Introducing TronWallet ÐApp

The open source dapp crypto wallet that will never ask for your secrets keys

Dio Ianakiara
Jun 11, 2018 · 6 min read
Image for post
Image for post

TronWallet ÐApp is an open source crypto wallet for TRON. But I promise, it isn’t just another crypto wallet.


I always believed security was a huge challenge in the cryptocurrency world and a big issue, wallets, ledgers and other security devices were struggling to solve.

For instance, if you give your secret key to a compromised wallet, there is a high risk of losing control of your assets and tokens.

Without a secure way to store and sign transactions the user will always have the risk of losing all their assets when they share their secret keys.

Based on this finding, I wanted to create a fast, reliable and secure way to sign contracts and transactions on the blockchain, while also offering an outstanding user experience.

The Mission

The TronWallet mission is to empower users of TRON Network to securely sign smart contracts and transactions without ever asking for their secrets keys.

The Vision

To be the world’s most secure crypto wallets for TRON, where users can securely interact and unleash the full power of TRON Network.

The Features

  • Login / Signup
  • MFA — 2 Factor Authentication
  • Send (Offline sign with TronVault)
  • Vote (Offline sign with TronVault)
  • Freeze (Offline sign with TronVault)
  • Unfreeze (Offline sign with TronVault)
  • Participate in ICO Tokens (Offline sign with TronVault)
  • Create ICO (Offline sign with TronVault)
  • Official news from Justin Sun Twitter
  • User Dashboard
  • Balances widget
  • Frozen Tokens widget
  • Bandwidth widget
  • Receive widget
  • Transactions list widget
  • User Tokens widget
  • TRX price chart widget
  • List Tokens
  • Create Tokens
  • Profile Page

The Technologies

TronWallet was proudly created with Tron Protocol, AWS, Javascript, React, React Native, Redux and Node.js.

https://tron.network/

https://reactjs.org/

https://facebook.github.io/react-native/

https://redux.js.org/

https://nodejs.org/

https://expo.io

The Authentication

TronWallet supports multi-factor authentication and encryption of data-at-rest and in-transit. We use AWS Cognito for user authentication and federation.

Image for post
Image for post
TronWallet AWS — Architecture

The Create Account Process

TronWallet will never ask for your secret keys. Accounts in TronWallet are managed offline by TronVault and can be restored using 12 seed words + vault number.

TronVault is a cold wallet mobile app for TRON, available for iOS and Android.

The process behind the account creation is described in our Hierarchical Deterministic Wallet Proposal proposal for TRON.

TronVault — Create and restore account

TronVault Features:

What’s Possible

  • Sign smart contracts & transactions offline
  • Offline return the response to the requesting app via copy/paste , deep links and qrcode
  • Store the seed database on iOS Keychain or Android Keystore with encryption AES-256 + SHA2 + DEVICE ID + PASSWORD
  • The seed database can’t be used outside the app
  • Available for iOS and Android

What’s not possible

  • Require network permissions (no threat of network-based hack or transmission of secure keys directly from the app)
  • Create transactions (only scan)

The Offline Only Signature

TronVault will never have network permissions, as internet permissions were removed from the app. It will never connect to any network, even if the device is connected to the internet.

Image for post
Image for post
AndroidManifest.xml

Every Android app needs permissions to connect to the internet, it’s a standard industry procedure.

On Android, in order to perform network operations every application manifest must include the following permissions :

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

https://developer.android.com/training/basics/network-ops/connecting

On iOS we don’t use any background internet permissions.

The TronWallet Desktop

Image for post
Image for post

Every contract and transaction starts on TronWallet, either on the Mobile or Desktop versions.

When a user starts a transaction it will build the contract without the signature.

On TronWallet for Desktop the user will see a QR code and it represents the transaction hexadecimal string.

Image for post
Image for post

Steps to sign.

  1. Use the QRCode above to sign your transaction with TronVault. Click on the button “Scan and submit transaction” on TronWallet to scan the result QRCode.
  2. Add a contract in TronVault.
  3. Scan the QRCode and sign the transaction on TronVault.
  4. TronWallet will ask to enable the camera on your desktop to verify the transaction data.
  5. The button “Submit” will appear, click on it to send your transaction to the network.

TronWallet Desktop Demo

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

The TronWallet Mobile

Image for post
Image for post

On TronWallet Mobile you can send, vote, participate freeze and unfreeze TRON and TRON Tokens. When starting a contract or transaction you will be redirected to TronVault to sign, and you will need to enter your password.

In this step TronVault uses the password + deviceId to decrypt the seed to sign.

TronWallet Mobile Demo

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

The Roadmap

  • User profiles (Q3 2018)
  • Companies pages (Q3 2018)
  • Friends and companies connections (Q3 2018)
  • Secure bluetooth signature (Fast sign for desktop) (Q3 2018)
  • Direct connections between mobile and desktop apps (Q3 2018)
  • React Native Crypto Bridge (Fast encrypt/decrypt) (Q3 2018)
  • Social login with Google +, Facebook, and Amazon (Q4 2018)
  • TronWallet for Alexa and Google Assistant (Q4 2018)
  • TronWallet Dapps (Q4 2018)

TronWallet is available for, iOS, Android, Mac, Windows, Chrome and Web.

Try TronWallet today at www.tronwallet.me

The Team

Getty/IO is the South America’s largest nearshore front-end development firm, that is specialized in modern Javascript & Blockchain.

Say hello to us: www.getty.io

The Github

https://github.com/gettyio/tronwallet

https://github.com/gettyio/tronwallet-mobile

TRON

TRON

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store