After months of thinking about how we want our users to experience Gimbl, we took the decision to offer a hybrid model. Those who want to fully use the power of decentralization and their own wallet can do so, for now using Metamask in a crypto kitties style.
Others who do not want to bother having to manage their own wallets can use in-house wallets that we will be managing with extreme security. Our storage is designed so we cannot decrypt the private keys we store for you without your password (that we do not store). Even if it brings about the concern of users forgetting their passwords, it guarantees that Gimbl cannot disclose or use your private keys even in the event of a hack. In addition, we’re using rust to encrypt and decrypt your private keys for high throughput and added security.
Hybrid wallet models require precise workflow management, each API route involving a transaction automatically manages and adapts to internal and external (MetaMask) wallets. Users can choose which wallet they want to use in their interface.
In order to have a fully independent and high-performance interface, we’ve decided to proxy the blockchain on our custom design backend. Our database is now automatically populated with blockchain events and is aware of transactions made directly without the use of our services. Confirmed transactions are updated to final after a couple blocks. Outbound transactions are queued in a push pipeline that automatically retries for X times with Y gas increment in case of insufficient gas for internal wallets, we’re still studying how much gas we can spend for each user.
Our new website design is currently being implemented and UX has been done for most of the signup and basic pages workflows. Users’ feed and statistics will soon be automatically populated from a pipeline of events such as Twitter’s Pub/Sub, using a high-performance joint table to store followers/following.
We’ve started the implementation of an on-chain rights management mechanism to enforce KYC, streamer, moderators and administrator rights on users instead of wallet addresses, so that for each transaction occurring on Ethereum, we’ll be able to automatically get the sender’s address rights from her corresponding database user, directly on the Smart Contracts.