From d96030c31786b017912269c45a9aca1b9d80e5bb Mon Sep 17 00:00:00 2001 From: fmelp Date: Mon, 27 Feb 2023 16:44:25 -0500 Subject: [PATCH 1/8] test --- test.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 test.md diff --git a/test.md b/test.md new file mode 100644 index 0000000..e69de29 From 88d62068514a31b7a7bac4b20411d3ae61d362a5 Mon Sep 17 00:00:00 2001 From: fmelp Date: Mon, 27 Feb 2023 16:56:57 -0500 Subject: [PATCH 2/8] 18 started --- kip-0018.md | 312 ++++++++++++++++++++++++++++++++++++++++++++++++++++ test.md | 0 2 files changed, 312 insertions(+) create mode 100644 kip-0018.md delete mode 100644 test.md diff --git a/kip-0018.md b/kip-0018.md new file mode 100644 index 0000000..1344358 --- /dev/null +++ b/kip-0018.md @@ -0,0 +1,312 @@ +--- +KIP: 0018 +Title: Smart Wallet Standard +Author: Francesco Melpignano @fmelp, Randy Daal @randynamic +Status: Draft +Type: Standard +Category: Interface +Created: 2023-02-27 +--- + +# Abstract + +We propose a `smart wallet` interface with the goal of providing developers on the Kadena ecosystem with a design for a smart contract wallet that provides more features than a standard single or multi-sig EOA. + +# Motivation + +EOA wallets are limited in their functionality and are a hurdle to mainstream adoption of blockchain technology. The goal of this KIP is to finalize on a blockchain wallet design that is optimal on the UX and DX front to onboard mainstream web users. + +Competitive Landscape +- Ethereum community has engaging conversations around smart wallets, but has yet to see implementations for the following reasons: + 1. Gas fee issues -> far more expensive than using EOA + 2. Limitations of web3.js library with `connect wallet` paradigm + 3. Does not bring that many extra features over EOA +- Kadena + +The current `sign` method used by `signing-api-v1` contains a number of limitations: + +- Only a single txn can be signed at a time. This is painfully inefficient for workflows that require multi-step transactions or for transactions to occur across multiple chains +- Only `exec` transactions can be sent and signed; `cont` transactions have no means of being signed in the current api +- The response value returns a `Command` type which represents a fully-signed transaction. It does not allow for an intermediate state with a partially signed transaction. The latter is a useful workflow given that pact is multisig-native + +In addition to the above, we propose an evolution of the `SigData` type used by the pact command line tool for representing partially-signed payloads (since pact’s `Command` type can only exist as a fully signed payload), that we call `CommandSigData`. + +- The `SigData` type includes a `hash` field [https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66](https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66) . This data can also be derived from the `cmd` field of `SigData`. Imagine a scenario where a malicious dapp sends a `SigData` where the hash represents a malicious transaction, while the payload represents an unrelated transaction that the user is expecting. If the wallet does not explicitly check the hash, by recalculating, this becomes a security issue. To avoid this we force the wallet to compute the hash (by omitting it from the new `CommandSigData` structure) + +# Specification + +## Schema Sketch + +### Request +``` +{ + "commandSigDatas": [ { "cmd": string, "sigs": [ { "pubKey":string, "sig": string|null }]}] +} +``` + +### Response + +``` +{ + "responses": [{ + "commandSigData": { "cmd": string, "sigs": [ { "pubKey":string, "sig": string|null }]}, + "outcome": { "result": "success|failure|noSig", "hash|message"|null: string } } + }] +} +``` +or +``` +{ + "error": { "type": "reject|emptyList|other", "msg": string|null } +} +``` + +## **Quicksign Request** + +A quicksign request takes the form of a json-encoded payload matching the following schema: + +``` +{ + "commandSigDatas": [CommandSigData] +} +``` + +## CommandSigData + +- The "cmd" string represents a json-encoded payload type, specified here: [https://api.chainweb.com/openapi/pact.html#tag/model-payload](https://api.chainweb.com/openapi/pact.html#tag/model-payload) + - Here is an example `cmd` payload: + +``` + "{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(+ 1 2)\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\",\"clist\":[{\"args\":[],\"name\":\"coin.GAS\"}]},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"}],\"meta\":{\"creationTime\":1663085494,\"ttl\":1800,\"gasLimit\":20,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-13 16:11:34.678231 UTC\"}" +``` + +The schema for a `CommandSigData` object is: + +``` +{ + "sigs": [Signer], + "cmd": string +} +``` + +Note that this type is an evolved version of `SigData` which pact currently uses in its command-line tool: [https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66](https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66) + +## Signer + +- The `pubKey` field is a lowercase base-16 encoded public key +- The `sig` element is either a lowercase base-16 encoded signature or a null value (representing a request for signature). + +``` +{ + "pubKey": string, + "sig": string //optional; its omission represents a signature that has not yet been acquired +} +``` + +## **Quicksign Response** +``` +{ + "responses": [Response] +} +``` + +or + +``` +{ + "error": QuicksignError +} +``` + +### Response + +- The `commandSigDatas` field contains the list of requests; some of which contain new signatures attached. Even in the case of an error, it is still useful to have the ordered list of `CommandSigDatas` in the response, given that some of them