Wallet Extension + Static Site Implementation

[aubrika]

Wallet Extension + Static Site

Currently, the browser extension provides a lot of functions that one would not find in a hardware wallet. These are desirable features to have a user interface for, but we would like the wallet extension to function more like a “virtual hardware wallet”, with deliberately limited functionality, and to move most of the existing functionality of the wallet to a static site.

The point of this is to make sure that it is possible to support third-party frontends, allowing the browser extension to function as a neutral, minimal piece of standalone software that many different websites can utilize. So, the extension itself should not obligate a user to use its particular user interface for anything more than basic key management and transaction approval wallet functions. Moving the other functions currently in the extension into a website will serve as a valuable proof of concept for this design and be an example that future developers can follow.

We propose moving most of the existing browser extension features into a website (app.testnet.penumbra.zone), leaving only transaction signing and key management in the browser extension itself. By having the website use the extension for these two functions, we will provide a means for other developers to use the wallet extension with their own software in the same way.

Browser Extension

• Does two things: 1.) transaction signing with confirmation pop-up 2.) key management
• Has a view service implementation
• Provides a custody service, using a browser popup to review a human-readable form of the transaction plan and approve the transaction
• Does syncing/scanning, but does not include send/balance/transaction history
• Should include a settings page for key management & other settings
• Should display a popup for reviewing submitted transaction plans and approving/denying transaction submission
• Should work more like a virtual hardware wallet (very simple) compared to the implementation on the static site.

Website (app.testnet.penumbra.zone)

• We will host the static site & we can coordinate to set up a deployment pipeline which will auto-deploy from the wallet repo
• The app hosted here should support any currently-implemented or proposed user action that is not related to 1.) signing a transaction or 2.) key management (i.e. send transaction, balance, transaction history, all of that)
• If this site needs keys to do anything, it should utilize the extension’s key management service.

Architecture

                  ┌───────────┐
                  │ Extension │
              ╭   │ ┌───────┐ │ custody
     spending │   │ │custody│ │ protocol
   capability │   │ │service│◀┼─────────────────┐
              ╰   │ └───────┘ │                 │
                  │           │                 │
                  │           │                 │
                  │           │                 │
              ╭   │ ┌───────┐ │ view            │
 full viewing │   │ │view   │ │ protocol        │
   capability │   │ │service│◀┼──────┐          │
              ╰   │ └───────┘ │      │          │
                  │   ▲       │      │      ┌───┼────────────┐
                  └───┼───────┘      │      │   │ Web Content│
                      │              │      │   ▼            │
              ╭       │              │      │ ┌───────┐      │
  transaction │       │              └──────┼▶│wallet │      │
 perspectives │       │                     │ │ logic │      │
              ╰       │                     │ └───────┘      │
                      │                     │   ▲ │          │
                      │ specific/oblivious  └───┼─┼──────────┘
                      │ client protocols        │ │
                      ├─────────────────────────┘ │ tx
                      │┌──────────────────────────┘ broadcast                     .───.
                      ││                                                        ,'     `.
              ╭   ┌───┼┼─────────────────────────────────────┐             .───;         :
       public │   │   ││                    Penumbra Fullnode│            ;              │
        chain │   │   ││ grpc/grpc-web                       │          .─┤              ├──.
         data │   │   ▼▼                                     │        ,'                     `.
              │   │ ┌────┐     tm rpc proxy     ┌──────────┐ │       ;               Penumbra  :
              │   │ │    │◀────────────────────▶│          │ │       : ┌───────────▶ Network   ;
              │   │ │ pd │◀────────────────────▶│tendermint│◀┼─────────┘                      ╱
              │   │ └────┘       abci app       └──────────┘ │         `.     `.     `.     ,'
              ╰   └──────────────────────────────────────────┘           `───'  `───'  `───'

Questions

• How much refactoring work does this sound like?
• Do you foresee any particular difficulties with the design changes proposed above?
• How can we support you in this work?