Open mlaeng opened 10 months ago
mlaeng
commented
7 months ago Hey @YonatanE22, I've seen you added the review label a while ago. But I am unsure on how the process is supposed to continue from here. Maybe you can enlighten me? Thanks for any help!
YonatanE22
commented
6 months ago Hey @mlaeng and thank you for submitting the request. Apologies for the unclarity. After reviewing the grant application it seems that it doesn't align with the current chain's objectives at the moment
Project Description
Our proposal is to integrate Secret Network, it's native token SCRT and SNIP-20 tokens into the AirGap Wallet and Vault, an established secure self-custody wallet solution that currently supports over 100 cryptocurrencies. We think AirGap and Secret Network fit nicely together as we look at secure self custody as another cornerstone in privacy preservation.
Problem / Solution
Introduction to Airgap Vault and Wallet
AirGap is an established secure and air-gapped self-custody wallet solution that is completely open source and free to use. AirGap is available to any user worldwide - also in countries where other air-gapped solutions (like Ledger) are not available. The solution comprises two applications:
AirGap Vault, which is installed on any mobile phone that is disconnected from the network (LTE, NFC, Bluetooth, or WLAN). It transforms a dedicated or spare mobile device into an air-gapped cold wallet. The Vault allows for random private key generation, secret storage, secret recovery, and continuous checks for connectivity, root access, and screenshot detection to prevent the device from being compromised.
Running in the AirGap Knox mode, the vault can be run on a locked down Android device, which is only capable of running AirGap vault and cannot access network functions.
The second app is the AirGap Wallet, which is installed on any connected mobile device to facilitate transactions or broadcast transactions. This two-way approach guarantees higher security, protecting users from any potential risks.
Communications and the signing of transactions are done seamlessly without the use of cables, thanks to verifiable QR codes.
To ensure top security, AirGap has a unique approach to creating a secure key by utilizing various sources of entropy such as video, sound, gyroscope, and touch (optionally, dice roll and coin flip). This ensures maximum randomness and, therefore, results in secure key generation.
This illustrates the signing process using the two apps:
For managing smaller funds, AirGap allows users to run both apps on the same device, which still guarantees better security than using only one app. However, we recommend the two-device approach for maximum security.
AirGap has currently more than 100 currencies and tokens integrated, see: https://airgap.it/supported-currencies.
The code of AirGap Vault, AirGap Wallet and AirGap coin-lib is open-source and the app builds are reproducible, means the app you download from the Google play store matches the code published on AirGap's Github.
AirGap has passed a security audit from the swiss IT-security company Compass Security, which can be found here: AirGap Security Audit Report by Compass Security. No attack was identified that would allow an external attacker to extract stored secrets. Various findings had been addressed and are outlined in this report from AirGap.
What differentiates AirGap from hardware wallets like Ledger, Trezor etc.:
Availability and affordability: Most current air-gapped self-custody solutions rely on hardware devices, which can be expensive and difficult to obtain for some users. Furthermore, hardware devices are a unique target for attackers and can pose privacy concerns when ordering (See breach of Ledger's customer database in 2020). Many users worldwide are unable to order a Ledger due to country exclusions.
In contrast, mobile phones are widely available and affordable, and are not immediately recognized as cryptocurrency key vaults by attackers. All an AirGap user needs is a dedicated offline smartphone to manage their keys with AirGap.
The AirGap apps are completely free to use, making them the most accessible cold wallet solution available.
As with all cold wallets, recovery keys need to be safely stored as well. AirGap offers to do this via Shamir's Secret Sharing. With this method, a secret recovery key can be split up into shards, and each shard can be kept in a different safe place. The user sets the minimum amount of shards necessary to reconstruct the recovery key. This feature is only supported in a few cold wallets like Trezor, but not in Ledger, for example.
AirGap is completely open source and is one of just a handful of wallet solutions for Android that is labelled as “Reproducible'' on Wallet Scrutiny. This means people around the globe can build the solution by themselves and verify if the published app matches their build.