will contain new signatures. + +``` +{ + "commandSigData": CommandSigData, + "outcome": Outcome +} +``` + +## Outcome + +The following are the 3 possible forms of the `Outcome` type + +- At least one signature was added + - `hash` is an unpadded Base64URL of Blake2s-256 hash of the `cmd` field value of the successfully signed `CommandSigData` + +``` +{ "result": "success", "hash": string } +``` + +- An error occurred parsing this particular `CommandSigData` + +``` +{ "result": "failure", "msg": string } +``` + +- Special case for when 0 signatures have been added to the `CommandSigData` + +``` +{ "result": "noSig" } +``` + +## **QuicksignError** + +### reject + +For when the user chooses to reject the entire request and not provide any signatures + +``` +{ + "type": "reject" +} +``` + +### emptyList + +For when the `commandSigDatas` field in the request is an empty list + +``` +{ + "type": "emptyList", +} +``` + +### other + +A catch-all value for other error cases + +``` +{ + "type": "other", + "msg": string +} +``` + +## Requests + +The signing api has traditionally been exposed via localhost port 9467. The quicksign handler will handle requests to the `/quicksign` route. + +# Examples + +### Example Requests + +A single `commandSigData` to unlock a 3-person multisig, with one signature already provided + +```json +{ + "commandSigDatas": + [ + { //Note that "sig" can either be explicitly null or omitted entirely under this spec + "sigs": + [ { + "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033" + }, + { + "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", + "sig": null + }, + { + "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", + "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" + }, + ] + "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" + } + ] +} +``` + +### Example Responses + +A single signature has been added for “d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997” + +```json + +{ + "responses": [{ + "outcome": + { + "result": "success", + "hash": "RKABKR6zLC44vunHHzycRE0JXqbwpvQXztRnzbUKKls" + }, + "commandSigData": + { + "sigs": + [ + { + "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033", + "sig": "10d3189ee55a34d0f15509c889d1a313c292c1b419244ae2938dd745ab887a45e34183e577ed0ab61fd0c76e8e957922fc467a21ab6d074aa3aa3e742a10390d" + }, + { + "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", + }, + { + "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", + "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" + }, + ] + "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" + } + }] +} +``` + +Alternatively, here is a response where no signature was added to the single commandSigData + +```json + +{ + "responses": [{ + "outcome": + { + "result": "noSig", + }, + "commandSigData": + { + "sigs": + [ { + "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033" + }, + { + "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", + "sig": null + }, + { + "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", + "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" + }, + ] + "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" + } + }] +} +``` + +Alternatively, the user may indicate to the wallet that they do not approve of the signature: + +```json +{ + "error": + { + "type": "reject" + } +} +``` + +# **Backwards Compatibility** + +- This is an addition to the signing-api and as such, the `sign` method is still supported. + +# **References** + +- [https://github.com/kadena-io/signing-api/tree/2a1ad53860d68008a826814f4ff1494d79244da7](https://github.com/kadena-io/signing-api/tree/2a1ad53860d68008a826814f4ff1494d79244da7) + +# Potential next steps + +- Quicksign implementation on-top of the Wallet-Connect v2 sign protocol +- Kadena.js implementation +- A quicksign-ui specification for detailing exactly how a wallet should display the many requests in a digestible manner for the user +- A “dynamic” version that allows a user to select gas prices for each transaction. Alternatively, it will be up to the dapp to do this, and we need to provide an easy/pluggable framework that makes it easy for dapps to control this interaction with the user. diff --git a/test.md b/test.md deleted file mode 100644 index e69de29..0000000 From e672a6d024daf624c317b3c7a88a5242614693e2 Mon Sep 17 00:00:00 2001 From: fmelp Date: Mon, 27 Feb 2023 17:54:07 -0500 Subject: [PATCH 3/8] KIP-0018 smart wallet draft --- kip-0018.md | 774 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 503 insertions(+), 271 deletions(-) diff --git a/kip-0018.md b/kip-0018.md index 1344358..bb83b5e 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -10,303 +10,535 @@ Created: 2023-02-27 # Abstract -We propose a `smart wallet` interface with the goal of providing developers on the Kadena ecosystem with a design for a smart contract wallet that provides more features than a standard single or multi-sig EOA. +We propose a `smart wallet` interface with the goal of providing developers on the Kadena ecosystem with a design for a smart contract wallet that provides more features than a standard single or multi-sig EOA (externally owned account). # Motivation -EOA wallets are limited in their functionality and are a hurdle to mainstream adoption of blockchain technology. The goal of this KIP is to finalize on a blockchain wallet design that is optimal on the UX and DX front to onboard mainstream web users. +EOA wallets are limited in their functionality and are a hurdle to mainstream adoption of blockchain technology. The goal of this KIP is to propose a blockchain wallet design that leverages Pact smart contracts and delivers the necessary UX and DX needed to