Nighthawk Wallet Design & Development Grant

Hi @aiyadt, I am very happy to let you know that the ZOMG has approved your grant. We are super excited about this. The call we had last week was illuminating and made the importance/urgency of the grant even more obvious to some of us.

Congrats, and please do keep us updated on this thread as you check off some of the items above! :slight_smile:


This sure is exciting news! :champagne: :clinking_glasses: :tada:

Thank you :pray:


Is securing the app with PIN/biometrics on the roadmap?

1 Like

The app has PIN/Biometrics authentication for sending a transaction and viewing the seed words. There does seem to be an added benefit of having app-level PIN/Biometrics security and not relying on the device level screen lock.

I’ll add it to the internal feature list. Thanks @covfefe


With the completion of Milestone 1 around the corner, I would like to share a link to the ongoing development status of Nighthawk Wallet

The status of each deliverable will be updated on every release of the wallet and a history of the Changelog will be made available publicly.

Stay tuned for a follow-up post on Milestone 1 achievements & our plans for the next 3 months.

1 Like

If there’s a new (beta?) version for Android I’d like to try it.

The current version fails with ‘Scan Error’ when importing my test-wallet-from-hell’, its a very old wallet with many (many!) small txns and a nasty test.

1 Like

Sure, will keep you posted on the next Android update. And I’d very much like you to test your wallet with many many small txns against the next release.

1 Like

(moving conversation to Wallet specific thread)

Hey @mika, Contributors usually branch off from the master branch. You’ve linked a work-in-progress branch. If you feel adventurous, feel free build it per the build instructions at nighthawk-wallet-android/ at master · nighthawk-apps/nighthawk-wallet-android · GitHub

The public repository is to make available the Nighthawk Wallet codebase open source. Feel free to go through the Contributing Guidelines if you’d like to be involved, like many others who have contributed. nighthawk-wallet-android/ at master · nighthawk-apps/nighthawk-wallet-android · GitHub


With the release of Nighthawk iOS v1.21 on App Store & Nighthawk Android v1.0.20 on Play Store, we have successfully reached the first Milestone. We would like to share our achievements, which are well received by end users on both Android & iPhone.

The status will be updated regularly and published at

Additionally, we:

  • Resolved several user support requests via Emails, DMs and GitHub issues.
  • Proactively participated in mobile design discussions for NU5 & Unified Address UX with ECC.
  • Engaged with end users, product walkthrough and noted shortcomings to improve upon.
  • Obtained necessary hardware & software towards meeting milestone deliverables.
  • Renewed the App Store Developer subscription with Apple.
  • Updated the app landing page at
  • Regularly attended development meetings with the LCWG.
  • Setup continuous integration via Bitrise and enabled test-net build variants for ease of testing.
  • Transitioned from relying on existing lightwalletd server to with 0 service interruption for our end users.
  • Fixed a vulnerability reported to us via our Disclosure Policy.
  • Reported a vulnerability upstream and acted immediately releasing a fix to prod. Privacy-leak bug discovered in Nighthawk and ECC wallets - Electric Coin Company
  • Followed the strict no logging/tracking policy.
  • Kept app dependencies updated with the latest fixes from ECC & native Apple/Android eco-system.

Android specific:

  • Enabled language configuration to prepare for auto-translations to multiple languages.
  • Increased number of supported devices for Nighthawk on Android to 14,579 devices(per Play Console) with minimum supported version of API 23/Android 6.0
  • Focussed on improving layouts & accessibility for supporting a broad variety of form-factors.
  • Enabled screen density configuration to generate optimized APKs for each screen density.
  • Switched to ABI configuration for releases instead of APKs for a smaller app download for users by removing the libraries of the ABIs their device will not load.
  • Reduced app download size to ~9MB after stripping out un-necessary Play Services components, also preparing the build towards a F-Droid release.

Developer community related updates:

  • Engaged with contributors and rewarded them for their contributions from our consulting budget.
  • Intro with ARTI developers and plan to provide them with mobile device requirements for running Tor by default on thin clients.
  • Attended Google I/O 2021 & Apple WWDC21 to keep up to date with the latest APIs, cryptography & security related updates on the Android & iOS platform.

Zcash users feature demands which we will R&D on as per bandwidth:

  • Passcode/Pin protected app start.
  • Contacts management with Z-addresses.
  • Deep linking for interacting with ZECpages.

Things to improve on:

  • Provide updates on Zcash Forums: As per the grant, we promised to post updates following every Milestone on Zcash Forums, especially after an observation of the forum activity slowing down. So we focussed on connecting with the end users directly for updates and troubleshooting. In the future, we will try to post updates to the forum alongside our alternate channels.
  • Investigate optimizing of sync times while maintaining maximum privacy & reducing information leakage. As for the scanning optimizations, once the faster community algorithms are verified and gotten thumbs up from @str4d , we can have those pulled in to Nighthawk for all the efficiency gains.The priority for the next milestone is still NU5 compatibility.
  • Improve regression testing to stop vulnerabilities from seeping in to production versions.

We thank @ZOMG for funding us and believing in our vision to ship Nighthawk Wallet on App Store, Play Store & soon F-Droid Store with regular updates.


Nighthawk Wallet on Android v1.0.20 is live on the Play Store

  • A whole better Nighthawk with T-address support + Auto-Shielding of funds after Transparent funds cross 1 ZEC.
  • Sending of ZEC is possible from Z-address only for preserving privacy.
  • Wallet History gets a new look too!