Most cold wallet solutions can only store one secret and do not often allow importing existing secrets. With AirGap Vault, a user can generate or import multiple secrets and derive multiple addresses, making it a versatile and flexible option for managing multiple cryptocurrencies and wallets.
Detailed proposal description
What we offer to do for the Secret Network:
1. To integrate native SCRT into AirGap Vault and Wallet
We propose to integrate the native SCRT into the AirGap Vault and Wallet:
The Vault integration will allow users to generate and store secrets (mnemonics), from which addresses for Secret Network are derived, inside the AirGap Vault. Secrets can be generated using our battle-proof methods of entropy collection (device sensors, coin flips, dice rolls) and features like Shamir's Secret Sharing. The Vault can then be used with AirGap Wallet. We may add support for more wallets which allow QR code interaction in the future (eg. Keplr), which is already the case for Bitcoin (Sparrow Wallet, Bluewallet etc.), Ethereum (Metamask, Rabby) and other EVM chains (Metamask).
In the AirGap Wallet, Secret Network users will be able to manage their Secret Network addresses and assets. They can receive or send native SCRT, view their balance (including the USD equivalent price), review their transaction history and open transactions in a block explorer.
2. To integrate SCRT staking
AirGap users will be able to stake SCRT inside of AirGap wallet, which includes selecting a validator, delegating and undelegating, as well as claiming the rewards.
3. To add sSCRT and integrate SNIP-20 compatible tokens
AirGap users will be able to add, receive, send and view the privacy enabled version of SCRT, sSCRT. They will be able to add other SNIP-20 compatible tokens, to receive them, to send them and to view balances and transactions after creating and using a viewing key.
4. To include Secret Network in open-source developer tooling: airgap-coin-lib
airgap-coin-lib is an open-sourced library that allows easy handling of the most important tasks relating to cryptocurrencies and blockchains. It implements operations such as preparing, signing, and broadcasting transactions for a range of protocols. Developers can use the airgap-coin-lib to develop wallet solutions or wallet integrations. It is already used within the AirGap solution and actively maintained by Papers AG.
5. To do marketing, documentation and community onboarding upon app store launch
We will use our marketing and community channels to advertise the integration of Secret Network into AirGap. We will also support joint marketing efforts to the extent the Secret Labs is open to it (e.g., Twitter Spaces with the AirGap lead developer about the topic of self-custody).
AirGap users can always find support in our community channels on Discord and Telegram or on Github. We have dedicated community managers who take care of these requests and make sure to respond promptly.
Secret Network will also be included in our documentation, to the necessary extent, so Secret Network users can find help and documentation on our pages.
6. To continuously maintain, test, and support the community for years to come.
After integrating a new protocol or token, we ensure that users can continue managing their assets using AirGap Vault and/or AirGap Wallet. This involves regular maintenance, such as updating self-hosted nodes after protocol upgrades (in case there are no public or serviced nodes we can use). We conduct testing not only during the initial integration but also with every release of new app versions to both app stores and GitHub.
Go-to-Market plan
Roadmap
Why we can guarantee this integration to be executed within the proposed timeframe
AirGap is an established and battle-tested self-custody wallet that has been in existence for over 5 years. Our developers have extensive experience and skills in integrating new protocols, EVM, Substrate-based and other protocols. We have recently integrated protocols such as Internet Computer (ICP), Astar & Shiden, Moonbeam & Moonriver, Kusama & Polkadot, as well as numerous tokens on Ethereum, Tezos, and other protocols. Our capacity planning enables us to undertake new integrations within a specified timeframe.
Value proposition for the Secret Network ecosystem
Currently Secret Network users lack alternatives of air-gapped self-custody solutions, other than Ledger. AirGap would offer the users an established, secure and battle-proof solution for safe self-custody - completely free of charge and available world wide with just a spare smartphone.
We expect to see at least 1000 Secret Network wallets being created or managed on Secret Network Wallet within the first year after the store launch. The AirGap transaction backend is used to inject blockchain operations, which allows us to count the addresses from which funds are sent to other wallets. We do not have the ability to link these addresses to any user identity, and we do not publish any addresses. The sum of all addresses is only used for analytics purposes. Due to privacy issues, we will not be able to disclose any addresses, but we will happily share and explain the source and methodology applied in a private call.