onboard mainstream web users. Competitive Landscape - Ethereum community has engaging conversations around smart wallets, but has yet to see implementations for the following reasons: 1. Gas fee issues -> far more expensive than using EOA 2. Limitations of web3.js library with `connect wallet` paradigm 3. Does not bring that many extra features over EOA -- Kadena +- Others: + 1. Industry leaders seem to want to make their stack compatible with popular wallets, such as metamask, but not fix the root of the wallet problem: bad UX and DX -The current `sign` method used by `signing-api-v1` contains a number of limitations: - -- Only a single txn can be signed at a time. This is painfully inefficient for workflows that require multi-step transactions or for transactions to occur across multiple chains -- Only `exec` transactions can be sent and signed; `cont` transactions have no means of being signed in the current api -- The response value returns a `Command` type which represents a fully-signed transaction. It does not allow for an intermediate state with a partially signed transaction. The latter is a useful workflow given that pact is multisig-native - -In addition to the above, we propose an evolution of the `SigData` type used by the pact command line tool for representing partially-signed payloads (since pact’s `Command` type can only exist as a fully signed payload), that we call `CommandSigData`. - -- The `SigData` type includes a `hash` field [https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66](https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66) . This data can also be derived from the `cmd` field of `SigData`. Imagine a scenario where a malicious dapp sends a `SigData` where the hash represents a malicious transaction, while the payload represents an unrelated transaction that the user is expecting. If the wallet does not explicitly check the hash, by recalculating, this becomes a security issue. To avoid this we force the wallet to compute the hash (by omitting it from the new `CommandSigData` structure) # Specification -## Schema Sketch - -### Request -``` -{ - "commandSigDatas": [ { "cmd": string, "sigs": [ { "pubKey":string, "sig": string|null }]}] -} -``` - -### Response - -``` -{ - "responses": [{ - "commandSigData": { "cmd": string, "sigs": [ { "pubKey":string, "sig": string|null }]}, - "outcome": { "result": "success|failure|noSig", "hash|message"|null: string } } - }] -} -``` -or -``` -{ - "error": { "type": "reject|emptyList|other", "msg": string|null } -} -``` - -## **Quicksign Request** - -A quicksign request takes the form of a json-encoded payload matching the following schema: - -``` -{ - "commandSigDatas": [CommandSigData] -} -``` - -## CommandSigData - -- The "cmd" string represents a json-encoded payload type, specified here: [https://api.chainweb.com/openapi/pact.html#tag/model-payload](https://api.chainweb.com/openapi/pact.html#tag/model-payload) - - Here is an example `cmd` payload: - -``` - "{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(+ 1 2)\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\",\"clist\":[{\"args\":[],\"name\":\"coin.GAS\"}]},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"}],\"meta\":{\"creationTime\":1663085494,\"ttl\":1800,\"gasLimit\":20,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-13 16:11:34.678231 UTC\"}" -``` - -The schema for a `CommandSigData` object is: - -``` -{ - "sigs": [Signer], - "cmd": string -} -``` - -Note that this type is an evolved version of `SigData` which pact currently uses in its command-line tool: [https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66](https://github.com/kadena-io/pact/blob/957b8bd7644cebc60d043b33f0d7ffc53c65d783/src/Pact/Types/SigData.hs#L62-L66) - -## Signer - -- The `pubKey` field is a lowercase base-16 encoded public key -- The `sig` element is either a lowercase base-16 encoded signature or a null value (representing a request for signature). - -``` -{ - "pubKey": string, - "sig": string //optional; its omission represents a signature that has not yet been acquired -} -``` - -## **Quicksign Response** -``` -{ - "responses": [Response] -} -``` - -or - -``` -{ - "error": QuicksignError -} -``` - -### Response - -- The `commandSigDatas` field contains the list of requests; some of which contain new signatures attached. Even in the case of an error, it is still useful to have the ordered list of `CommandSigDatas` in the response, given that some of them will contain new signatures. - -``` -{ - "commandSigData": CommandSigData, - "outcome": Outcome -} -``` - -## Outcome - -The following are the 3 possible forms of the `Outcome` type - -- At least one signature was added - - `hash` is an unpadded Base64URL of Blake2s-256 hash of the `cmd` field value of the successfully signed `CommandSigData` - -``` -{ "result": "success", "hash": string } -``` - -- An error occurred parsing this particular `CommandSigData` - -``` -{ "result": "failure", "msg": string } -``` - -- Special case for when 0 signatures have been added to the `CommandSigData` - -``` -{ "result": "noSig" } -``` - -## **QuicksignError** - -### reject - -For when the user chooses to reject the entire request and not provide any signatures - -``` -{ - "type": "reject" -} -``` - -### emptyList - -For when the `commandSigDatas` field in the request is an empty list - -``` -{ - "type": "emptyList", -} -``` - -### other - -A catch-all value for other error cases - -``` -{ - "type": "other", - "msg": string -} -``` - -## Requests - -The signing api has traditionally been exposed via localhost port 9467. The quicksign handler will handle requests to the `/quicksign` route. +## Acccount Usage +1. **Account Usage** + 1. Authentification → Mainstream UX + 1. No more seed phrase + 2. 