallet have an active development team?
Yes. The wallet is actively developed - https://docs.numio.one/development/changelog
Is the wallet globally accessible?
Numio is globally accessible via the Google Play and Apple App Stores. The app requires no KYC to use.
Is the wallet available in multiple languages?
English
What social links are there for the project?
https://twitter.com/GetNumio/ https://www.tiktok.com/@getnumio https://www.facebook.com/GetNumio https://www.linkedin.com/company/numioinc/
Does the wallet have a mobile app? If yes, which operating systems are supported (iOS, Android)?
iOS - https://apps.apple.com/us/app/numio/id1538072952 Android - https://play.google.com/store/apps/details?id=com.numio.pay
Does the wallet have a desktop app? If yes, which operating systems are supported (Windows, Mac, Linux)?
No
Does the wallet have a browser extension? If yes, which browsers are supported (Chromium, Firefox, Safari)?
No
Is it a hardware wallet?
No
Is the source code for the wallet fully open-source?
No. Numio is not open source, however elements of the application are. Open source elements include our CDN & SDK, zkSync API, NPM relayer, and various meta API’s. Our full open-source GitHub repo can be found here - https://github.com/TeamNumio/TeamNumio
What license is the wallet software released under?
No response
Who holds the private keys?
Numio is non-custodial - a user's key pair is generated locally on their phone and their private keys never leave their device. Only the user has access to their Private Keys, which are easily accessible via the settings menu.
If Numio were to disappear the user would still be able to access their funds in a 3rd party wallet.
Please describe the measures taken to ensure the wallet's security and provide documentation wherever possible
The app is constantly subject to multiple layers of QA testing before (and after) undergoing internal audits and penetration tests. Major releases undergo 3rd party security auditing.
Numio is a non-custodial mobile application focused on user security and UI/UX. A user's key pair is generated locally on their phone and their private keys never leave their device. Users sign their own transactions manually and only the encrypted data is transmitted.
While we do not currently have any of this audit data currently publicly available, we are looking to make something available in the near future.
We work closely with our partners, including zkSync, ZigZag, MoonPay, ParaSwap, and Storj, to ensure that their technology is integrated in accordance with their best practices. This can be verified with those teams.
Device permissions are only requested based on a user's choice of function and if essential to the operation of the application. Any permissions are at the minimum viable amount to ensure that a function works. Numio keeps up to date with all Google Play and App Store privacy requirements and describes, via custom modal and plain English, exactly what each permission is for.
Users are unable to capture the screen during the seed phrase screen and (optional) biometrics registrations screens to enhance users security. Seed phrases are not stored on the device.
Outside of secure blockchain technology, the Numio application uses SHA256/RSA256 for encryption both within the app, and as a byproduct of integrated technology, including FaceTech - https://dev.facetec.com/security-best-practices.
Numio has now been public for almost 18 months, and has been downloaded in excess of 15,000 times from Google Play and the App Store. There has not been a single significant security bug reported in that time. It is also worth noting that both the application and company were subject to significant due diligence by VC’s as part of our $1.25m seed investment round which was completed in July 2021.
Has the wallet's smart contract code been audited?
Please see response above
Does the wallet have an internal security team?
No response
Any other security testing that should be noted?
No response
Spam protection?
Not currently
Does the wallet support connecting to a hardware wallet?
No
Does the wallet support WalletConnect?
Yes
Does the wallet support importing Ethereum RPC endpoints?
No
Does the wallet support viewing and interacting with NFTs?
Yes
Does the wallet support connecting to Ethereum applications?
No response
Does the wallet support staking directly?
Not currently
Does the wallet support swaps directly?
Swaps are supported by Paraswap for Layer 1 and ZigZag or Layer 2
Does the wallet support multi-chain networks?
No response
Does the wallet allow the user to customize gas fees?
No response
Does the wallet support sending transactions to ENS addresses?
No response
Does the wallet support importing or automatically querying and displaying ERC-20 tokens?
No response
Does the wallet support EIP-1559 (type 2) transactions?
No response
Does the wallet have fiat on-ramps through credit/debit cards, wire transfers, or bank transfers (ACH)?
No response
Does the wallet support withdrawals to fiat?
No response
Is the wallet a multi-signature wallet?
No response
Does the wallet support social recovery?
No response
Who can the ethereum.org team can contact regarding the wallet in future?
No response
Does the wallet have a dedicated support team?
No response
What educational resources/documentation do you provide to users?
No response
Does the wallet have any integrated tools not mentioned above?
No response