Inspiration
I needed a password manager that was truly private to store all my passwords, wallet passphrases and other stuff. But Web 2 solutions out there did not give me enough confidence to store all of my stuff on them.
That is where Nearpass comes in which is a password manager built on top of NEAR protocol.
What it does
It stores all the passwords and other data on chain by using end-to-end encryption. The encryption key is known only to the user of the app and nobody else.
How we built it
It is built as a Chrome extension to facilitate easy access of the passwords and other data. It can suggest and pre-fill the login form as any password manager should. Also, offers the users to save their credentials on chain.
Challenges we ran into
Since the app encrypts the data of the user using an encryption key only the user knows, there is a dilemma of where to store this encryption key. We cannot always ask the user to provide their key on every interaction with the app, as that would hurt the UX. So, it is being stored within the chrome.storage after encrypting it with a temporary key (that expires if the wallet changes/wallet re-logs in).
Accomplishments that we're proud of
There are two accomplishments that we're proud of:
- Creating a password manager where the owner of the data is the user themselves (and verifiably so).
- Cheaper alternative to Web 2 password managers because NEAR is cheap and the charges are < 1 cent (per credential/data).
What we learned
That the devtools and the experience of creating Dapps on NEAR is way better than we expected. Also, liked the way the NEAR wallet and login process works.
What's next for Nearpass - E2E Encrypted Password Manager
There are a lot of things to do with Nearpass before a mainnet release. Some of them are:
- Make the experience of pre-filling of the login form seemless. Login forms come in all shapes and sizes, so need the extension to adapt to various scenarios.
- Make the experience of storing credentials after a user has logged in or signed up seemless. Need the extension to adapt to various websites for a better experience.
- Research a better way to protect and secure the encryption keys and the account itself (from casual onlookers - a desktop may have multiple users).
- Random password generator for users when signing up.
Also, some important nice to haves for a future release:
- A mobile app.
- Option to store other pieces of information (Credit Cards, etc).
- Client-only service to alert the users if they have any insecure password in use.
Built With
- chrome
- extension
- javascript
- near
- react
- rust
- typescript

Log in or sign up for Devpost to join the conversation.