/
Wallet

Wallet

Owned by Kelly Foster
Last updated: Jan 25, 2019 by Chris Boscolo

Purpose of this page

The goal of this page is to consolidate documents and Jira tickets related to wallets for the purpose of supporting the team learning about this features, status of implementation, and open questions prior to the working session Jan. 23-25.

Action requested Please edit this page as needed to add or correct information and create a list of issues to address during the working session.

Mercury requirements

Please see features.md for user stories related to wallets. These are the priority and focal point for our work.

Relevant wiki pages

Other resources

Google sheet with recommendations and ideas from Dan and Ed

Relevant Jira issues 

Key Summary T Created P Status Assignee
RCHAIN-3537 RhoSpec: track count of continuations / data staying in tuplespace after each test to avoid garbage Task 10/Jun/19 5:37 AM Medium To Do Unassigned
RCHAIN-3536 New garbage purse persisted forever during every vault transfer Bug 10/Jun/19 5:33 AM Medium To Do Mike Stay
RCHAIN-3535 Garbage getOrCreate receive left in tuplescpace by RevVault findOrCreate Bug 10/Jun/19 5:24 AM Medium To Do Mike Stay
RCHAIN-3210 Develop better mechanism for resolving conflicts and checking revVault existence for given address Story 08/Apr/19 1:23 PM Medium To Do Unassigned
RCHAIN-3162 Check balance of a REV_Vault via the command line Story 28/Mar/19 11:10 AM Medium To Do Former user
RCHAIN-3125 Revisit purse overflow in wallet/vault contract Story 19/Mar/19 4:45 AM Low To Do Unassigned
RCHAIN-2974 Develop and implement an off-chain tool for generating a RChain wallet (REV Address) Story 08/Feb/19 2:33 PM Medium To Do Unassigned
RCHAIN-2973 Document a process for testnet users to receive test_REV Story 08/Feb/19 2:29 PM Medium To Do Chris Boscolo
RCHAIN-2971 Develop an integration test preventing replay Story 08/Feb/19 2:19 PM Medium To Do Unassigned
RCHAIN-2926 Purse deposit should behave atomically Story 04/Feb/19 3:05 AM Medium To Do Ovidiu Deac
RCHAIN-2808 Create test for "As a Node Operator, I want the wallet key to be stored in a file only" Story 06/Jan/19 12:17 PM Medium To Do Unassigned
RCHAIN-2788 Update the Rev wallet contract to use secp256r1 Sub-task 04/Sep/18 3:42 AM High To Do Unassigned
RCHAIN-2787 Make secp256r1 crypto functions available to Rholang Sub-task 04/Sep/18 3:42 AM High To Do Unassigned
RCHAIN-2786 Include secp256r1 libary in crypto sub - project Sub-task 04/Sep/18 3:41 AM High To Do Unassigned
RCHAIN-2702 Define "As a wallet dApp developer, I want to use Ethereum-style addresses for send transactions to specify the recipient, so that" Story 04/Dec/18 3:39 AM Highest To Do Ovidiu Deac
RCHAIN-2699 Define "As a wallet user, I need a command line interface for interacting with wallets" Story 04/Dec/18 3:41 AM Highest To Do Ovidiu Deac
RCHAIN-2696 Define "As a REV holder, I can move some of my REV to the control another user’s public key (or address) via a co-op supplied dApp wallet" Story 04/Dec/18 3:34 AM Highest To Do Ovidiu Deac
RCHAIN-2695 Define "As a recipient of REV (other than Genesis REV), I can use a co-op supplied dApp to view my REV balance" Story 04/Dec/18 3:36 AM Highest To Do Ovidiu Deac
RCHAIN-2692 Define "As a dApp organization, I need to have multiple approvers for any send transaction" Story 04/Dec/18 3:41 AM Highest To Do Ovidiu Deac
RCHAIN-2688 Define "As a wallet application, I want to query a wallet contract (or the blocks) for the history of all Rev transfers to/from it" Story 03/Dec/18 8:34 AM Highest To Do Ovidiu Deac
RCHAIN-2677 Define "As a user, I want to be able to add REV to my wallet so that I have available REV to pay for goods/services" Story 03/Dec/18 8:33 AM Highest To Do Ovidiu Deac
RCHAIN-2662 Define "As a user, I want to be able to create a wallet so that I can store REV in it" Story 03/Dec/18 8:23 AM Highest To Do Ovidiu Deac
RCHAIN-2559 Address issues raised in security Audit Story 30/Oct/18 12:26 PM Medium To Do Chris Boscolo
RCHAIN-2408 Figure out how to create reward wallets for Genesis Validators Story 20/Sep/18 11:28 AM Medium To Do Chris Boscolo
RCHAIN-3732 Validate properties of wallets from `wallets.txt` before constructing vaults. Story 07/Aug/19 12:02 PM Medium Done Former user
RCHAIN-3731 Build vaults used in `test_wallets.py` with `wallets.txt` file. Story 07/Aug/19 11:46 AM Medium Done Will Qiu
RCHAIN-3422 Ensure the flow from eth addresses on wallets.txt to rev vaults on the genesis block is complete Story 16/May/19 8:51 AM Medium Done Former user
RCHAIN-3417 Test RevGenerator produces correct balances Story 15/May/19 6:41 AM High Done Will Qiu
RCHAIN-3400 Change Rev address to have new format derived from Eth Address Story 13/May/19 2:19 AM Medium Done Former user
RCHAIN-3324 Scenario B in Alice pay Charlie Sub-task 30/Apr/19 7:20 PM Medium Done Will Qiu
RCHAIN-3323 Scenario A in Alice pay Bob Sub-task 30/Apr/19 7:19 PM Medium Done Will Qiu
RCHAIN-3282 Compute genesis block without payments. Story 23/Apr/19 3:46 PM Highest Done Artur Gajowy
RCHAIN-3281 Add gas payment to initial execution and replayComputeState Story 23/Apr/19 3:26 PM High Done Marcin Rzeźnicki
RCHAIN-3260 can't control REV Vault from smart contract Bug 18/Apr/19 2:43 PM Medium Done Mike Stay
RCHAIN-3216 Hardening of wallet implementation Story 10/Apr/19 9:47 AM Medium Done Artur Gajowy
RCHAIN-3203 Document and investigate solutions for the drain caller's vault attack Story 08/Apr/19 10:02 AM Medium Done Artur Gajowy
RCHAIN-3182 Update HashSetCasperTest genesis block to use RevVault Story 01/Apr/19 4:34 PM High Done Artur Gajowy
RCHAIN-3132 modify DeployData structure Story 21/Mar/19 2:09 AM Medium Done Ovidiu Deac
RCHAIN-3114 Confirm deployer's public key is being verified and populated in DelployParams for each deploy Story 15/Mar/19 10:27 AM Medium Done Ovidiu Deac
RCHAIN-3088 implement locker contract Sub-task 08/Mar/19 6:59 AM Medium Done Ovidiu Deac
RCHAIN-3072 Add tools to allow testing the locker contract Sub-task 04/Mar/19 7:07 AM Medium Done Ovidiu Deac
RCHAIN-3061 Create user documentation for how to transfer test_REV Story 01/Mar/19 8:42 AM Medium Done Artur Gajowy
RCHAIN-3049 Expose the Adress tools in Rholang Sub-task 27/Feb/19 12:49 PM Medium Done Ovidiu Deac
RCHAIN-3048 Implement RevAddress tools Sub-task 27/Feb/19 12:48 PM Medium Done Ovidiu Deac
RCHAIN-2988 Research tools to implement REV address Story 12/Feb/19 9:53 AM Medium Done Ovidiu Deac
RCHAIN-2972 Develop an integration test for Alice pays Dave for ice cream Story 08/Feb/19 2:20 PM Medium Done Will Qiu
RCHAIN-2970 Develop an integration test for unlocking a wallet using the lockBox Story 08/Feb/19 2:17 PM Medium Done Artur Gajowy
RCHAIN-2969 Develop an integration test for bootstrapping a wallet Story 08/Feb/19 2:15 PM Medium Done Artur Gajowy
RCHAIN-2967 Implement the tools to create/parse REV Address Story 08/Feb/19 2:07 PM Medium Done Ovidiu Deac
RCHAIN-2966 Design and implement the lockbox Story 08/Feb/19 2:06 PM Medium Done Ovidiu Deac
RCHAIN-2965 Develop and implement the REV-Address-Registry map Sub-task 08/Feb/19 2:05 PM Medium Done Ovidiu Deac
RCHAIN-2964 Develop and Implement the REVMint Story 08/Feb/19 2:04 PM Medium Done Unassigned
RCHAIN-2962 Design and implement the REV Vault Story 08/Feb/19 2:02 PM Medium Done Artur Gajowy
RCHAIN-2961 Develop and implement the Purse Story 08/Feb/19 2:01 PM Medium Done Artur Gajowy
RCHAIN-2936 Casper needs a wallet that will not cause merge conflicts. Story 06/Feb/19 10:38 AM Medium Done Unassigned
RCHAIN-2704 Define "As a validator, I can move Rev to/from the key-pair for one validator node to the key-pair for another validator node or that of the co-op supplied wallet dApp" Story 04/Dec/18 3:38 AM Highest Done Ovidiu Deac
RCHAIN-2344 Create a "Rev issuance wallet" Story 23/Aug/18 4:14 PM Highest Done Unassigned
RCHAIN-2305 Create 'Trusted' Wallets Story 25/Jul/18 9:55 AM Medium Done Unassigned
RCHAIN-2202 Create the transfer transactions that move the token to the wallet Story 10/Oct/18 9:09 AM Medium Done Unassigned
RCHAIN-2200 Create the wallet address and register with the name registry Story 10/Oct/18 9:09 AM Medium Done Unassigned
RCHAIN-1714 Alice pays Bob 10 REV Story 23/Nov/18 7:32 AM Medium Done Unassigned
RCHAIN-1531 how to find BasicWallet from eth address? Story 24/Nov/18 7:56 AM Medium Done Chris Boscolo
RCHAIN-1529 rename "wallet" to avoid confusion with client-side software? Story 24/Nov/18 8:10 AM Medium Done Chris Boscolo
RCHAIN-3135 Bridge cost accounting and the wallet Epic 21/Mar/19 9:57 AM Medium In Progress Artur Gajowy
RCHAIN-2968 Wallet integration tests Epic 08/Feb/19 2:11 PM Medium In Progress Unassigned
RCHAIN-2960 Wallet components Epic 08/Feb/19 1:59 PM Medium In Progress Unassigned
66 issues Refresh

Open questions and ideas

Add your questions and ideas below

Jan. 23 charge to the wallet team

  • Bootstrap issue Provide recommendation for how to handle the bootstrap problem where someone doesn't have REV and wants to set up a wallet
  • Purse security
    • Concern - code in Dan's demo needs revision to assure accuracy of reporting correctly
    • RCHAIN-644 - Security audit / Formal verification of contracts Done RCHAIN-2559
    • Miller recently discussed a formal spec for purses in his SFBW talk: 
  • Auditing
    • Be able to see a transaction log of all REV spent
  • Unforgeable name as the nonce
    • Purpose of the nonce is to prevent replay
    • Is this the right approach?
      • Concern that this will work with parallelism
      • Greg: Unforgeable names should be the nonce in all cases
    • See Ovidiu's write up Locker contract
  • Ticket created for replay issue  RCHAIN-2866 - Evaluate whether platform should prevent a "replay" of an old signed transaction To Do . No further action required today.


Recommendation and discussion following Jan. 23 session

Posted by Chris Boscolo in Discord

I wanted to give a mini recap of some decisions we made that are a pretty significant departure from the current purse/wallet paradigms that we have been working on.

We decide that for Rev on RChain would use a map to represent owner -> Rev account balance. This would be handled via the Rev Smart contract. With this approach there are a few simplifications to how we use and track Rev:

1. All account balances can be queried obtained via this map

2. All transactions (Rev Transfers) happen via this smart contract making auditing very straight-forward

3. owner map keys can either be a representation of their public key pair OR hash of an unforgeable name held by a multisig smart contract

4. Users can receive Rev simply by creating a EC keypair and sharing the pubkey-hash with the entity sending it.

5. Deployments can be signed with a key in this map to pay for the execution of the deployed code. (Handled by the Capser contract.) We believe this simplification to wallets will make it easier to build wallet/deployment tools as well as shrinking the surface area of code that needs to be audited for security flaws.

Discussion

ThemeQuestionAskerDiscussion
ConcurrencyWill this design create a bottleneck in terms of performance, because it would reduce the concurrency that would otherwise occur? Even for the same owner sending lots Rev transactions, we want to allow concurrency if possible.EdJoshy - Unless some fancy commutativity check is implemented, this will impose a total ordering over all rev transactions
ConcurrencyI've let it sink in for a little while, and I think my reaction is slightly sad to lose the concurrency model, but ultimately glad that decisions were made and we're moving forward. I'm wondering whether we could write the map-based rev contract to allow moving tokens in and out of the central map contract to and from purses/utxos. Wheels are turning in my head, and I'd be interested in writing some rholang if it sounds useful.JoshyChris - The dev team talked about using a concurrent map to preserve concurrency
Concurrency
If unforgeable names can also be used as map keys (I see no benefit from hashing them) then maybe the interesting security properties are preserved.
It does seem to impose a total order on transactions, but since we have postponed namespaces/sharding, maybe that's doesn't make much difference.
Dan
ContractHow large might this contract grow in terms of the memory and storage footprint it will need?EdJoshy -The contract will grow linearly in the number of keypairs used
ContractWill the whole contract need to fit in memory at one time?EdJoshy -This is probably not a good place to be optimizing storage, but I'm not really sure
ConsensusDoes the whole REV contract state need to achieve consensus as one block, or can consensus occur in sub-sections?EdJoshy -yes. consensus over the etire state every block. This means the dag will likely contain a chain-of-rev transactions e) If anything this will save space over the purse model by not having separate contracts for every rev wallet. Side question: does RChain store a complete tuplespace poststate in every block?
Consensus If as one block, does this imply most block sizes will be large?EdJoshy -If anything this will save space over the purse model by not having separate contracts for every rev wallet. Side question: does RChain store a complete tuplespace poststate in every block?
HistoryWill it keep its own on-chain history, or is that some DHT stored on-chain on the side, or derived by some other client or indexing service crawling through the block history?EdJoshy -history will be stored on-chain
How long will REV transaction history be kept?(edited)
EdJoshy -recent history will necessarily be kep back until the most recent finalized block. Probably validators will keep older history around much longer than that.
HistoryWhere will a wallet dApp retrieve the history of the user’s Rev sends, receives, and fees?Ed
HistoryHow will RChain systems architecture separate what the database industry used to call OLTP, OLAP, and near real-time analytics?Ed
History
One of the central requirement questions about the auditability of Revs is whether RChain needs to store Rev transaction history forever, or just for some amount of time. For the sake of argument, let’s say RChain needs to store it for years… I’ve been thinking a bit tonight about how a Rev history mechanism could be kept separate from the Rev balance map (as described above a few hours ago), so the primary Rev comm events are not slowed down. In some other domains, such as electric grid operations with which I’m familiar, transactional operational and historian systems are separated so the operational demands are never unnecessarily blocked. In those systems the historian software can buffer transaction logs and catch up with its writes to the history database after peak loads, except in extreme cases. Old history (after a few years if there is no business need to retain it) can be archived or purged. In the case of RChain, a separate historian mechanism (i.e., one or more contracts to keep history) for Rev could be created and receive from the main Rev contract a journal of each payment transaction (Alice pays Bob, or Alice pays fees to run code). The Rev Historian contract(s) would then write (journal) to disk at every block consensus. That set of “write to history” protocols could be contract-specific (e.g. only for Revs) and would be aware of block time, and clique depth could be computed. An index could be written on top of the historian to support queries, explorers, etc.
Let’s pose the following questions: How would one conduct an audit of Rev controlled in normal (single public key) wallet contract? How would one conduct an audit of the total amount of Rev? I know that in the more modern world with DHTs, systems can now scale more linearly. However, in the current RChain architecture, the burdens of tuplespace memory and storage are very big issues. So, if we can remove some of the burden of history off the tuplespace, it might have a better chance of scaling.
EdChris - It seems unnecessary to store in the tuplespace. We could use a block explorer approach





Maybe another way to look at this is that we're rolling WalletCheck into the mint/rev contract and expanding it to serve as a hitching post after Genesis.
But we can't move purses around independently... So not quite the same.
How does an entry keyed by name get created? I guess a key holder does a special kind of send...
I suppose this allows economic "side chains" that can use full concurrency
Oh... A key shouldn't be necessary to get in the map with a zero balance.
Maybe bundle0 should be used as the hashing function

Chris - an you expand on: Maybe bundle0 should be used as the hashing function

Dan - 

bundle0 is a one-way function to something that's good for comparison and not much else
I think it's cheaper to compute than a secure hash
And it's 100% guaranteed collision-proof
MapThe map tracks REV balance, but it's not the way to communicate your wallet addressChris

Ovidiu - For each wallet containing REV there is an entry in the map

Dan - Shared example of a contract https://github.com/Agoric/PlaygroundVat/blob/master/examples/contract/makeMint.js#L20


Who has access to update the map?Ovidiu

Chris - The REV contract. This replaces a component of the current MakeMint strategy

Dan - Need to assure you can do atomic updates.


Hardware wallet1. Does the current progress on the wallets make it easier to determine whether hardware wallets will be supported during the launch of Mercury? What are the expectations from the dev team? Mr. TEd -  The key management and signing capabilities of HW wallets are pretty distinct from the wallet dApp's interaction with the nodes. If the design of the transactions to be signed is similar to Ethereum (and @dckc: has done work on this), then HW wallet integration should be relatively straightforward. A wallet dApp prepares a transaction and sends it (or a hash of it) to the HW wallet (through a HW wallet-specific software integration) to be signed. Once signed, the wallet dApp sends it to the blockchain node. Note that the features.md list https://github.com/rchain/rchain/blob/dev/docs/features.md does not include integration with a HW wallet as a requirement for Mercury launch, and I agree with that. Integration with HW wallet can be added later by the co-op or a 3rd party wallet dApp provider.
Hardware wallet2. In case HW wallets are not supported, what would the process be like if you used multiple addresses containing RHOCS on a single HW wallet? Will a mnomic phrase be supported which will generate all underlying addresses? Maybe this is a point which could be clarified in the FAQ as well (support for mnomic phrases or not). Mr. T

Ed - HD wallets, whether HW or SW, can generate lots of key-pairs. These key-pairs can be regenerated by other wallets or standalone tools, such as https://iancoleman.io/bip39/ . HD wallets are currently not on the Mercury features list, and I agree with that. Similar to the above, 3rd party wallet providers can supply HD capabilities.


Dan - No, you can't get rev at Genesis without the private key of an Ethernet account with RHOC

Hardware wallet3. Would it technically be possible to sign a message to proof ownership of an address, instead of exposing the private key /mnomic phrase of a HW wallet? In this case the HW wallet wouldn't be exposed. Or is the private key necessary to create the JSON files/ wallets?Mr. T

Ed - Once a wallet dApp has integration with the particular HW wallet product, the private key does not need to leave the HW wallet. I expect that multiple wallet dApps will emerge after Mercury launch with various capabilities. The co-op supplied wallet must at a minimum support the import and use of a private key.


Mr. T - 

Cheers, thanks for the answers. #3 was meant specifically during Rev issuance. My question was if it's technically possible to generate a wallet with REVS at genesis without knowing the private key of the original RHOC address. As in, if a user can sign a specific message from the address with RHOCS (showing they control the private keys), a wallet with the REVS will be generated. I guess, this would be more like a token swap, instead of an "issuance".
Using 3rd party tools to generate the pairs from question #2 is indeed fair enough. Still, maybe a good point to add to the FAQ.
Keyspublic keys vs addresses, and ecrecoverDan

Chris - the entry in a map is always a hash of the public key. The public key is always provided at deployment. This is still TBD as part of implementation conversation.

Chris - we don't need ecrecover (like ETH). 

Chris - Discussion about which curve to use (ETH or ed...). We would still need the claim process at genesis to claim REV.

Recommendation and discussion following Jan. 24 session

After further discussion, there was some a lot of concern that the above Map based approach would not leverage the concurrent capabilities of the RChain platform. So we spent the day walking through how to satisfy the Wallet requirements using the original OCAP Purse composition.

Wallet proposal (Note: we decided to rename terms such that "wallet" is not used for on-chain components)

Next steps

  • REV contract 
    • Two parts need to be done in Scala
    • Need a Rholang primitive to support unforgeable name lock box (this can be added as a 2nd step if needed)
      • TO DO - add picture and description of lock box idea
  • Jan. 24 session - Team to sort out next steps for other aspects of implementation and sort out next steps
    • Block explorer (question)

Related content