I have worked on system development for 25 years +. I worked in the SQL Server Engine, Windows CE and .NET framework. I implemented a full node bitcoin in F# and Scala.
Motivation and overview
A cold wallet is the ultimate security solution as it isolates the secret keys from any online attacker. Hardware wallets are also very secure but at the moment none of them support shielded addresses. The best so far is to use an encrypted wallet in zcashd. However if the machine is compromised, a hacker could install a malware in place of the authentic zcashd. Unless the user carefully checks the program signature every time, he could end up sending his secret keys to the hacker.
This is a proposal for a command line utility with four modes of operations:
- key and address generation: similar to a paper wallet. This will produce a seed, derivation path and secret key/viewing key/sapling address.
- the viewing key is imported in the database
- run the app on a computer connected to lightwalletd to sync. Compact blocks and transactions are downloaded. The received notes are decrypted, balance is computed.
- prepare a spending transaction: spending notes are collected and a transaction description is created. It includes all the information needed to form a full transaction except for the actual signatures / proofs. Spending note diversifiers, addresses, amounts, rseed, witnesses would be included for instance,
- to sign the transaction, the transaction file is copied to an offline computer which has the same cold wallet app. This could be a laptop for example. No database or download of blockchain data is needed there. It only needs the zcash parameters for sapling
- the user signs the transaction and checks that the destination and amount is correct (in case the online computer was compromised and produced a fake transaction). The cold wallet app builds a complete transaction (including change and fee) and signs it. The raw bytes of the transaction are saved to a file. The user copies this file back to the first computer.
- he submits the final transaction
running offline to sign and prepare the raw transaction submitting a complete transaction
There could be some data needed for signing a transaction that has to be fetched online. The cold wallet relies on being able to save all the inputs into a message that can be transferred "slowly".
The cold wallet app needs to be updated as new changes are made to the protocol.
We should demonstrate the end to end paper wallet-like workflow. Prepare two computers. Install the app on both computers but leave one of them offline. Generate a wallet offline. Send some coins to it in several transactions. Prepare a spending tx. Transfer to offline wallet & sign. Transfer back to online computer and broadcast. Repeat.
Tasks and schedule
This should take a few days to code and test.
Budget and justification
I think this should take 2 days to code + 1 day for testing. 3x8 = 24h. at 200$ / h. It comes to 4800 $.