New Generation Wallets, 2FA and More…
Today we are introducing a large update to Stellarport starting with:
New Generation Wallets
We are introducing a new generation of wallets to Stellarport. Don’t worry, you can continue to use your current Stellarport. However, if you want to take advantage of some cool new features, you will have to create a new wallet and transfer your funds over. So what are the new features? Well:
Recovery Phrases
From now on, all wallets (except for hardware wallets) are created with a recovery phrase. A recovery phrase is simply a series of words that you store safely. Recovery phrases are not used to login or sign transactions. Instead, recovery phrases are there for disaster recovery if you lose your secret key or password (Fun fact: recovery phrases are SEP0005 compliant).
Login with nickname/password
We are adding a new, super convenient login method. Now you can login with a simple nickname+password combination (if you want). No need to save a secret key or store a keystore file. Not only is this new method easy to use, it doesn’t compromise on security!
Wondering how it works? Technical explanation below (If you don’t like technical explanations, skip to the next paragraph):
When you create a new wallet with a nickname/password method on Stellarport, the following 3 steps occur:
- You choose a nickname and password, these are stored LOCALLY, in memory, on your machine during the wallet creation process.
- Your machine generates a recovery phrase LOCALLY and presents it to you so you can save it.
- Your machine uses the recovery phrase to LOCALLY generate a secret key from the recovery phrase. Then, it encrypts the secret key with your chosen password, again LOCALLY. Finally, your machine sends the encrypted secret key along with a sha-512 hash of your password to Stellarport to store REMOTELY.
The login flow is as follows:
- You supply your nickname/password to your machine LOCALLY.
- Your machine hashes your password using SHA-512 and sends that to Stellarport to retrieve the associated encrypted secret key.
- Finally, your machine decrypts the retrieved encrypted secret key using your supplied password LOCALLY and logs you in.
…and there you go, an easy to use method of logging in and signing your transactions where your secret key can never be stolen from Stellarport’s servers. If you ever lose your nickname or password, don’t worry, you can always recover using your recover phrase! How cool is that?
2 Factor Authentication
All new generation wallets will now be able to add 2 Factor authentication. 2 Factor authentication greatly increases the security of your wallet by requiring that you enter a code whenever you submit a transaction out of your wallet. The code is generated every 30 seconds on your device. You must have access to your physical device to generate the code.
Another technical explanation below (just skip to the next section if you don’t like technical explanations 😁).
When you add 2FA, you must enter your recovery phrase which is a mnemonic seed. Your regular secret key that you login with is at path 0 of that mnemonic seed. Upon adding 2FA the following series of steps occurs:
- Generate cold key at path 1 of the mnemonic seed.
- Add the following signers|weights: hot key|1, stellarport key|1, cold key|2
- Raise all the thresholds to 2.
Removing 2FA is simple. Your machine generates the cold key using the recover phrase and removes all extras signers while setting thresholds to 1 again.
Account Linking
Want to send a link of Stellarport as a specific account? No problem, now you can simply send:
stellarport.io?account_id=<public_key>
Multiple Other Fixes/Enhancements
Of course, we continue to optimize for usability and performance. You will notice many new UI improvements and fixes that we have added as part of this release.
Stellarport and Stellar are growing, steadily growing. Onwards!
