June 8: Inside Cardstack This Week
Mobile security features, B2B payments & fireside chat with Hedera Hashgraph
Our team is completing a few ongoing projects to improve the security and reliability of our deployed services and applications. We are also planning for the second half of 2022, so that we can build on top of our foundation and deliver end-user facing features that leverage our protocol and deliver business value to users and customers.
Cardstack Infrastructure
On the infrastructure front, we have been migrating more of our manual processes to automated scripts by way of Terraform, so that the creation of new environments supporting our protocol and dApps can be more repeatable. This is a necessary investment, so that we can reduce additional work and focus on supporting other blockchain nodes and networks, be it alternative layer 1s or a true roll-up-based layer 2. This work is done in cooperation with our DevOps experts, and it allows all of our existing services to become one cohesive deployment stack.
In the area of security, our team has been working to address some improvements suggested by our auditor Trail of Bits. We are glad to announce that we have submitted all the requested changes and improvements, and those improvements have been reviewed by the auditors. Trail of Bits has issued a finalized audit report for the Card Pay family of protocols. We will roll out these changes as well as upcoming features related to our new marketplace contract in the coming weeks.
Mobile Security Features
Our mobile team has been working on improving our private key encryption and backup capabilities by requiring a user-determined pin, so that all key backups are encrypted by information that only the user has — it cannot be decrypted by any third party, including the Cardstack team.
This capability will still support the use of Face ID, Touch ID, or similar biometrics authentication, which will bypass the need for a pin code. Users are, however, encouraged to save their pin with a password manager or write it on a piece of paper in case they upgrade to a new phone and would like to migrate their local or cloud backup to the new device.
SaaS Business-to-Business Payments
For the second half of this year, we will focus on building a new SaaS feature set focused on business-to-business payments, otherwise known as invoicing between freelancers and businesses. We will use the Card Pay and Card Reward protocol as the settlement and exchange rate conversion protocol. We always planned to extend our consumer-oriented mobile-to-mobile payment experience to invoicing and billing for businesses, as the ticket amount is usually higher and the frequency is more regular.
Our work will focus on building a web-based experience for operations, including accounts-payable and accounts-receivable work. We will also provide a consumer quality wallet experience using Card Wallet, especially when it comes to transaction approval and signing.
We will share progress on these new user-facing features as they move from the product design phase to the engineering and coding phases.
Upcoming Fireside Chat
In tomorrow’s fireside chat, Chris Tse, Cardstack’s Founding Director, will be speaking with Christian Hasker, CMO of Hedera Hashgraph.
Register here.
Chris Tse and Christian Hasker will discuss:
- The hashgraph consensus
- Problems with proof-of-work blockchains
- Benefits of proof-of-stake networks
- How Hedera facilitates fast, cheap, and secure transactions
- What’s next for Hedera Hashgraph
To get all our latest updates, sign up for our newsletter on cardstack.com, star Cardstack on GitHub, and join our Discord channel or our Telegram group and announcement channel.