This projection is based on our past integrations and is subject to variation, dependent on 1) joint marketing efforts, 2) the size of the Secret Network user base, and 3) the activity and needs of this user base.
We know that joint marketing campaigns can significantly increase the number of new users. If SCRT Labs are open to this, we are confident that actual numbers can be much higher.
We believe that offering users secure self custody solutions will not only retain users in an ecosystem, but will also attact new users which define secure self custody as a precondition to interact with an ecosystem. Secret Network has a solid and loyal user base and we believe that it's a valuable user base to gain additional exposure in.
Founders and Team
AirGap is developed with ❤️ since 2017 by Papers AG, a web3 venture studio in Zug, Switzerland. Papers AG was founded in 2009 by Alessandro De Carli (CEO), Lukas Schoenbachler, Niklaus Knecht (CMO) and Pascal Brun (COO). The founders have later been joined by Mike Godenzi (CTO).
Together with a team of 24 skilled developers, marketing and community managers as well as sales people, we have vast experience in mobile security applications and blockchain powered applications.
Meet all of our team members here: https://papers.ch/team
Links and community channels
Links to the AirGap Apps:
Team's experience
We have vast experience in different Web3 projects on Substrate and non-Substrate chains alike. Besides custom projects for customers and smaller projects, we are also actively working on the following projects:
Acurast, a multichain oracle solution, which allows developers to bring off-chain data and computation on-chain, without the need of centralized parties. Supports interoperability with substrate based chains, as well as EVM and non EVM chains like Tezos, Cosmos and more to come. The Acurast chain will be launched as parachain on Kusama.
Beacon, a customizable method to connect to multiple wallets over a decentralized network. Beacon currently powers most dApps on Tezos.
Youves, the biggest DeFi platform on Tezos, with more than 40M TVL at this moment.
E-Seal, a solution to electronically seal digital documents, leveraging blockchain technology to guarantee the authenticity of electronic documents. Currently running on NEAR but Multichain support is being planned.
Ecoo, a platform that enables anyone to create and control their own payment systems and loyalty programs, built on Tezos.
We also built non Web3 projects like Hypergate, a fast, secure and accessible Kerberos Single Sign On (SSO) solution for Android.
Team Code Repos
Team Member Information
Development Roadmap
As pointed out in Go-To-Market plan we will require a total of 4 months to complete this project. We intend to have 1 developer full-time and 1 part-time plus additional work time from the project manager, testers and the marketing and communication team.
Estimated workload / Use of funds:
Grant Request
For the proposed integration development, the outlined marketing efforts and continuous maintenance and community support, we ask for a grant of 50'000 USD in SCRT tokens (value at the time of delivery). We are open to discuss modalities like vesting or lock-ups of funds over an agreed timeframe etc.
How we justify the size of the grant:
The efforts to be done can be divided in 1) initial cost of development, testing, rollout and initial marketing and 2) ongoing cost of maintenance and community support over the coming years. By considering not only the initial costs, but also the ongoing costs for an unforseeable amount of time, we consider this to be a fair proposal.
Outlook
After a successful integration of the points outlined above, further work could be done in the following areas:
All of these are currently not in the scope of this proposal. But if there is an interest, we can discuss a possible extension of the scope.
Additional Information
Some current metrics about AirGap:
Active addresses managed via AirGap Wallet: 50k+ active addresses are managed through AirGap Wallet instances. This number does not include addresses which are interacting with supported wallets like MetaMask, Rabby Wallet, Sparrow Wallet, BlueWallet or Specter Wallet and which are only managed via the AirGap Vault (which cannot be tracked in any means by design).
Downloads: More than 140K Downloads from Apple Store, Google Play Store and direct downloads from Github.
Supported currencies/tokens: more than 100. Find the full list here: https://airgap.it/supported-currencies
Supported wallets: six supported wallets, see: https://airgap.it/supported-wallet.
How to use AirGap Vault & Wallet - A Step-by-Step guide (Youtube)
https://www.youtube.com/watch?v=M9ICKaLxuwQ