Block.one has finally released the code for the long awaited wallet that will work with all dapps and with all EOSIO chains.
The code appeared in the EOSIO GitHub repository today and soon after images of an example app and authenticator have been posted on Telegram. Due to the legal reasons, Block.one is not able to solely write the code.
Daniel Larimer followed with the confirmation this is their wallet code: “This is our wallet app”. The code works with all dapps and EOSIO chains and is open source which means that anyone can use it and integrate it into their dapp. Daniel also said that “Devs need to raise the bar”.
Everyone waiting for our take on how #eosio wallets should be built, we just released our open source iOS wallet app and chrome extensions. Who will be the first trustworthy organization to get it through the App Store?
With this new development the user won’t be asked to copy paste keys anymore and, although it is always best practice to use different permissions for account security. The code has been optimised for Touch ID which means that Apple’s Secure Enclave is supported.
“TouchID and FaceID are considered the same in the code (both are biometric). No device has both. So it either works with biometric and if that fails on a few attempts then reverts to password/pin of the device. This is still great but everyone needs to keep that in mind and ensure they have a secure password on the device” wrote an iOS developer and an EOSDAC member.
Apple writes in its documentation:
“Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.
Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.”
Block.one has released the code but it’s up to the community to build the code and submit it for App Store approval. “We released code. Someone else can integrate with App Store” – said Larimer.
The code provided for Chrome extension authenticator has been already submitted by Syed from EOS Cafe BP. The authenticator will use UAL library for dapps authentication. The library supports B1, Lynx, Scatter, Ledger, MEETONE, TP and others. If everything goes well, the extension should be out in a few days.
In their GitHub repository, the Block.one team write that the authenticator enables for the following features, solving the problem of user’s consent and user authentication itself:
- It enables seamless, multi-network support. In fact, the app, itself, does not even communicate with chains or nodes directly.
- It securely stores private keys and employs the use of biometrics to signs transactions.
- It displays richly-formatted Ricardian Contracts, which provide users with a human-readable explanation of the action(s) the app is proposing and allows users to approve or reject the terms of the contract(s).
- By following the Manifest Specification, the Reference Authenticator App displays metadata about the requesting application to end users any time they are prompted to trust an app or sign a transaction from one. This provides users with an improved sense of trust in the requesting application and the signing ceremony itself. The Reference Authenticator App also runs various transaction pre-flight security checks, comparing the contents of a transaction request with what integrating apps have declared about themselves.
“I encourage everyone to study the vision implemented by our wallets and how it works to make eos both more secure and easier to use” said the CTO of Block.one.
The wallet code release has been previously announced by Larimer and it doesn’t make up part of the news that will come out on June 1st Block.one host an event in Washington D.C. and the community speculates that they could announce a social media dapp.
Disclaimer. EOSwriter does not endorse any content or product on this page. While we aim at providing you with all the important information we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor this article can be considered as investment advice.