Author

Topic: Crypto currency wallet design (Read 261 times)

hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
August 31, 2022, 07:49:56 PM
#11
It will be closed source. If the wallet is storing the Master Private Key that is derived from the Mnemonic string and Passphrase, I don't want others to be able to look at the code and see how and what encryption was used, how the Master Private Key is saved after encryption.
Security by obscurity, especially in this use case, is a terrible idea. I would never use a wallet like this.

I would like to know:
  • what you think makes a good software-wallet?
  • what makes a bad software-wallet?
  • what am I forgetting?
  • what am I over looking?
Besides the good points already mentioned by others, I'd like to add a few concrete requirements:

  • No Firebase
  • No Google AdSense or Apple equivalent
  • No ads in general
  • No trackers
  • No push notifications (requires sending data through Google / Apple servers)
  • No uploading of any user data anywhere (block explorer APIs etc.)
I'm saying these maybe obvious sounding things because I've just seen this too many times.
Make sure to focus on privacy and use built-in secure elements for storing seed phrases for security.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
August 31, 2022, 02:37:58 PM
#10
There are lots of competition in the cryptocurrency wallet market already, this makes it pretty difficult for new comer wallets to get known, except they come out with some outstanding features.

So indeed, it's a good move you've made asking about ideas here.
First, I would say making your wallet closed source is a major turn off, most especially for those with technical knowledge of how things work.
Secondly, some few days back, I read a thread where a user was asking if there was a wallet with a ability to send and receive Bitcoin automatically via API, I am looking for the thread now but haven't found it, but maybe you can try to find out how feasible such a feature is to implement on a non-custodial wallet.

Edit: Here is the link to the thread https://bitcointalksearch.org/topic/best-wallet-for-automated-sending-and-receiving-of-btc-5409861
newbie
Activity: 3
Merit: 2
August 28, 2022, 10:49:23 PM
#9
... beat them with UI/UX. Do your best to dumb things down for the typical non-technical person, without sacrificing security, privacy and functionality. Just add some sort of "developer mode" for the people who want custom options.
Yes agreed. Your comment also reminds me that I left out a point in my OP. Then intent is to build for the layman, those that do not have a deep understanding of crypto, those that just want a wallet, that don't have the time or care to understand all the details of crypto.
Thx for commenting.


If your encryption security is partially based on obfuscation of the source code, i'd be very skeptical with encryption implementation on your wallet.
I'll address this later.


You forget to mention who's the audience target of your wallet software. So far everyone who make reply on your thread could be considered as power user.
Please see my reply to mk4
Thx for commenting.



My intent is to build and release via Google Play, Microsoft Store and Apple Store as that seems to be the only way people are able to install software on their devices today. Side-loading is an option, but most people won't be familiar with the concept.

People have been downloading and installing software on Windows for decades without the Microsoft Store, and Mac users are quite used to .dmg app images.  If you're goal is only to support mobile devices, then those stores will be more commonly used, but I would still make the binaries available for download outside the app stores and also make it possible to verify the authenticity of the files.
Yes I considered this. Building a website for User Manual, email contact and downloading the apps for the various platforms. I am still up in the air about how I will support different platforms and devices. Still doing some research into libraries and frameworks. So far (don't laugh too hard), C#/.NET 6 is the leading choice as it will fit into later projects that could spin-off from this. 


No ability to generate its own seed phrase?
Yes it will follow BIP-44/BIP-32. The functionality will allow for importing wallets as well as creating new wallets. I will implement a random mnemonic generator. I guess the question is, should I allow the User to pick the number of words? 12, 15, 18, 21, 24 or maybe just give the option of a randomly generated mnemonic of 12 or 24 words?


It will be closed source. If the wallet is storing the Master Private Key that is derived from the Mnemonic string and Passphrase, I don't want others to be able to look at the code and see how and what encryption was used, how the Master Private Key is saved after encryption.
Deal breaker!  Most wallets handle the encryption of sensitive data on the client side by using strong passwords.  If you can't trust your potential users to handle their own security, why would they trust your hidden code?
It has been my experience that most Users have very little idea about software security, or securing themselves in the digital realm. What if the User doesn't implement a passphrase? Or wants to set up a hidden wallet? Should I password protect the execution of the app. Make it so a User has to input a password to start up the app on thier own device (that's already password/biometric protected)? And then make them input a passphrase to login into a certain wallet account?
To me, that's not very User friendly.

