View All Discussion

Speck Wallet - A new user-friendly wallet extension for the Polkadot ecosystem

droidsize
4 years ago

Speck wallet is a user-friendly web extension that will allow Kusama and Polkadot users to interact with their respective networks within the following browsers: Chrome, Firefox, Safari and Brave. The extension would come with the following features:

  • Sending and receiving funds
  • Address book
  • Multi-wallet support - with the goal of having a single wallet focused UI
  • Realtime fiat balance with multiple fiat currency options
  • Access management for apps using the extension
  • Developer documentation for integrating the extension
  • Built in support for staking
  • Hardware wallet support
  • And much more…

You can take a look at the full proposal here

The extension would start with supporting both Kusama and Polkadot networks with the option of extending it to other networks at a later stage.

The proposal would consist of 3 milestones with each milestone being an on-chain submission. The milestone payments would alternate between Kusama and Polkadot with Kusama being the first one.

We would love to hear your feedback and get your thoughts around the project. Feel free to leave a comment below, or reach out via email, anytime.

Update: Design for the speck wallet: https://www.figma.com/file/vdujSQXMznAhR8sopOQMfr/Speckle-Wallet?node-id=0%3A1&t=azE2v4QRfKQ9T8Zk-0

Comments (5)

4 years ago

Hello,

I would like to ask a few questions and I think those points should be made clear in the proposal.

  • how do you plan maintenance: keeping up with Jaco's pace is no simple story and the extension will need frequent updates to keep up. Do you plan on requesting more funding to keep the extension Ad and Referral free ? Or do you plan on going the Ad / Referral route ?
  • do you plan a dark theme ? :)
  • In your proposal, the solution to garanty a good security is to encrypt the secret with a user password. I think you could extend on the topic.
  • Do you plan on supporting the Parity Signer as well ? You mention "hardware wallet support" without much details.
  • in a wallet project, I think it would be good to include some auditing or testing solely dedicated to the security aspects. You mention that the project will be open source and you welcome external help but this is a rather weak plan to ensure security.
  • Why restricting to Polkadot and Kusama only ? And not including at least testnets such as Westend ?
  • Could you mention the licensing scheme you are planning ?

Checking out the proposal, I see:

  • Sending and receiving funds
  • Address book
  • Multi-wallet support - with the goal of having a single wallet focused UI
  • Realtime fiat balance with multiple fiat currency options
  • Access management for apps using the extension
  • Developer documentation for integrating the extension
  • Built in support for staking
  • Hardware wallet support
  • And much more…

However, a big part is not part of the milestones. So it appears that the deliverable for 200K are:

  • Sending and receiving funds
  • Address book
  • Multi-wallet support - with the goal of having a single wallet focused UI
  • Realtime fiat balance with multiple fiat currency options
  • Access management for apps using the extension
  • Developer documentation for integrating the extension

Which does not bring much compared to the current extension beside seeing the balances while being restricted to Polkadot and Kusama.

4 years ago

Hey @chevdor

Thanks for all the questions. The following points should answers all of the points you've raised and we will make sure we also update the document accordingly based on these discussions.

how do you plan maintenance: keeping up with Jaco's pace is no simple story and the extension will need frequent updates to keep up. Do you plan on requesting more funding to keep the extension Ad and Referral free ? Or do you plan on going the Ad / Referral route

I've just added a section for maintenance in the document that goes over the entire aspect of maintenance. I would just like to iterate those points here.

  • Bugs and vulnerabilities: The main goal of maintenance would revolve around looking out for bugs and various vulnerabilities that the community might stumble upon.

  • Keeping up with the core extension: Since we would be building on top of the current extension, we have to be quite proactive in getting all the core changes in polkadot extension and including them into this extension.

  • Feature requests: Since this project would be built in an open environment, feature requests are something that’s bound to happen. We will keep a track of those requests and implement them based on community requests.

  • Upgrades: Fast moving technologies also come with a lot of changes both in terms of the libraries we use as well as the protocols we build upon. Regular upgrades to those would be critical in keeping the longevity of the project.

As you said to keep the extension ad free would require sourcing funds that can help us keep up with maintenance. We plan on doing a quarterly cycle to ask for funding from the treasury.

do you plan a dark theme ? :)

We didn't think of this but it seems like a really good idea, and since we are building a design system adding a flow for a dark theme shouldn't be too cumbersome.

In your proposal, the solution to garanty a good security is to encrypt the secret with a user password. I think you could extend on the topic.

The way we would approach this is based on a keyring model that's used in the metamask wallet. Instead of me explaining and essentially plagiarising the whole thing, you can take a look at this example that provides a good explanation of this.

Do you plan on supporting the Parity Signer as well ? You mention "hardware wallet support" without much details.

We are basing our hardware wallet support on the current extension. Parity Signer would require some additional support so we'll have to add it to our backlog.

in a wallet project, I think it would be good to include some auditing or testing solely dedicated to the security aspects. You mention that the project will be open source and you welcome external help but this is a rather weak plan to ensure security.

We wanted to get started with building the extension with a basic set of security in mind. These revolve mostly around generic security measures like click jacking and xss that happen in chrome extensions. Once we have some traction and by that I mean a few beta users, we'll move to either an external agency or hire someone who can audit the extension from a security standpoint. I am more than happy to discuss if there is something that you'll like to expand on.

Why restricting to Polkadot and Kusama only ? And not including at least testnets such as Westend ?

We should've been more clear about this, we would have both Rococo and Westend in the list of options. I'll add this in the document too. For other networks, we wanted to get started with Polkadot and Kusama first since it would keep the issues limited while we built and tested the extension. Once we have something more battle-tested we'd open up for other networks.

Could you mention the licensing scheme you are planning ?

We would be going for an Apache License, same as the current polkadot extension.

For the things that are included in the current milestones, we would add hardware wallet in the milestones too. Apart from that the costing also including building the website and the documentation website along with. The only thing that's not there is staking, which requires a good amount of effort from what I can envision.

Do let me know if you want me to expand on any of the points I mentioned. I'll also be updating the document to include the changes I mentioned here so that there is no discrepancy.

PleaseLogin to comment