Skip to content

1wallet | Modulo OTP Wallet - unconventional keyless, non-custodial wallet secured by Google Authenticator. EVM-compatible, smart contract operated, with composable security.

License

Notifications You must be signed in to change notification settings

polymorpher/one-wallet

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Modulo OTP Wallet | 1wallet on Harmony

The project started as an open source project, known as 1wallet on Harmony. It was sponsored by Harmony and developed for use on Harmony. Later, it evolved into the OTP Wallet part of Modulo, a solution for secure, frictionless, programmable non-custodial wallet infrastructure.

The open source project assumes no responsibility for theft, loss, or security issues. Use it at your own risk. For commercial concerns, please contact Modulo. Examples of commercial concerns are: guidance for integration, security protection, loss prevention, service-level agreements, reliable APIs, cross-chain use cases, or custom solutions.

Overview

1wallet (OTP Wallet) is designed for people who want the best and the latest from the world of crypto, but do not want to deal with senseless "mnemonic words", "private keys", or "seed phrases".

You don't need to be technical to use 1wallet. It is:

  • Simple: to create a wallet, just scan a QR code using the Google Authenticator app
  • Secure: authorize transactions with 6-digit code from Google Authenticator. No private keys or passwords to take care of.
  • Durable: easily restore wallet by scanning QR code exported by Google Authenticator, or recover funds using another wallet.
  • Smart: configurable spending limit, composable security, and auto-recover mechanisms. Imagine a (physical) wallet that has an embedded computer - it can do a lot more than a plain old wallet that only carries your money around.

Try it at

Technical Blurb

1wallet is an unconventional keyless, non-custodial smart contract wallet.

As a smart contract wallet, it can do many things a traditional wallet couldn't do: setting up daily spending and transfer limit, recover funds using another address, automatically track tokens (ERC/HRC-20, 721, 1155), automatically interact with other smart contracts, and a lot more.

As a keyless wallet, 1wallet is protected by dynamically generated one-time-password from Google Authenticator every 30 seconds. No private key or password is stored at the client. This removes the biggest vulnerability for hacking and theft: you cannot lose private keys if you don't have it! It also removes the hassle of managing them and being forced to remember or write down a bunch of random recovery phrases.

Since Google Authenticator operates offline and is well insulated1 on your phone, it is much more secure than a private key wallet which usually stores a password protected private key on your hard drive in a file easy-to-access location, such as MetaMask. Once your wallet file is copied and your password is leaked, your money is gone.

1wallet is non-custodial. Only you, who controls the Google Authenticator that scanned the setup QR code, can access and control the wallet. The wallet's operations do not rely on any centralized server operated by any company.

1wallet is EVM compatible and may operate on multiple networks. It was first launched on Harmony network in Sep 2021

[1]: Unless you use rooted or jailbreak devices, in which case you need to take care of security insulation by yourself

Design and Technical Specification

Please visit the Wiki page: https://github.com/polymorpher/one-wallet/wiki

Quick Start

We assume you are on macOS or Linux. Windows is not supported as a development environment at this time.

First, you need to install all essential dependencies and apply a patch to one of the dependencies. To do this, simply run the following at the root directory of this project:

./scripts/setup.sh

Next, try starting a local web client:

cd code/client
yarn run dev

Follow the link from terminal (https://localhost:3000), you should now see 1wallet client in your browser, hosted locally.

For more advanced setup, such as using a locally hosted relayer (/code/relayer), the command line interface (/code/cli), and debugging the smart contract via Truffle (/code), please refer to README file in the corresponding folders:

Directory Structure

  • /code: Primary code base. Contains all code related to 1wallet.
  • /wiki: Mirroring Wiki and Protocol, so people can contribute and make pull requests.
  • /smartotp: Early research code from SmartOTP, created by Ivan Homoliak, mildly refactored by @polymorpher in ES2020 for debugging and running on Harmony network. Smart contract, testing, and authenticator code only.
  • /legacy: legacy code forked from an early TOTP demo by Quoc Le, refactored and rebuilt by @polymorpher for testing and benchmarking, and discontinued in June 2021.

Discussions

Please visit our issues page.

License

See https://github.com/polymorpher/one-wallet/blob/master/LICENSE. The license shall be governed by and construed in accordance with the laws of the State of California, United States of America. I accept services of processes by email and Telegram chats @aaronqli.