Introducing TronWallet ÐApp

The open source dapp crypto wallet that will never ask for your secrets keys

TronWallet ÐApp is an open source crypto wallet for TRON. But I promise, it isn’t just another crypto wallet.


I always believed security was a huge challenge in the cryptocurrency world and a big issue, wallets, ledgers and other security devices were struggling to solve.

For instance, if you give your secret key to a compromised wallet, there is a high risk of losing control of your assets and tokens.

Compromised wallets are one of the top ways people get hacked and lose ALL their assets

Without a secure way to store and sign transactions the user will always have the risk of losing all their assets when they share their secret keys.

Based on this finding, I wanted to create a fast, reliable and secure way to sign contracts and transactions on the blockchain, while also offering an outstanding user experience.

The Mission

The TronWallet mission is to empower users of TRON Network to securely sign smart contracts and transactions without ever asking for their secrets keys.

The Vision

To be the world’s most secure crypto wallets for TRON, where users can securely interact and unleash the full power of TRON Network.

The Features

  • Login / Signup
  • MFA — 2 Factor Authentication
  • Send (Offline sign with TronVault)
  • Vote (Offline sign with TronVault)
  • Freeze (Offline sign with TronVault)
  • Unfreeze (Offline sign with TronVault)
  • Participate in ICO Tokens (Offline sign with TronVault)
  • Create ICO (Offline sign with TronVault)
  • Official news from Justin Sun Twitter
  • User Dashboard
  • Balances widget
  • Frozen Tokens widget
  • Bandwidth widget
  • Receive widget
  • Transactions list widget
  • User Tokens widget
  • TRX price chart widget
  • List Tokens
  • Create Tokens
  • Profile Page

The Technologies

TronWallet was proudly created with Tron Protocol, AWS, Javascript, React, React Native, Redux and Node.js.

https://tron.network/

https://reactjs.org/

https://facebook.github.io/react-native/

https://redux.js.org/

https://nodejs.org/

https://expo.io

The Authentication

TronWallet supports multi-factor authentication and encryption of data-at-rest and in-transit. We use AWS Cognito for user authentication and federation.

TronWallet AWS — Architecture

The Create Account Process

TronWallet will never ask for your secret keys. Accounts in TronWallet are managed offline by TronVault and can be restored using 12 seed words + vault number.

TronVault is a cold wallet mobile app for TRON, available for iOS and Android.

The process behind the account creation is described in our Hierarchical Deterministic Wallet Proposal proposal for TRON.

TronVault — Create and restore account

TronVault Features:

What’s Possible

  • Sign smart contracts & transactions offline
  • Offline return the response to the requesting app via copy/paste , deep links and qrcode
  • Store the seed database on iOS Keychain or Android Keystore with encryption AES-256 + SHA2 + DEVICE ID + PASSWORD
  • The seed database can’t be used outside the app
  • Available for iOS and Android

What’s not possible

  • Require network permissions (no threat of network-based hack or transmission of secure keys directly from the app)
  • Create transactions (only scan)

The Offline Only Signature

TronVault will never have network permissions, as internet permissions were removed from the app. It will never connect to any network, even if the device is connected to the internet.

AndroidManifest.xml

Every Android app needs permissions to connect to the internet, it’s a standard industry procedure.

On Android, in order to perform network operations every application manifest must include the following permissions :

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

https://developer.android.com/training/basics/network-ops/connecting

On iOS we don’t use any background internet permissions.

The TronWallet Desktop

Every contract and transaction starts on TronWallet, either on the Mobile or Desktop versions.

When a user starts a transaction it will build the contract without the signature.

On TronWallet for Desktop the user will see a QR code and it represents the transaction hexadecimal string.

Steps to sign.

  1. Use the QRCode above to sign your transaction with TronVault. Click on the button “Scan and submit transaction” on TronWallet to scan the result QRCode.
  2. Add a contract in TronVault.
  3. Scan the QRCode and sign the transaction on TronVault.
  4. TronWallet will ask to enable the camera on your desktop to verify the transaction data.
  5. The button “Submit” will appear, click on it to send your transaction to the network.

TronWallet Desktop Demo


The TronWallet Mobile

On TronWallet Mobile you can send, vote, participate freeze and unfreeze TRON and TRON Tokens. When starting a contract or transaction you will be redirected to TronVault to sign, and you will need to enter your password.

In this step TronVault uses the password + deviceId to decrypt the seed to sign.

TronWallet Mobile Demo

The Roadmap

  • User profiles (Q3 2018)
  • Companies pages (Q3 2018)
  • Friends and companies connections (Q3 2018)
  • Secure bluetooth signature (Fast sign for desktop) (Q3 2018)
  • Direct connections between mobile and desktop apps (Q3 2018)
  • React Native Crypto Bridge (Fast encrypt/decrypt) (Q3 2018)
  • Social login with Google +, Facebook, and Amazon (Q4 2018)
  • TronWallet for Alexa and Google Assistant (Q4 2018)
  • TronWallet Dapps (Q4 2018)

TronWallet is available for, iOS, Android, Mac, Windows, Chrome and Web.

Try TronWallet today at www.tronwallet.me

The Team

Getty/IO is the South America’s largest nearshore front-end development firm, that is specialized in modern Javascript & Blockchain.

Say hello to us: www.getty.io

The Github

https://github.com/gettyio/tronwallet

https://github.com/gettyio/tronwallet-mobile