2FA (sms/other) + 3. Password with email + 4. OAuth providers ([torus](https://github.com/kadena-community/torus-wallet)) + 5. WebauthN ([repo](https://github.com/kadena-io/webauthn-parsers/tree/feature/example)) + 6. Hardware keys (on user device and yubikey) + 2. Features → More than any wallet on market + 1. No gas for end user + 1. Pact gas-station built-in + 2. Multi-sig transactions + 1. owned or external accounts + 3. Predefined transaction limits (checking vs savings accounts) + 1. static ([const limit code](https://github.com/kadena-io/pact-examples/blob/smart-wallet/smart-wallets/my-smart-wallet/my-smart-wallet.pact)) + 2. dynamic ([n-key method code](https://github.com/kadena-io/pact-examples/blob/smart-wallet/smart-wallets/my-smart-wallet/n-key-wallet.pact)) + 4. Whitelist / blacklist + 1. send only to known addresses + 2. auto-deny unwanted addresses + 5. Trusted Guardians + 1. master-key concept + 2. bypass account limits + 3. seedless account recovery + 6. Bundled transactions + 1. Sign once for many tx’s + 7. Safe transfer + 1. Ensure only intended receiver gets funds + 3. Account Recovery → beyond seed phrases + 1. Device freezing and rotation + 1. think netflix multiple device approval + 2. Social Recovery + 1. include non-cryptographic recovery + 3. Centralized recovery (trusted institution) + 1. use trusted guardian / master-key concept + 4. Emergency Account management + 1. special features if devices lost / stolen / compromised +2. **On-Chain features** + 1. Automated DeFi + 1. One-stop shop to manage on-chain portfolio + 2. Can automate trading and position management + 2. NFT + 1. View all NFT status + 2. Buy / sell NFTs +3. **Off-chain features** + 1. Advanced Alerts + 1. Give users granular info about wallet activity + 2. Set up custom alerts / notifications + 2. KYC management + 1. toggle between KYC’d and anon accounts + 3. Tax management + 4. Finish cross-chain transactions + 5. Chain Abstraction + 6. WalletConnect v2 + 7. Detailed transaction history # Examples -### Example Requests - -A single `commandSigData` to unlock a 3-person multisig, with one signature already provided - -```json -{ - "commandSigDatas": - [ - { //Note that "sig" can either be explicitly null or omitted entirely under this spec - "sigs": - [ { - "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033" - }, - { - "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", - "sig": null - }, - { - "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", - "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" - }, - ] - "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" +### Smart Contract Wallet + +``` +(define-keyset 'master-keyset (read-keyset 'master-keyset)) +;(namespace 'user) +(module my-smart-wallet GOVERNANCE + @doc"'smart-wallet' provides safe transactions of Kadena coins. \ + \The accounts are guarded by the module guard, there fore GOVERNANCE \ + \of the contract will be the master key of all accounts with complete control.\ + \Accounts will each have guards that can make transfers under certain rules. \ + \When using the master key, none of these restrictions apply. " + + (defcap GOVERNANCE() + (enforce-keyset (keyset-ref-guard 'master-keyset))) + + ; -------------------------------------------------------------------------- + ; Schemas and Tables + + (defschema wallet + @doc "schema of accounts and customized guards" + guard:guard + max-withdrawal:decimal + min-balance:decimal + time-between:decimal + last-withdrawal-time:time + ) + + (deftable wallet-table:{wallet}) + + ; -------------------------------------------------------------------------- + ; Constants + + (defconst DEFAULT_MAX_WITHDRAWAL:decimal 20.0) + (defconst DEFAULT_MIN_BALANCE:decimal 20.0) + (defconst DEFAULT_TIME_BETWEEN 1800.0) + (defconst EPOCH (time "1970-01-01T00:00:00Z")) + + ; -------------------------------------------------------------------------- + ; Module Guards + + (defun wallet-module-guard:guard() + @doc "module guard of the wallet." + + (create-module-guard 'wallet-guard)) + + ;;Control with master key + + (defun rotate-guard:string (account:string new-guard:guard) + @doc "rotates the account guard" + + (enforce-guard new-guard) + (with-capability (GOVERNANCE) + (update wallet-table account { + "guard": new-guard + }) + ) + ) + + + (defun update-min-balance:string (account:string amount:decimal) + @doc "updates the minimum balance an account needs to hold" + (with-capability (GOVERNANCE) + (update wallet-table account { + "min-balance": amount + }) + ) + ) + + (defun update-max-withdrawal:string (account:string amount:decimal) + @doc "updates the maximum balance an account can transfer" + (with-capability (GOVERNANCE) + (update wallet-table account { + "max-withdrawal": amount + }) + ) + ) + + + (defun update-time-between:string (account:string time-between:time) + @doc "updates the minimum time an account has to wait between two transfers." + (with-capability (GOVERNANCE) + (update wallet-table account { + "time-between": time-between + }) + ) + ) + + ; -------------------------------------------------------------------------- + ; Capabilities + + (defcap TRANSFER:bool (account:string amount:decimal) + @doc "enforces the customized rules of the account" + (with-read wallet-table account { + "guard":= guard, + "max-withdrawal":= max-amount, + "min-balance":= min-bal, + "time-between":= time-between, + "last-withdrawal-time":= last-withdrawal-time } - ] -} -``` - -### Example Responses - -A single signature has been added for “d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997” - -```json - -{ - "responses": [{ - "outcome": - { - "result": "success", - "hash": "RKABKR6zLC44vunHHzycRE0JXqbwpvQXztRnzbUKKls" - }, - "commandSigData": - { - "sigs": - [ - { - "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033", - "sig": "10d3189ee55a34d0f15509c889d1a313c292c1b419244ae2938dd745ab887a45e34183e577ed0ab61fd0c76e8e957922fc467a21ab6d074aa3aa3e742a10390d" - }, - { - "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", - }, - { - "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", - "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" - }, - ] - "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" - } - }] -} -``` + (enforce ( >= max-amount amount) "Transfer amount is too big") + (enforce ( >= (diff-time (curr-time) last-withdrawal-time) time-between) + (format "You're transferring too many times {} {}" [time-between (diff-time (curr-time) last-withdrawal-time)])) + (let (( coin-balance:decimal (coin.get-balance account) )) + (enforce ( <= min-bal (- coin-balance amount)) (format "min bal {} and this left {}" [min-bal (- coin-balance amount)])) + ) + (enforce-guard guard) + (update wallet-table account { + "last-withdrawal-time": (curr-time) + }) + )) + + (defun transfer (account receiver amount) + @doc "Runs coin.transfer with customized rules." + (with-capability (TRANSFER account amount) + (coin.transfer account receiver amount) + ) + ) + + (defun transfer-create (account receiver receiver-guard amount) + @doc "Runs coin.transfer-create with customized rules." + (with-capability (TRANSFER account amount) + (coin.transfer-create account receiver receiver-guard amount) + ) + ) + + (defun safe-transfer (sender:string receiver:string receiver-guard:guard amount:decimal extra:decimal) + @doc "Transfer between two known accounts. The sender has to be the account from the wallet-table." + (with-capability (TRANSFER sender amount) + (coin.transfer-create sender receiver receiver-guard (+ amount extra)) + (coin.transfer receiver sender extra)) + ) + + ; -------------------------------------------------------------------------- + ; Smart Wallet Functions + + (defun create-wallet-account:string ( + account:string + guard:guard + ) + @doc "Inserts an account into the wallet table safely. The account will have default customization" + + (enforce-guard guard) + (insert wallet-table account { + "guard": guard, + "max-withdrawal": DEFAULT_MAX_WITHDRAWAL, + "min-balance": DEFAULT_MIN_BALANCE, + "time-between": DEFAULT_TIME_BETWEEN, + "last-withdrawal-time": EPOCH + }) + (coin.create-account account (wallet-module-guard)) + ) + + (defun curr-time () + (at 'block-time (chain-data)) + ) +) + + +(create-table wallet-table) +``` + +### Max Withdrwal Limit + +``` +(module max-limit-smart-wallet GOVERNANCE + @doc"'smart-wallet' provides safe transactions of Kadena coins. \ + \Users will have low-security and high-security transactions with this wallet with two keysets. \ + \Low-security keyset will be encrypted and saved by the software, while high-security keysets \ + \are entirely managed by the user. For convenient usage, users can set maximum amount of \ + \ low-security transactions and allow small transactions with low-seucrity keys. For bigger \ + \transactions, users are required to provide high-security keys" + + (use coin) + + (defcap GOVERNANCE() + (enforce false "Enforce non-upgradeability except in the case of a hard fork")) + + ; -------------------------------------------------------------------------- + ; Schemas and Tables + + (defschema wallet + low-security-guard:guard ;keyset managed by software + high-security-guard:guard ;;keyset managed by the user + max-low-security-amount:decimal;Maximum amount of transfer allowed with low-security keyset + low-security-withdrawal-time-limit:decimal + last-low-security-withdrawal-time:time + ) + + (deftable wallet-table:{wallet}) + + ; -------------------------------------------------------------------------- + ; Module Guards + + (defun wallet-module-guard:guard() + (create-module-guard 'wallet-guard)) + + ; -------------------------------------------------------------------------- + ; Capabilities + + (defcap LOW_SECURITY:bool (account) + @doc "Lookup and enforce low-security guards associated with an account" + (with-read wallet-table account { + "low-security-guard":= guard + } + (enforce-guard guard) + )) -Alternatively, here is a response where no signature was added to the single commandSigData - -```json - -{ - "responses": [{ - "outcome": - { - "result": "noSig", - }, - "commandSigData": - { - "sigs": - [ { - "pubKey": "ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033" - }, - { - "pubKey": "fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f", - "sig": null - }, - { - "pubKey": "d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997", - "sig": "a41b1c481414b0a0bac27c1f95f03d058cf1dc7ace571cf7b7a74be34e90116096dac8744adc0b94ffc16241cc87f513ea7f999802b3b6e58a1139c56881f800" - }, - ] - "cmd":"{\"networkId\":\"testnet04\",\"payload\":{\"exec\":{\"data\":null,\"code\":\"(enforce-keyset (read-keyset 'ks))\"}},\"signers\":[{\"pubKey\":\"ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},{\"pubKey\":\"fa781bdd858cd2380b5e2b654e58035f7189a6e8158686a1bb7eabb585a56e7f\"},{\"pubKey\":\"d61c2b4d8151cd0a7599790a6a905a96dc1028b5e61181e08104e60f28ad8997\"}],\"meta\":{\"creationTime\":1664393516,\"ttl\":1800,\"gasLimit\":100,\"chainId\":\"0\",\"gasPrice\":1.0e-6,\"sender\":\"k:ae18efd16cbd49e9a92552a2589ac01491b486fbcbb1e3f07980f945597e2033\"},\"nonce\":\"2022-09-28 19:31:56.965212 UTC\"}" - } - }] -} -``` + (defcap HIGH_SECURITY:bool (account) + @doc "Lookup and enforce high-security guards