Ward Wallet

Smart contract wallet for easy and reliable assets management on Cosmos chains

Comment

Ward Wallet - secure and reliable smart contract wallet

Demo video

Video recording of wallet interactions example: https://vimeo.com/831704585?share=copy

Killer Features

Social Recovery

Have you ever read sad stories about somebody losing Bitcoin wallet password or .dat file? Or perhaps you've been in similar situation yourself? With Ward Wallet, this can never happen again. The social recovery option allows you to set up a connection with other people you trust in advance (social recovery pool), and then recover with multisig if your own access is lost. Populate "trusted sources" when creating your wallet, add or remove members later - this is possible to ensure maximal security and reliability.

Key Rotation

Rotating secrets is one of the most important best practices. However, moving all your assets from one wallet to another regularly is a costly and inconvenient option. With Ward, you can simply transfer the wallet ownership to another address without further actions required. When creating the wallet, you may choose whether to allow such ownership transfers and whether they need an approval from other trust pool members. Beware: this setting cannot be altered later!

Offline signer for DApps

Ward can serve a signer for web-based DApps. Ward instance is injected into web pages, and it follows conventional protocol for amino (legacy) signer. Using novel direct signing is impossible, because Ward needs to wrap every transaction with a special ExecuteMsg payload. For successful operation Ward requires underlying structure knowledge. Online signer interface (broadcasting and account data fetching) for injected Ward is currently incomplete and requires a little more work, though current capabilities are sufficient for hackathon MVP.

Implementation Breakdown (MVP)

On-chain logic is deployed as a set of smart contracts written with CosmWasm. The main wallet contract implements several approval rules and stores all the data onchain. The public methods include those for obtaining the balance, broadcasting transactions, altering configuration and adding/removing/fetching pools members. When a user signs up, a new contract is deployed for him.

The core application consists of factories deployed on main chain (where main contract is deployed, user interacts with that one) and slave chain (where only a "echo-like" contract is deployed, simply executing transactions submitted to it and returning the execution result). When a user signs up, he creates a new wallet within our app first and performs a private key backup. Private key is password-protected with secure encryption. Then user has to load some INJ to the wallet in order to cover the deployment fees. To simplify the onboarding process, only INJ is necessary, and Ward maintains a small balance of other coins, covering the expenses by exchanging INJ. Here we can also charge a commission in INJ if the wallet is going to become a paid solution, After adding funds and selecting required networks, a set of smart contract is deployed: root contract on the main chain (INJ) and slave contracts on others. Slave contract acts effectively as a proxy, executing the transaction it receives from the root contract and responding back with any results it got. In case any of the steps fail (due to insufficient funds or technical failure), everything is reverted. During the hackathon period only same-chain wallet was built, IBC development is still in progress

Users are exposed to a browser-based interface which supports all the necessary actions. For hackathon MVP, the web view will serve as an actual wallet, having direct access to private keys, and stick to one browser only (Chrome or Firefox). Our interface wraps built transactions with a specific payload structure (ExecuteMsg from CosmWasm core), signs them and finally broadcasts to the network.

All client-side interactions are built on top of cosmjs library and esp. @cosmjs/stargate proxy with pure JavaScript (no TypeScript in my life anymore), thus simplifying deployment on arbitrary Cosmos-compatible chains.

Hackathon MVP host is to be deployed on Injective testnet. Injective network was chosen for being most DeFI-focused, though the implementation can be easily deployed on any other Cosmos-compatible chain like Osmosis.

What's next?

Cross-chain implementation

Ward source code will get closed after the judging period. The first and most important change after that will be complete IBC support, with possibility to deploy controllers on arbitrary cosmos-compatible chains.

High-value Transfer Approval

With DeFI industry growing from year to year, it's totally possible that you use some crypto wallet as family savings. Of course we all trust our family, but the additional Ward feature allows you to define a spending limit. This may sound excessive for family wallet, but consider a company-managed wallet, where permissions are of much higher importance.

Transactions below some fixed amount (e.g. you may consider 0.05 Eth safe) can be signed by just a wallet primary owner, while transactions of higher value require approval from members pool (trust pool). This pool can be completely different from social recovery pool or overlap partially or fully. This can help protect you against accidental mistakes, transferring 10 times more than you expected just by miscounting zeros. The pool and confirmations amount can be adjusted at any time, but can approach zero only with other member's multisig approval. All trust pool members are treated equivalently.

Trusted Entities

You can add a trusted members group that does not require approvals, be it smart contract or just another end user. Transactions targeting those addresses will not require multisig confirmation. This group is empty by default, and members can be added and removed at any time.

Variability

More options for user choice are going to be added: Ward should support at least major browsers (Chrome and Firefox), as well as have mobile application for Android and iOS. This goes well beyond hackathon MVP development period, but is essential for future success. Ledger support is also a wanted feature.

Built With

Share this project:

Updates