On the discussion of deprecating t-addrs, we have the issue of not having cold wallets supporting u/z-addrs. Even if we fix this issue today, Ledger & Trezor companies can decide unilaterally whether to accept or drop an app at any time, which is not great as far as resilience is concerned. We should keep trying to make things work with those two trusted and reliable wallets, but we should also look at other approaches.
Would it be difficult to develop an Android app that would exclusively sign transactions? That would entail an app that would work entirely offline, would display exactly what is being signed, and once approved, would transmit the signature through a QR code (to be scanned and tx broadcast from a connected device). Ideally, this would be installed on a phone that has the bare minimum installed (GrapheneOS comes to mind) along with that signing app, and then switched to airplane mode until the phone is eventually reset.
Such setup would free us from the Ledger / Trezor walled garden as anyone can install an apk file on their Android device. If we have this, it’s one less thing to worry about on our way to deprecating t-addrs. Worth considering, I believe.
Wow, thank you @gottabeJay, I did not know about this option.
Also interesting and useful to learn that 1. the signature wouldn’t fit in a regular QR code and 2. there exists animated QR codes that can alleviate this issue (Cold Storage :: YWallet).
I would be curious to read what thoughts the community have on this solution. Do you see this as a reasonable replacement to Trezor & Ledger?
Two things I would personally like to see improved:
The interface is looking a little bit challenging to use. Ideally the Signer app should really be standalone.
It should be possible to create an account from the Signer app, and have the option to split the key following Shamir’s secret sharing - as is done with Trezor.
Absolutely. What would be particularly nice imho, would be to standardize the offline signing. So one can use the Android Signer to sign transactions of any Zcash wallets.
May I ask you to elaborate or share a link where I could learn more about how those two technologies can help with offline signing?
Definitely, we should make a ZIP to standardize those formats. I could attempt to start this but I’m busy with the FROST ZIP at the moment. We could probably start with the Ywallet format if Hahn agrees and see if anyone has suggestions to change or improve it.
Maybe our talk at Zcon4 (ignore the failed demo attempt at the end, we manage to do it later). But you can also look up threshold sigs / multisigs, it’s a similar concept. It wouldn’t be offliner per se, but having the secret split into multiple shares reduces risk of having them online since an attacker would need to compromise multiple participants. So in a way it’s an alternative to offline signing.
The spec is basically done and just needs CFRG approval. The proof is being written up by Chelsea and being submitted to a conference for peer review, for which she will get feedback on late November. I’ve just updated the draft ZIP with a new simplified design. It’s basically done, just waiting for the proof too.
That being said, things are much less likely to change at this point than when that grant was submitted (and indeed a lot changed since then), so now is a great time for people to start integrating FROST
