Closed jumezurike closed 8 months ago
This my proposal for smslockr
Utkarsh do not change the proposer at all. They need it the way it is now. Just github account.
@realChainLife I wanted to know if there is something wrong with our grant application. We have not heard from you. Let us know if there is something amiss. Thanks.
Hi @jumezurike, our review was on hold over the holidays and is resuming this week. We will be in touch once more information is available!
@ErinOCon How are you? Great new year, wishing you all the best. When do you think we can hear from you? We need to get this going it will help Filecoin as well as us. Especially our cceNFT protocol.
Hi @jumezurike, I am very sorry you did not receive a timely reply to this application. It seems this proposal was resolved in our system prior to sending you a status update. Unfortunately, this project was not approved for a grant during its review cycle.
If you have an interest in applying for a grant in the future, please feel welcome to contact our team with questions at grants@fil.org.
Open Grant Proposal: LokDon - Anti phishing; anti cache hacking; SMS/wallet security token on Filecoin IPFS and NFT storage
** Name of Project: WEB3.0 SMSLOCKR
Proposal Category: app-dev
Proposer: @jumezurike
Do you agree to open source all work you do on behalf of this RFP and dual-license under MIT and APACHE2 licenses? Yes
Description of the project (WEB3.0 WALLET/SMSLOCKR)
We understand that filecoin does not use much encryption at this time: This a conclusion we surmised from talking to one of our clients. However, the process of making sure that the right data is stored in the right location by the right entity at the right time is something we find interesting. The hashing proof is golden because it allow the right person to pull or download that data later on following the URI. This fits very well with a solution we will like to build. Simply put, Data Access Security and Recovery solution (DASARS). In the future this approach could be used on the filecoin network for providing cost effective covert channels between nodes.
Problem: Mobile devices have a great weakness when it comes to the use of SMS amongst other things. Most decentralized app have a larger market penetration power when deployed on mobile devices e.g smartphones.
Solution: The fix is very straight to the point. We protect the wallet by plugging the SMS inroad cyber attacks. We do it using encryption on all the relevant key or phrases as well as sharable information. On-demand with key less end-to-end security can give us a much better result in-lieu of link encryption. This will work perfectly well for Filecoin which by design will become a secure, decentralized record keeper for all sharable user data in all transactions. This will bring a dimension to both custodial and non-custodial wallets. There will be options for users to hold their communication exchange object locally or externally for global reach.
PREREQUISITE
Find the flow diagram from figma
LokDon ECSMID V 1.0.0 USE CASES / FUNCTIONALITIES
WALK THROUGH VIDEO ECSMID V 1.0.0
AWS ec2 free tier ECSMID V 1.0.0
Docker ECSMID V 1.0.0
Value
Deliverables
Step to solving the problem of SMS phishing attacks targeting wallet seed phrases and private keys.
Design SMS dapp flow diagram, story adn/or journey a. ui/ux
Prepare the infrastructure following well architectural framework (non-monolith or micro services)
Hybrid development solution flutter is used to develop the SMS application first run (First month of Q1) a. Build communication exchange object with user data (avatar or pic, PIN, primary authentication device, DID or sTruedid, UWA) or use PIN and NFT login as enhanced password system. b. wallet security added to establish secure login and destroy cache attacks c. Data vault setup for security of private keys and seedphrases including related sensitive information. d. Settings
Threat model with MS tool kit amd mobsf (Middle of Q1). We invite public testers after this.
Integrate decentralized storage of DB like(filecoin ipfs) currently we can use individual cloud.
Deploy Alpha in staging: QA and security testing (Second month of Q1: second iteration)
Integrate with NFT local minting of assets on local devices.
Integrate local data store or communication exchange object or sent them to filecoin IPFS (nft storage): This is the second iteration v2 (Third month of Q1)
Provide a competitive pricing at $1.00-$2 in-app subscription for android and ios
Push it to production by launching on google play store and ios play store. a. Publish on product hunt and mirror.xyz (Last month of Q1)
Development Roadmap
January 1 - February 13 2023 (Q1)
i. Requirement -------------------------- Risk assessment ii. design -------------------------- Threat model design review iii. development -------------------------- Static analysis iv. Testing -------------------------- Security testing and code review v. Deployment -------------------------- Security assessment and secure configuration vi. CI/CD --------------------------- CI/CD
Prepare the infrastructure following well architectural framework (non-monolith or micro services): Filecoin nodes and NFT storage.
Hybrid development solution flutter is used to develop the SMS application first run (First month of Q1) a. Build communication exchange object with user data (avatar or pic, PIN, primary authentication device, struedid, UWA) or use PIN and NFT login as enhanced password system. b. wallet security added to establish secure login and destroy cache attacks c. Data vault setup for security of private keys and seed phrases including related sensitive information. d. Settings
Threat model with MS tool kit amd mobsf (Middle of Q1). We invite public testers after this.
February 14 - February 29 2023 (Q1)
Integrate decentralized storage of DB like(filecoin ipfs) currently we can use individual cloud.
Deploy Alpha in staging: QA and security testing (Second month of Q1: second iteration)
Integrate with NFT local minting of assets on local devices.
March 1 - March 31 2023 (Q1)
Integrate local data store or communication exchange object or sent them to filecoin IPFS (nft storage): This is the second iteration v2 (Third month of Q1)
Provide a competitive pricing at $1.00-$2 in-app subscription for android and ios
Push it to production by launching on google plays tore and ios plays tore.
Publish on Filecoin community, product hunt and mirror.xyz (Last month of Q1)
Total budget requested
Maintenance and Upgrade Plans
Team
Team Members
Team Member LinkedIn Profiles
Team Website
Relevant Experience
We have over 40 years experience as a team. Strong background cyber security. We have worked together for at least 2 years on an average. We know the vision and what we need done. I am my co-founder have been working together for 5 years.
Team code repositories
http: https://kodelab.apilokdon.com/utkarshJ/smslockerapp.git https://kodelab.apilokdon.com/lokdon/lokdonx.git
Additional Information
You can find our research paper on Researgate