AirGap Support for Sapling

ZCash Sapling AirGap Integration Proposal

Introduction

Crypto adoption has been slowed down by insecure and user-unfriendly wallet solutions. If a user wants to be his own bank and take over the responsibility to securely manage funds, an easy to use but secure solution is needed. Based on the experience we gathered from our previous tasks working for large financial institutions we strive to offer the highest possible accessible level of security to the community.

AirGap is an open source wallet that allows users to easily onboard on an air-gapped way to dealing with your crypto transactions. With the AirGap two device approach, secret-handling becomes more accessible and secure. AirGap covers security on three layers:

  • Advanced secret generation using multiple sources of entropy (e.g. mic, video, accelerometer, touch)
  • Social secret recovery using Shamir's secret sharing.
  • AirGap follows a two-device approach, leveraging the mobile application sandbox and permission system as well as biometrically secured enclaves (Touch ID, Face ID, Fingerprint).

These three layers cover common attack vectors and misusages concerning secret management in the context of cryptocurrencies. Even though security and user experience often result in trade-off decision between one or the other, we’ve spent a lot of effort to achieve what we call “accessible security”. We believe that security alone is not enough if crypto adoption should reach the masses, but a solution also needs to be easy and understandable to use.

Ambition

With this proposal we want to provide to ZCash users a complete integration into AirGap, so that users can transact their ZEC's securely using an air-gapped approach.

A by-product of this proposal is the inclusion of ZCash into the javascript library airgap-coin-lib that will allow even developers to easily create applications that can perform air-gapped transactions without having to deal with secret management.

Here some screenshots of how the apps look like. But the best is to simply test them directly by installing them from the stores (app store and play store).

AirGap Vault

AirGap Wallet

AirGap Secret Generation

Team

The team behind AirGap is composed out of 8 mobile security developers. We've been developing and securing mobile banking applications of various fortune 500 financial institutions for the past 5 years. With AirGap we want to provide this knowledge and expertise to the open source community.

Funding Details

The integration should happen within 2 months, this will include a security review of the added codebase and the release of all apps in the stores.

Most of the funds will be used for the actual integration of ZCash into the current AirGap Apps (iOS, Android, Linux Distribution) and libraries. A small portion of the funds (10%) will be used to update the developer documentation and support. Another 5% will be used for the user documentation (through Medium and github) and community management.

All of the developed code will be licensed under MIT (which is already the case for the project today).

Campaign

Started
12 days ago
Category
Accessibility
Deadline
in 18 days
Funding
0 / 659 ZEC
ZEC
1
Integration of ZCash into AirGap Vault
2
Integration of ZCash into AirGap Wallet
3
ZCash Components in Dev Documentation
4
Release of Apps in the Stores

Integration of ZCash into AirGap Vault

Reward: 197.7 ZEC
This milestone will allow the users to securely generate and manage secrets and ZEC Addresses (t-addresses only for this first integration).