SCF #11
Zig3v2
by

Easy, Fast & Secure Stellar Biometric Account Creation, Storage and Signing wallet protocol

Awarded
Budget request:
$
2500
*
WebsiteCode

Project Stage

Development

Category

Tools

Based in

United Kingdom and Pakistan

Team size

1

Active since

2021
Products & Services

The Zig3v2 project has clear objectives in mind: Reduce cognitive complexity to enter the Stellar ecosystem by providing a secure way to create accounts, sign for Stellar transactions, all with a touch of the thumb or a snap shot of the face via biometrics, without having to install a browser extension or download an app. We believe this facility for the 1 stellar community would be great for low value transactions and a move to a new Decentralised Standard.

  • Create a wallet to provide the easiest way to create accounts, sign transactions and Store keys securely on users device to ensure decentralisation
  • Ensure the wallet incorporates multiple login/signing popular options such as Albedo, Freighter, Rabet, Ledger and Trezor.
  • Provide Sep24 payment flows to ensure Stellar Anchor interoperability
  • Allow simple send and receive features within the wallet session time
  • Integrate Stellar swap functionality such as those features in the Albedo, LumenSwap and Xbull wallet


The Problem

To use the Stellar network, a user needs to create an account on stellar, fund it via buying XLM to activate it. Then there are 3 main choices.

  • Install a browser extension
  • Use their private key directly on the website where they wish to spend their assets.
  • Or a hard cold storage type wallet.


Numerous people will find this off putting that he cost of a hard cold storage wallet. And Simply because those people doing so, many find the concept of installing a browser extension can be annoying or even in some cases too complex e.g. Most users would find this user experience to be too time consuming and overly challenging. 2 It’s a time consuming and laborious tasks as mentioned, that can lead to users like mum and dad or even Granny and Grandad excluding them selves from the stellar experience.


In any-case, “Enter your password to complete this login” is well understood by most. The only way to implement this login otherwise today is to use the private key directly on the website that generates the transaction, but users can’t be certain of what the website will actually do with their private keys.

  • Storing users keys securely on their own devices.
  • Enabling users to access their keys for login or signing with finger or face biometrics
  • Ensuring users don’t even need to copy paste keys potentially losing them by accident.
  • And utilities The Simple sign open source widget for complete online protection.
No items found.
Previous Project(s)
No items found.
Progress so far
Goals
  • We plan to gain access to the Stellar community with a stamp of approval by winning funding for our project from SCF. Zig3v2’s first step is to have a stable version of the Wallet for all platforms (Android, iOS, Chrome, Firefox, Opera and Edge). 

  • We will launch a secure web dapp that supports displaying all types of operations in a transaction i.e sep24 payments, swap assets etc,Zig3 v2 will allow users to sign for it using a private keys with biometric stored securely on the users device; that never leaves the users device and the widgets domain.
To get there, we request a budget of  
$
2500
*
  to:
  • We set our budget in stages or milestone by obtain quotes from a number of freelancers , once we have assessed whether the freelancer is a good fit- Then we will purchase their services. We have a set budget to achieve the first stage of the project which is a complete working version of Zig3 V2 wallet dapp for the front end User
  • Once we have completed the production of Zig3 v2 we will assess a budget for the backend developer Zig3 api for other features like a Swap, Market Place and AMM etc.
Additional information

Our Aim for the Zig3v2 wallet

The main issues are; people simply enter their private key into a website, but at the same time exposes them to a security problem. What if the website is malicious? It could then use their private keys to perform unwanted transactions. The the other option is this laborious task of browsers extensions or additional apps on mobile. Zig3V2 aims to over come both issues by providing users with secure key storage on their devices keeping keys None Custodial & Decentralised. Enabling a Fast, Easy and Seem-less way to Create accounts and sign transactions.


Simply create an account enter a name for the account and initialise the biometrics either finger or face. (Our key storage solution is that used by stellar build). Coupled with the open source solution The Simple Signer incorporated into our code we believe we’ve delivered the ultimate solution to the login issue. “(The Simple Signer is a simple, yet secure approach that tackles this problem. Hosted in a trusted website, the Simple Signer 3 comes in the form of an HTML widget that takes a transaction and offers the user to sign it inside the widget using their private key. The Widget will then return the signed transaction to the requesting website, never exposing the user’s private key)”.


The Zig3v2 will be open-source to ensure transparency and audibility. Into the Future: Help devs create secure Stellar applications faster The Zig3v2 wallet is a great entry point for crypto newbies to get started with the Stellar network; For the tech-savvy, it is no suitable replacement for browser extensions. Browser extensions are still extremely convenient as they allow multi-account handling and other advanced functions which are outside of the scope of this project (such as providing liquidity directly from the extension, as is the case with Albedo).


Technical details

Well we’ve attempted to do the what many said we couldn’t do. We used the biometric standard for online web based login webauthn ( https://webauthn.io ) js repo changes and according to Saad changed the registry to allow stellar keys to be used on login and signing transactions.


We then combined this and used the stellar build code (https://developers.stellar.org/docs/building-apps/basic-wallet) to store the keys on users devices, We are in the process of implementing the Simple signer “In its simplest form, by using an that serves the Widget in a bespoke domain, the parent website cannot access its content or modify it1 as the communication happens from child to parent, meaning the Simple Signer Widget can communicate with the parent, but not vice-versa. The HTML Widget would take an XDR as a GET parameter, exactly like Stellar Laboratory `https://laboratory.stellar.org/#txsigner<!--EndFragment--> </body> </html>

Pitch deck
No items found.
Deliverables
First Deliverable
Links:

Team

Nathaniel Denny / Nathan for short (NathanofZion#3631)

Founder of Zioncoin, Zig3 Bio

  • https://github.com/nathanofzion
  • https://mobile.twitter.com/zioncoins
  • https://keybase.io/nathanofzion
  • https://www.linkedin.com/in/nathan-ofzion-36142a19a
  • https://youtube.com/channel/UCd2cyzrV_GQePldQbJiRO2Q


SAAD UI HASSAN

LEAD DEV

  • https://github.com/SaadUlHassan