Good wallets are open-source, bad wallets are not.  Trust is a major issue in the crypto world, as it should be.  The only way to gain the trust of the community is to be as transparent as possible with your code.
I'll address this later.

As for features to add, one of my biggest pet-peeves about Electrum (the primary light client I use) is it's privacy issues.  To resolve them I have to run my own SPV server and connect all my devices to that server.  If I could connect Electrum directly to my instance of bitcoin core that would resolve a lot of those issues.  There are other light clients out there that do that, and I think it's starting to become a more common feature.  That's one suggestion.  Otherwise I don't see many improvements that can be made to Electrum, for example.
This is a good suggestion. I was thinking that if I received enough in donations (with any luck), I would run a node and the wallet would default to my node(s). Would that raise many concerns?
Adding the functionality so a Power User could connect to their own instance of the blockchain would be a good option.
Thx for commenting.


  • Allows coin control.
  • Allows connection to personal Bitcoin node or SPV server.
  • Works as an HD wallet
Coin Control....yes, thank-you
Connecting to your own node...please see above
Yes, following the BIP-32/BIP-44 would make this a HD Wallet.


what am I forgetting?
You forget that we already have lots of software wallets, some of which work years now perfectly. I don't find a reason to change my wallet software. Part of being open-source is that each problem has to only be solved once.
I suspected from the start that this might be a vanity project.
Thx for commenting.



This is what all "good" wallets already do so let me add a new idea that would set a new project apart:
The ability to create custom scripts, make payment to them or spend from such scripts. For example something as simple as a time lock script using OP_CHECKLOCKTIMEVERIFY or slightly more complex conditional scripts using OP_IF.
I am not sure I like this idea for the layman or even most power users. Off the top of my head, the example you provided would be better implemented as a smart contract. Though I must admit, I haven't gotten far into smart contract implementation on Bitcoin network as I have for Ethereum.

This is becoming a wall of text and it's getting late for me. When I can jump back on, I'll make another post expressing my concerns about the project being open-source.
Thanks for your feedback.
 
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
August 27, 2022, 03:58:43 AM
#8
The ability to create custom scripts, make payment to them or spend from such scripts. For example something as simple as a time lock script using OP_CHECKLOCKTIMEVERIFY or slightly more complex conditional scripts using OP_IF.
Yes. Although, a big, yellow, sparkling warning is needed here. This should be usable by only people who know what they're doing. Someone who doesn't, even if he visits the proper documentation, is like a kid that plays with matches: He might have himself burned. There are countless of cases wherein the user just messed up with scripts and make their money non-spendable. Script is essentially a scripting language; not everybody knows to write the syntax correctly.
legendary
Activity: 3472
Merit: 10611
August 26, 2022, 10:20:35 PM
#7
what you think makes a good software-wallet?
  • Being transparent / open-source.
  • Allows coin control.
  • Allows connection to personal Bitcoin node or SPV server.
  • Works as an HD wallet
This is what all "good" wallets already do so let me add a new idea that would set a new project apart:
The ability to create custom scripts, make payment to them or spend from such scripts. For example something as simple as a time lock script using OP_CHECKLOCKTIMEVERIFY or slightly more complex conditional scripts using OP_IF.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
August 26, 2022, 12:14:15 PM
#6
what you think makes a good software-wallet?
  • Being transparent / open-source.
  • Allows coin control.
  • Allows connection to personal Bitcoin node or SPV server.
  • Works as an HD wallet

what makes a bad software-wallet?
The opposite of what I previously said.

what am I forgetting?
You forget that we already have lots of software wallets, some of which work years now perfectly. I don't find a reason to change my wallet software. Part of being open-source is that each problem has to only be solved once.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
August 26, 2022, 08:45:34 AM
#5
My intent is to build and release via Google Play, Microsoft Store and Apple Store as that seems to be the only way people are able to install software on their devices today. Side-loading is an option, but most people won't be familiar with the concept.

People have been downloading and installing software on Windows for decades without the Microsoft Store, and Mac users are quite used to .dmg app images.  If you're goal is only to support mobile devices, then those stores will be more commonly used, but I would still make the binaries available for download outside the app stores and also make it possible to verify the authenticity of the files.

I intend the wallet to be able to import 12 to 24 word, Mnemonic strings (as well as the optional Passphrase) from other types of wallets. So the software-wallet will support "Hidden Wallets" as well as Accounts (the default is 20 accounts, each containing 20 addresses).

No ability to generate its own seed phrase?