T-address → Z-address Shielding in action Nighthawk Android v1.0.20 - Album on Imgur


With the delay in NU5 on main-net, Nighthawk Wallet team would need to adjust the Milestone and deliverables. As promised in our last update, we have been maintaining the live status of development at

In April this year, in line with the prospective July/August launch of NU5, we had planned the launch for UAs to be undertaken in Milestone 2/3, but it is clear now that only the Test-net will be available in Q4 2021 with Main-net launch in Q1 2022. While this delay would give us extra time to refine on UA support and testing before the Q1 readiness, but it will delay our final deliverable flowing in to Q1 22’.

With the extra cycles available in Q4, I have requested @ZOMG to review us undertake working on much needed areas to improve on the wallet:

  1. Improve automated & manual testing across various devices and
  2. Adding easy ZEC purchase support. I have started communication with which can process KYC & Payments so the purchases will be taken care by them, supporting many countries, but not US per their policy :frowning:
  3. Additionally, we can focus on developing the designs with Matt for faster iterations and implementation starting with Android. iOS app redesign update might take longer as the Swift UI framework is very new and it would require diligent coding to bring Matt’s designs to life.

Additionally, I would like to share a short retro for Milestone 2:

What went well

  • F-Droid launch with no anti-features, setting up automated release publishing. Great feedback from the Unlocked Droid community to have a dedicated, Google-free wallet for Zcash.
  • We even got a mention by a Professor from Germany when comparing privacy coins.

And Naomi Brockwell’s feature on Zcash!

  • Purchase of devices & computers for the team to improve security when developing software and improve debugging.
  • Shipped a bonus feature on Android to export wallet seed words to a password protected PDF for easy backup.
  • Shipped Android URI DeepLink & QR code scan for easy of UX when interacting with ZecPages or ZIP-321 compatible services.
  • Fixed test-net variant breakage in zcash-android-wallet-sdk repo upstream.
  • Increase in testing and review for shipping bug free native apps.
  • Got introduced to a research opportunity of building a privacy preserving retrieval of transaction info, this is fresh research and sounds very promising for the future of privacy in light clients.
  • Reviewing possibility of Thorchain integration in Nighthawk wallet for easy to use swaps.
  • With several bug fixes and support for Android 12 & iOS 15, our users are happier, require less support - we went from 4-5 support requests per week in July to 0/1 per week at the end of September while app downloads keep increasing beyond 1000 for both Google Play & Apple App Store each. Nighthawk users contact us via a combination of twitter, protonmail & z2z messages.
  • Take active part in code reviews of upstream wallet & SDK repos.
  • The bi-weekly Native Mobile Light Client Working Group calls have been going well with transparent updates available at GitHub - zcash/lcwg: Light Client Working Group project management repository (Thanks to following Hudson’s model from ETH cat herders calls)

What didn’t go well

  • Both iOS devs were down with COVID-19 causing a slippage of feature deliverables of Deep Linking/QR code scan & PIN code for app entry for Nighthawk on iPhone. These features were successfully shipped on the Android version to both Play Store & F-Droid.
  • Delays in the fast syncing algorithm integration - we are in close contact with ECC who are exploring an optimal solution for faster sync.
  • Translations work is delayed to Milestone 3 as the Lingohub rates for languages we plan to support increased by 3 times, which was out of our budget and not practical as the service package is a monthly payment in to perpetuity. We are now in the process of shifting to using platform for crowdsourced translations.
  • Flexa SDK integration work is also on a back burner as Flexa team is focussing on their own app and roadmap while delaying the release of their Spend SDK. Spend SDK · Flexa Developer

Thanks for the update. Btw, was this feature reviewed by a security expert?

AFAIK, pdf security isn’t very good and there are pdf password crackers that claim they can break it in seconds.

1 Like

What’s the time period for the 1000+ downloads of Nighthawk wallet?

True, PDF security is weak generally, hence we chose integrating iText Core 7 which makes libraries meeting Digital signature standards for PDF encryption iText 7 Core: an open-source PDF development library for Java and .NET.

It still creates pdf and these aren’t very secure, are they?

Let us know if you can crack the password protected PDFs generated via Nighthawk (via our Disclosure Policy

And maybe even contribute to the public upstream repo: GitHub - itext/itext7: iText 7 for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText 7 can be a boon to nearly every workflow.

Hey, it’s not about iText 7. It creates encrypted PDF but encrypted PDF aren’t very secure.

I’m not a security expert, but maybe you should consult one? Maybe @daira @str4d ?

AFAIK, pdf encryption is good as long as the passwords are good but they don’t do key stretching to slow down brute force attacks.

This delay pushes out the planned implementation for Unified Addresses support in @NighthawkWallet further than anticipated. I am happy to see the release plan mature towards a well aligned release of NU5 + Halo Arc, which enables official Zcash SDK users and partners to support NU5 with verified code along with the protocol upgrade taking effect.

As brought up in the monthly update, contributors to Nighthawk Wallet are working with researchers to develop a Proof of Concept with a novel approach to sync transaction data between light clients and Zcash block server. This work will focus on reducing possible information leakage via lightwalletd and improving sync times for a better end user experience for Nighthawk users. We might be able to target the demo of this improvement along with the NU5 launch.


To clarify, how was iText 7 acquired? It would seem Nighthawk Wallet either is currently in violation of its licensing terms (AGPL) or not actively OSS.

As for security, it appears to use a 160-bit MD5 hash of the owner password to encrypt the user password into a checksum. The owner and user passwords seem to be frequently referred to as equivalent in general use and that is the case with Nighthawk wallet. Due to the lack of salting, that enables precomputation with ease, yet I couldn’t comment on how many such tables exist nor their scope. There does also appear to be software utilizing GPUs available to break keys yet I haven’t downloaded it to try.