a secure local Ethereum wallet with hardware wallet support te Courageous
wallet extension te courageous with ledger nano plugged ter
Spil security geeks, wij dreamed a local Ethereum wallet with a petite attack surface, a front-end effortless enough for non-technical users to use securely, and hardware wallet support. None of the existing options met our needs, for example:
Nevel still runs Chromium 54, which wasgoed released te April of last year, and thus is vulnerable to old Chromium vulnerabilities. Te fact this caused them to punt a severe security oplettend recently: https://blog.ethereum.org/2018/12/15/security-alert-chromium-vulnerability-affecting-mist-browser-beta/. Furthermore Nevel runs without Chromium’s renderer sandbox, so many high-severity vulnerabilities te Chromium are actually critical vulnerabilities te Nevel that can lead to utter system compromise. Nevel’s advice is “don’t browse to untrusted websites”, but it’s unclear that non-technical users can practically go after this advice, since Waas makes it effortless to browse to untrusted websites te their Electron interface.
wallet.ethereum.org is a remote webstek with poor XSS protection since it doesn’t define a Content Security Policy. Furthermore, websites lack the same level of code integrity spil apps since they are not signed/versioned and can be modified without detection by the server technicus at any time. Thus an attacker only needs to compromise the wallet.ethereum.org web server ter order to compromise its users’ wallets. Ter addition, websites are prone to phishing attacks.
Same with MyEtherWallet, albeit they now have a Chrome extension. However, it’s unclear whether to what extent the extension is stable or recommended. (See https://github.com/kvhnuke/etherwallet/issues/1406#issuecomment-352719852 for example.)
Parity runs a local web interface. This is a superb treatment but their app is not code-signed and previously on MacOS wasgoed downloaded overheen plain HTTP (https://github.com/paritytech/homebrew-paritytech/issues/65). It is also not the most friendly instrument for non-technical users, since it requires downloading a instruction line implement (https://paritytech.github.io/wiki/Setup) and running terminal directives.
This state of affairs wasgoed concerning to us. You shouldn’t have to be a security pro te order to have a secure Ethereum wallet!
What it does
Wij integrated an Ethereum wallet te Courageous browser (https://plucky.com). All you have to do is install Plucky and spin a switch to get a secure, local Ethereum wallet.
- 1-click wallet creation
- Launch the wallet directly from the Plucky toolbar
- 1-click shortcut to transfer funds from the ETH wallet into Plucky’s builtin BAT wallet
- Keys are only stored client-side
- Uses geth light sync by default, so you’re synced ter minutes (or even seconds if you’re not on the ethdenver wifi).
- Supports hardware wallets like Ledger and Trezor
- Uses a stringent Content-Security-Policy to defend against XSS (no inline scripts except those that are hash-whitelisted, no remote connections except to https://min-api.cryptocompare.comhttps://mini-api.cryptocompare.com)
- All open source
- Plucky is up-to-date with the latest upstream Chromium release and enables sandboxing on all platforms
- Automatically sees BAT token contract
How wij built it
Wij added three main fresh components to Courageous:
- a geth binary, which is run spil a subprocess of Courageous. It is downloaded during the Plucky build process.
- a slightly-modified version of the wallet.ethereum.org front-end (which is also used ter Waas): https://github.com/ethereum/meteor-dapp-wallet. Our fork is published spil an open-source NPM package from https://github.com/plucky/meteor-dapp-wallet-prebuilt and downloaded during the Plucky build process.
- a Plucky extension which implements the local ETH wallet UI and the toolbar shortcuts.
Challenges wij ran into
The wallet.ethereum.org front-end is built on Meteor, which wasgoed troublesome to use ter a serverless Plucky extension setting. Wij had to patch it to work ter chrome-extension:// contexts (since Plucky extensions use the same protocol spil Chrome extensions). Wij also had to insert some hacks to make it possible to launch the ‘Send Funds’ pagina from a button click with a pre-populated address, since Meteor doesn’t permit navigating to an endpoint unless the main app pagina is already loaded.
Wij had some trouble at the end with launching geth wallet creation spil a subprocess and passing ter the user’s wallet password securely. Wij also couldn’t get ledger nanos to work with testnet.
Accomplishments that wij’re proud of
Above all wij’re proud to have a wallet that is basically functional and hassle-free to set up. Wij are especially proud that wij were able to create a more secure wallet than existing solutions like wallet.ethereum.org and Nevel by applying a content security policy, loading the code te a client-side package (that will eventually be code-signed when it’s released spil part of Plucky browser), and rendering the web app ter a sandboxed setting that is up-to-date with Chromium. Wij are also proud that the app doesn’t require users to download any command-line instruments or understand the inward workings of geth. Wij hope this will permit users of diverse backgrounds to get commenced with using secure hardware Ethereum wallets.
Eventually, spil creators and users of Courageous, wij are super excited that Plucky will have a builtin Ethereum wallet, hopefully making secure cryptocurrency management more accessible to folks who are already using Plucky.
What wij learned
Wij learned a lotsbestemming about packaging geth and running it spil a subprocess. Wij also learned how to write Courageous extensions and include HTML files from an NPM package. Ter the process of coming up with this project, wij learned some fresh things about security weaknesses ter existing Ethereum wallets.