associated with an account" + (with-read wallet-table account { + "high-security-guard":= guard + } + (enforce-guard guard))) -Alternatively, the user may indicate to the wallet that they do not approve of the signature: + (defcap AMOUNT_CHECK:bool (account:string amount:decimal) + @doc "Lookup and enforce that the tx amount is in the range of allowed low-security tx amount" -```json -{ - "error": - { - "type": "reject" - } -} + (with-read wallet-table account { + "max-low-security-amount":= max + } + (enforce (> max amount) "Amount is bigger than maximum"))) + + (defcap TIME_CHECK:bool (account:string) + @doc "Lookup and enforce low-security guards associated with an account" + (with-read wallet-table account { + "low-security-withdrawal-time-limit":= time-limit, + "last-low-security-withdrawal-time":= last-withdrawal-time} + (enforce (>= + (diff-time (curr-time) last-withdrawal-time) + time-limit) + "Withdrawal time limit has not met" ))) + + ; -------------------------------------------------------------------------- + ; Constants + + (defconst EPOCH (time "1970-01-01T00:00:00Z")) + + ; -------------------------------------------------------------------------- + ; Smart Wallet Functions + + (defun create-wallet-account:string ( + account:string + low-security-guard:guard + high-security-guard:guard + max-low-security-amount:decimal + low-security-withdrawal-time-limit:decimal) + @doc "Create a coin account with ACCOUNT and WALLET_MODULE_GUARD in coin-table, \ + \and create a wallet account with ACCOUNT, LOW_SECURITY_GUARD, and HIGH_SECURITY_GUARD,\ + \ and MAX_LOW_SECURITY_AMOUNT " + + (enforce-guard low-security-guard) + (enforce-guard high-security-guard) + + ;;Create Account in Kadena Coin Table with Wallet Module Guard. + ;;This Prevents other contracts from tx functions of accounts created by the wallet. + (create-account account (wallet-module-guard)) + (insert wallet-table account { + "low-security-guard": low-security-guard, + "high-security-guard": high-security-guard, + "max-low-security-amount": max-low-security-amount, + "low-security-withdrawal-time-limit": low-security-withdrawal-time-limit, + "last-low-security-withdrawal-time": EPOCH + })) + + (defun low-security-transfer:string (sender:string receiver:string amount:decimal) + @doc "This function enforces that tx amount is smaller than SENDER's \ + \MAX_LOW_SECURITY_AMOUNT, and then enforces the SENDER's HIGH_SECURITY_GUARD. \ + \ If the conditions qualify, transfers AMOUNT of Kadena Coin from SENDER \ + \account to RECEIVER account." + + (with-capability (LOW_SECURITY sender) + (with-capability (TIME_CHECK sender) + (with-capability (AMOUNT_CHECK sender amount) + (transfer sender receiver amount) + (update wallet-table sender { + "last-low-security-withdrawal-time":(curr-time) + }))))) + + (defun high-security-transfer:string (sender:string receiver:string amount:decimal) + @doc "This function enforces SENDER's HIGH_SECURITY_GUARD and transfers \ + \ AMOUNT of Kadena coins from SENDER account to RECEIVER account without \ + \limit." + + (with-capability (HIGH_SECURITY sender) + (transfer sender receiver amount))) + + (defun update-max-low-security-amount:string (account:string amount:decimal) + @doc "This function enforces ACCOUNT's high-security keyset and updates \ + \ACCOUNT's max-low-security-amount to AMOUNT" + + (with-capability (HIGH_SECURITY account) + (update wallet-table account { + "max-low-security-amount": amount + }))) + + (defun update-low-security-withdrawal-time-limit:string (account:string withdrawal-time-limit:decimal) + @doc "This function enforces ACCOUNT's high-security keyset and updates \ + \ACCOUNT's low-security-withdrawal-time-limit to WITHDRAWAL_TIME_LIMIT" + + (with-capability (HIGH_SECURITY account) + (update wallet-table account { + "low-security-withdrawal-time-limit": withdrawal-time-limit + }))) + + (defun rotate-low-security-guard:string (account:string guard:guard) + @doc "This function enforces ACCOUNT's low-security-guard and presented GUARD\ + \ and replaces ACCOUNT's low-security-guard with GUARD" + + (enforce-guard guard) + (with-capability (LOW_SECURITY account) + (update wallet-table account { + "low-security-guard": guard + }))) + + (defun rotate-high-security-guard:string (account:string guard:guard) + @doc "This function enforces ACCOUNT's high-security-guard and presented GUARD \ + \ and replaces ACCOUNT's high-security-guard with GUARD" + + (enforce-guard guard) + (with-capability (HIGH_SECURITY account) + (update wallet-table account { + "high-security-guard": guard + }))) + + (defun curr-time () + (at 'block-time (chain-data)) + ) +) + +(create-table wallet-table) +``` + +### Dynamic Withdrawl Limit +``` +(define-keyset 'admin-keyset (read-keyset 'admin-keyset)) + +(module n-key-wallet 'admin-keyset + @doc"'n-key-wallet' provides safe transactions of Kadena coins. \ + \ The accounts in the wallet are guarded by a list of keys and a guardian key. \ + \ Each transfer will require n number of keys to be signed depending on the \ + \ ratio of (amount to transfer) : (total balance). For example, if an account \ + \ has a balance of 10.0 coins and guard list with 2 keys, then the transfer \ + \ of 0-5 coins will require 1 key to be signed, and the transfer of 5-10 coins \ + \ will require 2 keys to be signed. Guardian key will allow the rotation of \ + \ guard list in case some keys are lost." + + (defschema user + user:string + guards:list + guardian:guard) + + (deftable user-table:{user}) + + (defun smart-guard:bool () + @doc "Module guard" + (create-module-guard 'wallet-guard) + ) + + (defun create-smart-user (user:string guards:[guard] guardian:guard) + @doc "Create a coin account managed by customized smart wallet" + (enforce-guard guardian) + (insert user-table user { + "user": user, + "guards": guards, + "guardian": guardian + }) + (coin.create-account user (smart-guard)) + ) + + (defun smart-transfer (account receiver amount) + @doc "Runs coin.transfer with customized rules." + (enforce-signed account amount) + (coin.transfer account receiver amount)) + + (defun rotate-guards (user:string guards:[guard]) + @doc "Rotate guards of the user" + (enforce-guardian user) + (update user-table user { + "guards": guards + })) + + (defun rotate-guardian-guard (user:string guardian:guard) + @doc "Rotate guards of the user" + (enforce-guardian user) + (update user-table user { + "guardian": guardian + })) + + ;;Utility functions + (defun enforce-guardian:bool (user:string) + @doc "Enforced the guardian guard" + (enforce-guard (guardian user)) + ) + + (defun enforce-signed:bool (user amount) + @doc "Enforced customized rule to find what guards need to be signed." + (let* ( + (needed (numKeysNeeded user amount)) + (signed (numKeysSigned user))) + (enforce (<= needed signed) + (format "{} more keys need to be signed" + [(- needed signed)])))) + + (defun numKeysNeeded:integer (user:string amount:decimal) + @doc "Number of keys required to transfer amount" + (let (( + balance (total-balance user) + )) + (enforce (<= amount balance) "Insufficient balance") + (logic (numKeys user) amount balance))) + + (defun numKeysSigned:integer (user:string) + @doc "Number of keys signed" + (length + (filter + (= true) + (map (try-enforce-guard) (guards user))))) + + (defun try-enforce-guard:bool (guard:guard) + @doc "Try enforcing a guard for transfer and returns result" + (try false (enforce-guard guard))) + + (defun logic:integer (numKeys:integer amount:decimal total:decimal) + @doc "Default logic to calculate number of keys needed to transfer amount" + (ceiling (* numKeys (/ amount total)))) + + (defun numKeys (user:string) + (length (guards user))) + + (defun guards (user:string) + (at 'guards (read user-table user))) + + (defun guardian (user:string) + (at 'guardian (read user-table user))) + + (defun total-balance (user:string) + (at 'balance (coin.details user))) +) + +(create-table user-table) ``` # **Backwards Compatibility** -- This is an addition to the signing-api and as such, the `sign` method is still supported. +- No conflicts with existing tokens or other standards # **References** -- [https://github.com/kadena-io/signing-api/tree/2a1ad53860d68008a826814f4ff1494d79244da7](https://github.com/kadena-io/signing-api/tree/2a1ad53860d68008a826814f4ff1494d79244da7) +- Previous smart wallet [repo](https://github.com/kadena-io/pact-examples/tree/smart-wallet/smart-wallets) (thanks Hee Kyun!) +- Ethereum smart wallet explanations [one](https://decommas.io/blog/smart-contract-wallets-explained), [two](https://cryptotesters.com/blog/what-are-smart-contract-wallets), [three](https://blog.makerdao.com/what-are-smart-contract-wallets-and-how-can-they-benefit-defi-users/), [four](https://www.argent.xyz/learn/what-is-a-smart-contract-wallet/) -# Potential next steps +# **Potential next steps** -- Quicksign implementation on-top of the Wallet-Connect v2 sign protocol -- Kadena.js implementation -- A quicksign-ui specification for detailing exactly how a wallet should display the many requests in a digestible manner for the user -- A “dynamic” version that allows a user to select gas prices for each transaction. Alternatively, it will be up to the dapp to do this, and we need to provide an easy/pluggable framework that makes it easy for dapps to control this interaction with the user. +- Define features of smart wallet +- Define functions to implement +- Decide on interface or other method for standard +- Decide on a single smart contract or one-contract-per-wallet paradigm From 89797132ed9d66a884a0d8bb440492e16630ea54 Mon Sep 17 00:00:00 2001 From: fmelp Date: Tue, 28 Feb 2023 11:03:26 -0500 Subject: [PATCH 4/8] added use-cases --- kip-0018.md | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/kip-0018.md b/kip-0018.md index bb83b5e..a728bb5 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -12,11 +12,31 @@ Created: 2023-02-27 We propose a `smart wallet` interface with the goal of providing developers on the Kadena ecosystem with a design for a smart contract wallet that provides more features than a standard single or multi-sig EOA (externally owned account). + # Motivation EOA wallets are limited in their functionality and are a hurdle to mainstream adoption of blockchain technology. The goal of this KIP is to propose a blockchain wallet design that leverages Pact smart contracts and delivers the necessary UX and DX needed to onboard mainstream web users. -Competitive Landscape + +## Use-cases + +- Increase account recovery options with concept of a master key + 1. use a traditional seed phrase + 2. rely on a centralized and regulatated custodian -- such as a bank or government entity + 3. use social recovery -- a multi-sig keyset that could contain keys from friends and family or unused devices + 4. use autheticator apps or password managers +- Create familiar experiences, such as the banking app concept of a savings vs checking account + 1. less secure (webauthN) key can only identify account, but not spend tokens (all non-financial usecases) + 2. less secure (webauthN) key can only spend x tokens / day + 3. spending more than x tokens per day would need signing from multiple devices (phone, watch, laptop) + 4. spending all your balance would need a signature from the master key +- KYC platform + 1. Make it easier to identify KYC'd accounts for protocols that require it +- No-blockhain expereince + 1. use gas-stations funded at wallet creation to abstract away concept of gas for end users + 2. have users use a blockchain without knowing and without understanding any underlying tech concepts + +## Competitive Landscape - Ethereum community has engaging conversations around smart wallets, but has yet to see implementations for the following reasons: 1. Gas fee issues -> far more expensive than using EOA 2. Limitations of web3.js library with `connect wallet` paradigm @@ -529,7 +549,8 @@ Competitive Landscape # **Backwards Compatibility** -- No conflicts with existing tokens or other standards +- Need to figure out best practices to add tokens to a module-guard that is not just native KDA +- How to integrate into systems that expect users to have a convenctional `k:` account # **References** From 204f749783adb7e16e51ba6c119732e69d78bfbc Mon Sep 17 00:00:00 2001 From: fmelp Date: Tue, 28 Feb 2023 11:09:45 -0500 Subject: [PATCH 5/8] added use-cases #2 --- kip-0018.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kip-0018.md b/kip-0018.md index a728bb5..8a76129 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -24,7 +24,8 @@ EOA wallets are limited in their functionality and are a hurdle to mainstream ad 1. use a traditional seed phrase 2. rely on a centralized and regulatated custodian -- such as a bank or government entity 3. use social recovery -- a multi-sig keyset that could contain keys from friends and family or unused devices - 4. use autheticator apps or password managers + 4. tiered approach to recovery depending on key security + - traditional methods for less secure keys (email / authenticator / sms / oauth) - Create familiar experiences, such as the banking app concept of a savings vs checking account 1. less secure (webauthN) key can only identify account, but not spend tokens (all non-financial usecases) 2. less secure (webauthN) key can only spend x tokens / day From 4d2a7ceef0bafc092760621cb743ba0f1177fdc3 Mon Sep 17 00:00:00 2001 From: fmelp Date: Tue, 28 Feb 2023 15:21:02 -0500 Subject: [PATCH 6/8] add mpc --- kip-0018.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kip-0018.md b/kip-0018.md index 8a76129..ee7e461 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -24,7 +24,8 @@ EOA wallets are limited in their functionality and are a hurdle to mainstream ad 1. use a traditional seed phrase 2. rely on a centralized and regulatated custodian -- such as a bank or government entity 3. use social recovery -- a multi-sig keyset that could contain keys from friends and family or unused devices - 4. tiered approach to recovery depending on key security + 4. multi-party computation [MPC](https://www.fordefi.com/) + 5. tiered approach to recovery depending on key security - traditional methods for less secure keys (email / authenticator / sms / oauth) - Create familiar experiences, such as the banking app concept of a savings vs checking account 1. less secure (webauthN) key can only identify account, but not spend tokens (all non-financial usecases) From 7b3c66bd681bb4999f1ddf8154efabd554208749 Mon Sep 17 00:00:00 2001 From: fmelp Date: Wed, 8 Mar 2023 15:43:59 -0500 Subject: [PATCH 7/8] add more refs --- kip-0018.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/kip-0018.md b/kip-0018.md index ee7e461..0ac2c48 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -43,6 +43,7 @@ EOA wallets are limited in their functionality and are a hurdle to mainstream ad 1. Gas fee issues -> far more expensive than using EOA 2. Limitations of web3.js library with `connect wallet` paradigm 3. Does not bring that many extra features over EOA + 4. [EIP-4337](https://eips.ethereum.org/EIPS/eip-4337) (tldr limiation of EVM means it must happen at the mempool level and relies on relay servers) - Others: 1. Industry leaders seem to want to make their stack compatible with popular wallets, such as metamask, but not fix the root of the wallet problem: bad UX and DX @@ -557,7 +558,11 @@ EOA wallets are limited in their functionality and are a hurdle to mainstream ad # **References** - Previous smart wallet [repo](https://github.com/kadena-io/pact-examples/tree/smart-wallet/smart-wallets) (thanks Hee Kyun!) +- [EIP-4337](https://eips.ethereum.org/EIPS/eip-4337) +- Account Abstraction in practive [blog post](https://camiinthisthang.substack.com/p/account-abstraction-for-everyone) - Ethereum smart wallet explanations [one](https://decommas.io/blog/smart-contract-wallets-explained), [two](https://cryptotesters.com/blog/what-are-smart-contract-wallets), [three](https://blog.makerdao.com/what-are-smart-contract-wallets-and-how-can-they-benefit-defi-users/), [four](https://www.argent.xyz/learn/what-is-a-smart-contract-wallet/) +- starknet [eip-4337 modification](https://community.starknet.io/t/starknet-account-abstraction-model-part-1/781) +- zk-sync [eip-4337 modification](https://era.zksync.io/docs/dev/developer-guides/aa.html#extending-eip4337) # **Potential next steps** From cd203438c995cea008da2e3d94ea060a8f048d33 Mon Sep 17 00:00:00 2001 From: fmelp Date: Wed, 8 Mar 2023 15:46:19 -0500 Subject: [PATCH 8/8] smart wallet in keyset predicate --- kip-0018.md | 1 + 1 file changed, 1 insertion(+) diff --git a/kip-0018.md b/kip-0018.md index 0ac2c48..ceb489c 100644 --- a/kip-0018.md +++ b/kip-0018.md @@ -570,3 +570,4 @@ EOA wallets are limited in their functionality and are a hurdle to mainstream ad - Define functions to implement - Decide on interface or other method for standard - Decide on a single smart contract or one-contract-per-wallet paradigm +- Can a smart wallet be included in a keyset predicate \ No newline at end of file