We are building a secure mobile wallet system called AirGap
AirGap.it is a wallet solution, allowing the secure storage of secrets on a mobile phone with an approach of two mobile apps. Depending on the security needed these apps can be installed on separate devices or on the same device.
To get the highest security, the AirGap Vault application is installed on a dedicated or old smartphone, which will never be connected to any network again. With the enhanced entropy concept that adds video, audio, accelerator and touch data to the entropy seed alongside the device’s pre-shipped secure random generator it is possible to generate a cryptographically secure seed used for the secret generation on that very same device. This secret never leaves the device it was generated on. The private key is saved in the secure enclave of the mobile device and needs multi-step biometric authentication every time it is accessed to perform cryptographic primitives.
AirGap Wallet on the other hand will be installed on a user’s everyday phone. With this app, users can manage their portfolio of wallets and their valuations. AirGap Wallet deals only with publicly available information as opposed to AirGap Vault, which handles the private key.
How does a transaction work? Detailed step by step guide.
- Users can create a new transaction with an address, amount and a fee in AirGap Wallet.
- A QR code with this transaction is generated.
- This QR code is scanned with AirGap Vault, ensuring one-way communication only with QR codes.
- To sign the transaction the secure enclave is accessed with biometric authentication.
- The signed transaction is displayed in a QR code.
- The QR code is scanned by AirGap Wallet and broadcasted to the blockchain.
What if I want to manage smaller amounts?
AirGap Vault and AirGap Wallet can also be installed on the same device. In this case, the communication between the two apps works with app switching through an URL scheme. This allows the two apps to be entirely encapsulated, which is crucial: For example, AirGap Vault does not have any network permissions and thus is unable to send information out over the network, guaranteed by the operating systems sandboxing.
Which coins and token do you support?
Currently we support the Aeternity (AE) ERC20 Token, Ethereum and Bitcoin. We plan to extend this list in the future. These are all managed by the same private key/mnemonic secret.
Submitted August 07, 2018 at 04:40AM }
via reddit https://ift.tt/2KALoCm