It will be closed source. If the wallet is storing the Master Private Key that is derived from the Mnemonic string and Passphrase, I don't want others to be able to look at the code and see how and what encryption was used, how the Master Private Key is saved after encryption.

Deal breaker!  Most wallets handle the encryption of sensitive data on the client side by using strong passwords.  If you can't trust your potential users to handle their own security, why would they trust your hidden code?

I have devised a way to make notes for each Private Key/Public Key/Address in such a way that each Address can be named and have notes (via editable text area) tagged to it. Again, the Address Name and Notes will be encrypted when saved, then decrypted when the User starts up the app. The Name and Notes will NOT be saved with the Master Private Key - they would be saved separately and in a different location. The only way to connect the Name and Notes to an Address would be to use the deviration path indices.

Every wallet I know of allows addresses to be labeled, this is nothing new.

I would like to know:
  • what you think makes a good software-wallet?
  • what makes a bad software-wallet?
  • what am I forgetting?
  • what am I over looking?

Good wallets are open-source, bad wallets are not.  Trust is a major issue in the crypto world, as it should be.  The only way to gain the trust of the community is to be as transparent as possible with your code.

As for features to add, one of my biggest pet-peeves about Electrum (the primary light client I use) is it's privacy issues.  To resolve them I have to run my own SPV server and connect all my devices to that server.  If I could connect Electrum directly to my instance of bitcoin core that would resolve a lot of those issues.  There are other light clients out there that do that, and I think it's starting to become a more common feature.  That's one suggestion.  Otherwise I don't see many improvements that can be made to Electrum, for example.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
August 26, 2022, 06:19:44 AM
#4
I'm pretty sure most people here would cover the security/privacy stuff, so I'm going to say that if you want to differentiate your wallet from others, beat them with UI/UX. Do your best to dumb things down for the typical non-technical person, without sacrificing security, privacy and functionality. Just add some sort of "developer mode" for the people who want custom options.
newbie
Activity: 3
Merit: 2
August 25, 2022, 11:37:12 PM
#3
@pooya87

Ok, I'll have to reconsider then.

Yes you are correct. I should have asked, what features are missing in wallets you use.
legendary
Activity: 3472
Merit: 10611
August 25, 2022, 11:08:40 PM
#2
It will be closed source
A closed source wallet also means people can't not see what "shady things" it is doing!
I wouldn't bother wasting time implementing a new wallet if it is going to be closed source.

Quote
If the wallet is storing the Master Private Key that is derived from the Mnemonic string and Passphrase, I don't want others to be able to look at the code and see how and what encryption was used, how the Master Private Key is saved after encryption.
Why not?
The best and most secure wallets like bitcoin core and Electrum are 100% open source and we can see how they encrypt things and how they store them. Why shouldn't people see the code and verify its security in your software?

Quote
what you think makes a good software-wallet?
Apart from being open source it has to offer a feature that the existing wallets don't. Something that people need too. You can start a topic asking people what features they are missing in wallets they use.
newbie
Activity: 3
Merit: 2
August 25, 2022, 10:44:55 PM
#1
Hello all,

So I am in the middle of designing a software-wallet and wanted to get some feedback and ideas.
My intent is to build and release via Google Play, Microsoft Store and Apple Store as that seems to be the only way people are able to install software on their devices today. Side-loading is an option, but most people won't be familiar with the concept. It will be offered for free but ask for donation in order to maintain and develop further functionality. To start, I plan to support Bitcoin and Ethereum only.

I intend it to be BIP-32 with the BIP-44 deviration path.
I intend the wallet to be able to import 12 to 24 word, Mnemonic strings (as well as the optional Passphrase) from other types of wallets. So the software-wallet will support "Hidden Wallets" as well as Accounts (the default is 20 accounts, each containing 20 addresses).

It will be closed source. If the wallet is storing the Master Private Key that is derived from the Mnemonic string and Passphrase, I don't want others to be able to look at the code and see how and what encryption was used, how the Master Private Key is saved after encryption.

I have devised a way to make notes for each Private Key/Public Key/Address in such a way that each Address can be named and have notes (via editable text area) tagged to it. Again, the Address Name and Notes will be encrypted when saved, then decrypted when the User starts up the app. The Name and Notes will NOT be saved with the Master Private Key - they would be saved separately and in a different location. The only way to connect the Name and Notes to an Address would be to use the deviration path indices.

I would like to know:
  • what you think makes a good software-wallet?
  • what makes a bad software-wallet?
  • what am I forgetting?
  • what am I over looking?
Jump to: