One question I have for you is about security. A wallet is risky business - how can you ensure the security of the app?
A:
Brief intro: Telegram miniapps have user-linked CloudStorage accessible via API where miniapps can store key-value data.
How user seed-phrases will be protected:
PrivateKey (Seed Phrase) encrypts by telegram-user-id + user-PIN
Telegram CloudStorage - key-value user’s storage available to the Telegram user only.
As you may have noticed, this grant doesn’t include a backend. Since it’s really not needed for the wallet work. Everything happens on the client side. The data is stored in the user’s KV-storage only.
This app is a compromise between convenience and security.
First of all, great looking presentation of the plan, and the UI mockups look great.
I have a few questions:
What is the added functionality here that isn’t covered by the existing explorer which allows you to e.g. stake and delegate already via Keplr?
Are you going to integrate a version of the Keplr wallet into this proposed app?
Can you please expand on an answer to a previous question: if there is cloud storage, it seems like the grant doesn’t have a backend in that you’re not writing your own, but is infact relying on Telegram’s backend? Re:
Telegram CloudStorage - key-value user’s storage available to the Telegram user only.
Telegram miniapps have user-linked CloudStorage accessible via API where miniapps can store key-value data.
Does this mean that the seed phrase is encrypted but still stored in the ‘CloudStorage’ KV store?
There should be no differences in functions (for the current stage). This is another implementation of the explorer. Since we plan to develop the project for several grants, we plan to add the functionality of delegation recommendations/tips/advices in the next grant.
No
The current grant doesn’t have a backend part, except that github.io to host the frontend.
Yes. The purpose of the app, first of all, is to reduce the threshold of entry into the nym-ecosystem. So yes.
There should be no differences in functions (for the current stage). This is another implementation of the explorer. Since we plan to develop the project for several grants, we plan to add the functionality of delegation recommendations/tips/advices in the next grant.
I like the tip/recommendation idea, but I’m wondering why the need to reimplement parts of the explorer instead of e.g. trying to port that to a mobile-friendly context.
Yes. The purpose of the app, first of all, is to reduce the threshold of entry into the nym-ecosystem. So yes.
Whilst it may be reducing the threshold to entry, the idea of storing even encrypted seed phrases anywhere outside of the users device does not seem like a good practice. Why this, instead of storing them locally on the device? Have there been audits of the KV store that are public? Given the public worries regarding some of the other crypto standards used by the Telegram app this is especially important.
Now users do not have a mobile version of the wallet and explorer.
This is a site inside the Telegram client. Telegram does not give access to the system files. It also doesn’t have browser extensions.
But we intentionally want to use linking a wallet to user’s Telegram account, in order to increase usability and reduce the entry threshold for an amateur. Just like trading exchanges do. Each user decides for himself what information security he needs, balancing between convenience and security.
I haven’t watched any KV Store security audits. But do you think they would have launched TON wallet (Telegram: Contact @wallet) as a miniapp if it was unsafe?
Of course, this cannot be an argument, but it is still a fact. People have to trust others, otherwise the world would exist without them.
What do you think about Telegram’s reputation in terms of storing personal data compared to crypto exchanges like bybit, okx, etc?
I still don’t think it is a good security practice, even if others have done it.
What do you think about Telegram’s reputation in terms of storing personal data compared to crypto exchanges like bybit, okx, etc?
Personal data is one thing, seed phrases which give access to an account is another. I also think we should move away from the CEX model to a decentralised one, or at least don’t need to replicate it in terms of placing unnecessary trust on e.g. a centralised exchange over users holding their own seed phrases.
In this case, we will not be able to make the wallet on Telegram miniapp.
There is no way to store the seed phrase securely, even on the user’s device. In this regard, web2 is safer, since there are antifraud systems that cannot be in web3.
It seems that the security provided by symmetric encryption algorithms is sufficient. How can a potential attacker crack a seed phrase encrypted without user password? How is this different from the keplr extension?
I have a suggestion to improve the security of user data.
We can store an encrypted seed phrase in the local storage of the user’s device (e.g. cookies) instead of Telegram CloudStorage.
This will reduce the usability of the app, because the user will have to enter a seed phrase a little more to gain wallet access, but this way the data will be controlled by his device, not Telegram.
