This last part concludes the Android development tutorial series for building a Kin-powered app. I hope you have learned a lot about app development and and that this tutorial series has given you enough tools and confidence to start making your own apps!
Before you go and start building the actual apps, there are a few last points I want to make.
Moving to production
Once your app is built, you have to move from the testnet to the real blockchain. This involves a few things:
- Create an operational and a cold storage wallet on production and put a bit of Kin in the operational wallet
- Replace testnet with mainnet in the app and in the backend. In addition, the Kin bootstrap has to be rebuilt with the mainnet parameters in the Docker compose file (like the secret of your mainnet operational wallet).
- Replace the friendbot with your own create account endpoint. The friendbot does not exist on mainnet, so you have to create accounts using the Kin backend’s create endpoint. The easiest way to build this is exactly the same way you would build other connections to the Kin backend: Create a create_account endpoint in the app backend that receives a public address. The app backend then calls the Kin backend to create that account.
Every Kin transaction has a fee of 0.001 Kin in order to prevent spamming the network. This goes for both the transactions on the app and the transactions on the backend. If you received an app ID from the Kin Foundation, you can whitelist transactions on both the app and the backend. If transactions are whitelisted, you don’t have to pay the fee. While 0.001 Kin is very small, whitelisting popular apps with the Kin Foundation is definitely worth it. Also, because of this fee, a spend of 5 Kin actually costs 5.001 Kin, which also explains the balance in your app ending with .99.
To whitelist transactions, you can follow the whitelisting example on the Python SDK page.
Backup and restore
Users have full control over their wallets as the wallet’s secret key is stored on the device. This also means when the user deletes the app and reinstalls it, the secret key is gone forever. And with that, the Kin the user had is basically burned (lost forever). Therefore it is very important to provide a backup and restore function in your app. The Kin SDK already provides a very simple method to enable this feature. You can check out this page to implement backup and restore.
Alternatively, you could store the secret key in the backend. However, as you are technically in control of other people’s money, this can have legal consequences and it also goes against the principle of crypto. So I don’t recommend doing this.
The Kin Foundation has provided another module that is very simple to implement. It is called the Discovery module and its purpose is to send Kin around different apps on your device. So you can earn Kin in app A and then send and spend it in app B! This is a really powerful way to grow the Kin Ecosystem and gives app builders a unique way to attract new users for free. In addition, if people move Kin from your app to another app, you earn rewards from the Kin Rewards Engine. Integrating the Discovery module is always a good idea. You can find the documentation for the Discovery module here.
I have talked a lot about security, primarily because you can easily overlook it and make working apps that have severe security issues. This can compromise everything you have, or even expose private user data. Here is an example of Moonpig (a photo product company) that exposed the customer data (including credit card details) of 3 million people because they forgot to build a secure platform. Oops!
Directly implementing the app backend as in the tutorial is not secure enough: First of all the app backend doesn’t run on an actual database (it doesn’t scale very well) and secondly, there is nothing to prevent someone from putting arbitrary code on your server. When building the app backend, I highly recommend using a database (like MariaDB), a secure Flask application, and an actual web server that supports SSL, like Apache. These resources should give you more than enough information to get up and running.
Building a good, secure app takes way more than a few days. So have fun building it and keep learning! Join the Kin Developers Forum and the official Discord. The people at Kin and in the Kin community are super helpful when it comes to solving issues you might encounter.
I really hope you enjoyed reading this tutorial series. If you have any questions, don’t hesitate to ask!