Banana Wallet SDK

Banana Wallet SDK

A wallet infra that let's you onboard even Monkeys on your dapp.

390
Built at ETHIndia Fellowship 3.0
Carousel Gallery Item: 1
Carousel Gallery Item: 2
Carousel Gallery Item: 3
Carousel Gallery Item: 4
Carousel Gallery Item: 5

The problem Banana Wallet SDK solves

Hot wallets provide convenience but at the cost of security. Because they are always online, there’s no need to transition between offline and online to make a cryptocurrency transaction. For example, many people use mobile hot wallets to trade or make purchases with cryptocurrency. To do so with a cold wallet would be inconvenient. You would need to find a device (typically a computer) in which to plug your cold wallet, then move the requisite amount of cryptocurrency to a hot wallet, and then make your purchase.

In addition, while hot wallets are usually free, cold wallets can cost you between $50 and $200.

So users either have to compromise on the experience or on security and privacy.

Challenges we ran into

There were several challenges we ran into while building an sdk:

  • First and foremost challenge for us was to figure out extracting signature from the response return by webauthn after authentication. And sending signature onchain and implementing our own custom r1 based signature verification logic onchain in smart contract wallet as webauthn generates secp256r1 based signatures.
  • Adding custom r1 based verification logic in our own smart contract wallet added a huge overhead of gas fees. As currently for verifying signature onchain it cost around 1.2mn gas which don't proves to be efficient even on L2 to mitigate through this issue we are working on implementing a offchain zk based r1 based signature verification proof generation mechanism which would enable us to lower downs the gas cost by 75%.
  • We faced several hurdles for making ZK 2FA scalable. One such was to figure how the storage for OTP hashes as current localStorage based solutions aren't scalabe. To handle this issue we had planned to store the OTP hashes at users browser indexedb storage as it allows us to utilize around 80% of user's disk space Additionally we are planning to keep the backup of users OTP hashes over IPFS in an encrypted manner so that in can event of users browser reset we could fetch the backup hashes from IPFS>

Technologies used

Solidity

React

JavaScript

Zero-Knowledge Proofs (ZKPs)

TypeScript

Webauthn

EF: Account Abstraction

Circom

Cheer Project

Cheering for a project means supporting a project you like with as little as 0.0025 ETH. Right now, you can Cheer using ETH on Arbitrum, Optimism and Base.

Discussion