dfinity / oisy-wallet Goto Github PK

View Code? Open in Web Editor NEW

69.0 7.0 8.0 5.71 MB

A browser-based, multi-chain wallet hosted on the Internet Computer

Home Page: https://oisy.com

License: Apache License 2.0

JavaScript 5.44% Shell 2.70% Rust 7.71% HTML 0.70% TypeScript 44.29% Svelte 37.26% SCSS 1.71% Dockerfile 0.18%

blockchain ethereum internet-computer wallet erc20 bitcoin

oisy-wallet's Introduction

What is the Oisy Wallet

The Oisy Wallet is a technology demonstrator that shows how one can build a multichain wallet using Internet Computer Protocol (ICP) technology. For now, it demonstrates how to manage Ethereum and ERC20 assets, but its architecture and the underlying ICP technology is extendable to to many other tokens including Bitcoin and IC-native tokens. The name OISy Wallet derives from Open Internet Service Wallet.

We invite you to take Oisy for a test drive at oisy.com, explore the code in this repository, and the underlying ICP chain-key technology. At this point, the project is still work in progress and it is not yet recommended to manage assets of significant value, see the disclaimer below.

Features

The Oisy Wallet provides a convenient user experience known from custodial wallets but without their strong trust assumptions. In contrast to the latter, Oisy provides trust assumptions comparable to self-custody solutions. Different from self-custody wallets though, Oisy requires no browser extensions or additional mobile app, a standard off-the-shelf web browser is sufficient. In conclusion, Oisy provides an attractive user experience, i.e., a low entry barrier, yet requires no strong trust assumptions.

Building on ICP, Oisy achieves a very unique set of features:

Browser-based: no matter your browser and operating system preferences, Oisy allows you to receive, hold, and send native ETH and ERC-20 tokens on Ethereum. Currently, the list of ERC-20 tokens is hardcoded but it can easily be extended.
Cross-device: due to the use of Internet Identity, Oisy can easily be used across all devices you have linked to your Internet Identity.
Networked-custody: the key controlling your multichain assets is not controlled by a single entity nor has it ever existed as such. The key was generated using advanced cryptography that distributed key-shares among dedicated ICP replica nodes and signatures are created using threshold ECDSA.
Fully on-chain: not only the keys but the entire wallet application is stored on chain and served directly into users’ browsers from the chain. Therefore the entire wallet is secured by a decentralized trust model and it is guaranteed that the entire wallet has not been tampered with.
Interoperable: Oisy integrates with the WalletConnect protocol allowing you to use Oisy as a wallet for many established web3 services, such as Uniswap. Moreover, a Metamask integration demonstrates how other wallets can transfer assets to the Oisy wallet.
Free to use and develop: Oisy is open-source software and licensed under Apache 2.0. Feel free to fork it or propose improvements.

ICP building blocks used

What are the unique ICP technical building blocks enabling the creation of Oisy?

Chain-key signatures: the world's best threshold ECDSA signature protocol suite (only available on ICP) enables smart contracts to perform cryptographic signatures without a single entity having full access to the private key. Read more about chain-key cryptography or start building based on chain-key signature sample code.
Internet Identity (II): based on ICP's threshold BLS signature schemes and WebAuthn, Internet Identity (II) is an authentication and key management system with strong privacy and security guarantees. Using WebAuthn, users can conveniently create secure sessions with their fingerprint or other biometric identifiers. Read more about Internet Identity technology or start integrating II into your canister smart contract.
Web applications served from chain: ICP is not only designed to run backends, such as ledgers, on chain, its low storage cost and low latency allow it to serve frontends, such as HTML files and images, from chain, too. Read more about smart contracts serving web applications or directly start building your first decentralized web frontend.
(Upcoming) HTTP outcalls: for now, Oisy calls centralized Ethereum endpoints, such as Infura or Alchemy, from the frontend. In the future, Oisy might be improved to use HTTP outcalls to call these endpoints in a decentralized fashion. Check out the HTTP outcalls sample code to explore how to use Web 2.0 services on ICP.

Related projects

While Oisy is intended as showcase of what the ICP technology is capable of, a number of products already build on it and demonstrate the multichain and decentralized custody capabilities of ICP. Examples include the Me wallet by AstroX, the NFID wallet, and Helix Markets which is a next-gen DEX.

Status

This project is not ready for production use and for now meant to serve as technology demonstrator. We are happy to answer questions if they are raised as issues in this github repo.

Build and run yourself

Prerequisites

Install the IC SDK.

Start the local replica

Open a new terminal window in the project directory, and run the following command to start the local replica. The replica will not start unless dfx.json exists in the current directory.

dfx start --background

When you're done with development, or you're switching to a different dfx project, running

dfx stop

from the project directory will stop the local replica.

Run Oisy locally

Make sure you switch back to the project root directory.

