#644 Jade Wallet - a MPC-based wallet app
Self-introduction
We primarily focus on providing institutional investors with crypto assets self-custody solution. Jade Wallet uses multi-party computation (MPC) and threshold signature scheme technology to upgrade the crypto assets management to multi-person authorization mode, thus cryptographically eliminating the underlying danger of exposing private keys at any single point.
Jade Wallet has supported Bitcoin and Ethereum (including ERC20 tokens & DApps). With our clients’ enthusiasm for Polkadot&Kusama and the lack of product in market being able to meet their certain needs(including Parity Signer, PolkaWallet and Ledger Nano S/X), we are excited to support both chains and invite them to participate in the ecosystem soon.
Problem statement
There are certain pain points for the institutional investors regarding Polkadot & Kusama:
- Multi-person authorization. As a rule, institutional investors need a mechanism to authorize each transaction. They can use the multi-sig smart contract developed by Gnosis Safe to manage assets on Ethereum and use Copay to create a Bitcoin multi-sig account. Although multi-sig accounts are natively supported on Polkadot/Kusama, institutional investors still need a mature and expandable solution with better experience.
- Transaction review. For those who pay great attention to security, a mobile phone in airplane mode with Parity Signer installed for signing transactions can be a good choice. However, Parity Signer does not parse the QR code generated by Polkadot/Substrate Portal into readable information. What happens if the QRcode is hacked? How to assume responsibility for loss if there was no chance to review the transaction?
- Key management. How to backup the key in multi-person mode? How to prevent private keys or mnemonic phrases from leaking? Are software wallets safe enough? The key management should be decentralized and no one is supposed to know the actual private key
Solutions by Jade Wallet
-
Multi-person authorization <-> MPC-based threshold signature scheme is based on cryptography and is not limited to specific blockchain. This offers Jade Wallet the ability similar to Multi-signature with better privacy and expandability. After a wallet member initiates a transaction, a session needs to be created to sign the transaction. To create the signing session, the number of online members should meet the threshold. The experience of signing is just like participating in a ZOOM meeting. A demo video for using Jade Wallet to transfer eth: https://youtu.be/im4q8hLPpss
-
Transaction review <-> During the signing session, members must review and confirm the transaction information again before signing. The information is parsed from the raw hash of the built but unsigned transaction, which known as WYSIWYS.
In cryptography, What You See Is What You Sign (WYSIWYS) is a property of digital signature systems that ensures the semantic content of signed messages can not be changed, either by accident or intent. — Wikipedia
- Key management <-> Instead of storing private keys or mnemonic phrases, each member only needs to keep his own “Key Share” that is generated by MPC protocol during the wallet creation. We designed a simple and elegant way to backup and restore shares that can be completed in just a few clicks. After the share is successfully generated, a high strength password (EncKey) is randomly generated in the App to encrypt the share. EncKey will be backed up to the member’s own iCloud Drive, while the encrypted copy of the share will be uploaded to the Jade Wallet server and sent to the member via email.
For further details, if you are interested in Jade Wallet, please have a look at our treasury proposal.
Show More
MPC is amazing
@@jadewallet thank you for posting this! Are you in the Direction Channel in Element or Discord? Let me know so we can have a conversation about next steps.
Adding a couple of questions here:
- is your wallet open source?
- what is the KSM rate you are using to calculate the cost for the milestones?
- Are you planning to support other parts of the relay chain functionalities? (staking, democracy participation, etc).
@rrtti-5220 Thanks. I have join the Direction Channel in Element after I saw your post.
is your wallet open source?
There is a close source statement in proposal: Our services are based on B2B (business-to-business).Due to security reasons, Jade Wallet is not open-source. However, repositories of some components wil be available on Github.
what is the KSM rate you are using to calculate the cost for the milestones?
400 usdt
Are you planning to support other parts of the relay chain functionalities? (staking, democracy participation, etc).
Yes. In proposal, we listed 3 stages. We will support scan and parse the QRcode generated by Polkadot/Substrate Portal first, so users can access any function supported by Polkadot/Substrate Portal. In Stage 2, we are plan to integrate staking and democracy participation in app.
Business process wise there is definitely a need for this.
Cryptographically speaking and from a compliance perspective, this is not the way to approach this use case.
I'm happy to discuss further and support continued work on this topic.
Could you please explain more about "Cryptographically speaking and from a compliance perspective"?
It is great to have MPC as an alternative to the multi-sig wallet. About the QR code parsing part, I assume several teams are working on the same topic like Fearless wallet, maybe some duplicated work could be avoided here. In addition, once Internet Connection is enabled in the app, probably parsing the QR from multi-sources could prevent a single-point failure.
@hanwen Thank you. Maybe we can work with Fearless wallet team:) Further more, parsing QR code is to achieve WYSIWYS.
MPC can be a very meaningful technical element for Polkadot. In the end, there will only be one signature on the chain, which saves transaction costs and more efficiency compared with multi-account multi-signature. MPC Account is as same as single private key account, also with nonce and direct extrinsic(call), and make outside systems more easy to parse the extrinsics. most exchange don't support multi-signature tx or proxied tx right now, because of complex nested calls.
"Polkadot Signing Standard" is more about creating a signing library to facilitate related works, it is in progress. Also feel free to join mobile app discussion here and meet other teams: https://app.element.io/#/room/#substrateappsdev:matrix.org
Hi
Thanks for the info in your proposal. Can you give me more info on the below points, apologies if provided and I missed it.
-
Can you provide more detail on the costing. The costing seems high in comparison to what is being delivered. From my understanding is the solution exists and you just extending your solution to include Kusama.
-
Will stage 2 and stage 3 in future plans also be another 160 KSM? Any reason you did not add stage 2 and stage 3 as milestones for now? Helps to see total cost.
-
I assume you will not be asking for maintenance costs, can you confirm? Can you confirm how your business model works to keep this product working?
-
Can you share some on stats, how many daily/monthly active users, size of your customers. My worry is that the amount requested is high but the amount of users that will use this might be very niche, from my understanding it will not be for the broader Kusama community but a very niche user persona.
Thanks.
- The cost was compared to other projects have been approved like PolkaWallet, Fearless Wallet. Maybe we misunderstand it. Please give your suggestions.
- This proposal is only for Stage 1. We are not plan to submit other proposals, cause we think a grant is some kind of honour or proof. Altough future plans are not determinate, we will provide services based on users' needs continually.
- Yes, no maintenance costs. Our company founded in 2017 provides B2B custody services for well-known institutions such as Math Wallet and HashQuark.
- As metioned above, our main clients are institutions. Jade Wallet aims to be the portal for institutional investors into the Polkadot & Kusama ecosystem. For now, the DAU is less than 30.
Thanks.
Hi
Thanks for the info.
Polkawallet and Fearless wallet were complete new wallets built from scratch and will have DAU much larger. These were not extensions of an existing product but full feature products built specifically for Polkadot/Kusama community. If memory serves me correctly they are also open source wallets.
Hence why I say your cost may be a bit high when looking at
- what is being delivered
- how many end users may benefit from it
- closed source, does not mean we wont support closed source. But due to closed source I would expect the funding to be less as it will not benefit the broader builders in substrate ecosystem
My suggestions would be to review the costs with a cost vs benefit for the Kusama community
Hi @shez---staking4all I see. And I will deliver your suggestions to our team. Thanks.
@shez---staking4all the cost updated link
Discover similar proposals