First, install the frontend dependencies by running

npm ci

To build and deploy the project locally, first create a .env.development file by copying the .env.example file. Once you've correctly set the api keys for all the different services that Oisy needs, then run:

npm run deploy

It should output something like the following

...
Deployed canisters.
URLs:
  Frontend canister via browser
    frontend: http://127.0.0.1:4943/?canisterId=br5f7-7uaaa-aaaaa-qaaca-cai
  Backend canister via Candid interface:
    backend: http://127.0.0.1:4943/?canisterId=bd3sg-teaaa-aaaaa-qaaba-cai&id=bkyz2-fmaaa-aaaaa-qaaaq-cai
    internet_identity: http://127.0.0.1:4943/?canisterId=bd3sg-teaaa-aaaaa-qaaba-cai&id=be2us-64aaa-aaaaa-qaabq-cai

Click on the frontend URL to access the Oisy Wallet that is running locally.

Local development

See HACKING

Backend

The backend is written in Rust and you can find it under the backend folder. It uses the tECDSA API provided by IC. To find out more about tECDSA, you can read the Eurocrypt 2022 paper.

If you want to locally deploy the backend only, you use the following command

./scripts/deploy.backend.sh

Frontend

The frontend is written entirely in Svelte. You can serve the frontend in development mode like you normally develop a svelte app using the command

npm run dev

oisy-wallet's People

Contributors

Stargazers

Watchers

Forkers

icwizardmonke nnsdao tuminfei waldmatias symulacr omahs crazeteam

oisy-wallet's Issues

Local devevelopment issue with Wallet Connect

Wallet Connect is fine on mainnet however, locally when developing we are facing following issue when connecting as of @walletconnect/[email protected].

{context: 'core'} {context: 'core/relayer'} {context: 'core/relayer/subscription'} TypeError: this.events.off is not a function
at Ot.off (index.ts:5:16)
at EventEmitter.a2 (index.ts:5:16)
at emitOne (node-modules-polyfills:events:89:20)
at EventEmitter.emit (node-modules-polyfills:events:171:7)
at Ot.addSubscription (index.ts:5:16)
at Ot.setSubscription (index.ts:5:16)
at Ot.onSubscribe (index.ts:5:16)
at Ot.subscribe (index.ts:5:16)
at async index.ts:5:16

As a workaround we stick to @walletconnect/[email protected] for now.

Activate ICP network support

In network.constants.ts always add ICP_NETWORK to networks list
Follow-up of PRs 746 and 747 - activate "Convert ETH to ckETH" on Ethereum network

Some questions about Oisy Wallet and its distributed ECDSA signing

Hi Oisy Wallet,

Sorry for posting these questions as an issue, as there is no discussion area. Hope it is ok.

It is great to come across this wallet, as it's nature is well aligned with our vision, which is: open source, decentralized, distributed private keys.

Just have a couple of questions that need your help clarify.

What is the difference between Oisy's distributed ECDSA signing and MPC?
"distributed key-shares among dedicated ICP replica nodes", does it mean the key shares are managed by a certain group of dedicated ICP nodes? Or all the nodes within the entire network?
How does the distributed ECDSA signing code get released to the ICP nodes?

Thanks and regards,

A question about `sign_with_ecdsa`

At https://github.com/dfinity/oisy-wallet/blob/main/src/backend/src/lib.rs#L7

use ic_cdk::api::management_canister::ecdsa::{
    ecdsa_public_key, sign_with_ecdsa, EcdsaCurve, EcdsaKeyId, EcdsaPublicKeyArgument,
    SignWithEcdsaArgument,
};

Is it possible to hook up some custom calls at this point sign_with_ecdsa, so that 3rd parties can do some extra work like suspicious address scan or other security checks?

E.g. when the user want to sign a transaction by calling sign_with_ecdsa, if there are some hooks exist, they would do security checks for the transaction, and sign_with_ecdsa only proceeds after they pass.

Thanks and regards

Is it feasible to build a keyless wallet on ICP?

Hi folks,

Would need your help and advice on the following proposal to see if it is technically feasible, thanks.

We are trying to build a keyless crypto wallet which works as follows:

The user does not need to manage private keys or seed phrase. The user just can access the wallet using his Web2 credentials (e.g. Google / Twitter accounts).
The assets in the wallet are further protected by MFA, say someone steals the user's Web2 credentials and tried to drain the wallet, it would kick off MFA (e.g. a SMS verification process would kick in).

My assumptions:

a. In order to achieve 1., the ICP protocol would need some programmable access conditions set up for the wallet, so that once the user is proven to have the correct Web2 credentials, he would be granted access to the wallet, and is able to retrieve key shares and perform tx signing aggregation.

b. In order to achieve 2., the ICP protocol would need to have some hooks / integration points in the architecture, such as pre-signing hook, for third-parties to hook up their services into.

c. In order to retrieve and aggregate key shares, the user would need an EOA (private key) to be able to invoke the smart contracts, are there options (e.g. AA) to make keyless possible?