airgap-it / airgap-vault Goto Github PK

Or All-screen gesture. Same thing.

Error:

Changing <base href="/" /> to <base href="./" /> in src/index.html seem to fix some files but the airgap-currency-symbols still show ERR_FILE_NOT_FOUND.

Commit 32c980c
Electron v11.2.0

It would be really useful if users could enter the recovery seed they wrote down to verify it is the same saved in the vault.

Adding support for Universal Offline Signatures would allow us to connect the Vault to other apps, for example https://polkadot.js.org/ . This would allow us to cover more advanced use-cases without adding support for it in the Wallet.

Hello Contributors
@pascuin @AndreasGassmann @dschoeni
I saw you contributed many things for this repo.

I am one of user of airgap wallet, I saw that is upgrade as ionic 4, but I think airgap-vault is not upgraded yet.

could I work for that?

Cheers

Is it possible to manage GPG keys using vault? I don't mind if I have to hack something together, I can also submit a PR if it's a desired feature

Please add a setting when you create or import an active secret were you can add a BIP39 Passphrase. This way you can separate your wallets by the BIP39 passphrase.

Currently you can add a BIP39 passphrase when you Add Account (Creating a new wallet) and this allows you to have multiple bitcoin wallets under one active secret by changing the BIP39 Passphrase for each bitcoin wallet. I am not against this method but would personally also like to see the BIP39 option to be applied to the active secret like this so you can have multiple bitcoin wallets but they are under different active secrets.

Active Secret 1
crumble walnut blush tone cousin never taste silk disease border remind picnic

Active Secret 2
crumble walnut blush tone cousin never taste silk disease border remind picnic mypassphrase1

Active Secret 3
crumble walnut blush tone cousin never taste silk disease border remind picnic mypassphrase2

Active Secret 4
manage woman gym hammer park solar guard prevent toilet arctic pig feed

Active Secret 5
manage woman gym hammer park solar guard prevent toilet arctic pig feed mypassphrase1

Active Secret 6
manage woman gym hammer park solar guard prevent toilet arctic pig feed mypassphrase2

I will create this issue which people can add what coins they want supported in AirGap. I would also like to have anyone who wants a coin added to AirGap look at my Plugin purposal which can be a way to allow coins to be added to AirGap without having the AirGap devs having to maintain all of these coins.

Plugin Purposal
#40

Please search this issue for the coin you want to see before creating a post to have it added and if you want the coin, thumbs up the post. To add a coin to this issue, add the coin name and the ticker symbol.

I'm running the Vault on a samsung galaxy tablet. My issue is that I am unable to sign the transaction that was created from the mobile wallet. I can successfully scan the transaction but when clicking the "sign transaction" button and verifying my identify, the signing verification window shows. The application just hangs.

anyone experience this ?

Currently, we use a custom implementation of SSS (Shamir's Secret Sharing) because there was no standard at the time.

We cannot use SLIP-39, because it does not allow to "split up" an existing BIP-39 seed.

The new bc-sskr standard covers our use case.

SSKR has some more advanced features like "groups" and "group thresholds". But for simplicity, we should only support one level for the shard generation.

In any case, we will continue supporting the reconstruction of shares that have been created using our current implementation.

Could you please add one?

Hi guys,

I am having issue with generating new account from existing seed phrase.
Error

2020-09-01 10:12:32.201 13640-13640/it.airgap.vault E/Capacitor/Console: File: http://localhost/main.js - Line 3910 - Msg: TypeError: Cannot read property 'initStorage' of undefined

I have android studio 4 (the latest)

Previously i had compiled with android 3* versions and it had worked.

But this time it asked me to install version 4 and after that i started seeing the above issue.

some other capacitor plugins are not loading i think.

any thoughts in this ?

Thank you

Please allow for the creation for more secret shares and the number of shared required for recovery. The Trezor wallet allow for up to 16 recover shares.

Did you decide to implement a plausible deniability option?

I launched and generated mnemonic seed by Vault app, import seed does not work with it, the "IMPORT" button is just not active. I also tried with mnemonic seed generated by Trezor, we are using bip39, right?

The question is, did you test your own recovery procedure or I am doing something wrong? I assume I am right, because it's really hard to enter 24 words many times and make a mistake. Thanks.

Update: Vault must convert all words to lower case, just because every time you enter seed the first word starts from capital letter in this form. It's okay to assume that wallet will do that and its current behaviour causes a lot of inconveniences and confusion.

1/ build a built-in keyboard for, restore a wallet. Like Coinomi.
2/ Use Android KeyStore w/ user entered password(not bio fallback screen lock) + bio double auth. With StrongBox support is even better.

There are many ways to do private atomic swaps and transactions with non-private cryptos such as REN. I personally think NIX does it better and would like to suggest integrating NIX into the wallet for adding privacy to all crypto wallets and transactions for the users.

• Adding NIX token support (Will soon be a ERC20 token)
• Ability to have DEX atomic swaps using NIX protocol
• Integrate most or all privacy features offered by NIX in AirGap wallet (Ability to use BTC and other coins privately that are supported by NIX)

NIX is currently its own blockchain but is moving over onto Ethereum which I would imagine will make integrating NIX easier into airgap.

Flare Wallet (Wallet that uses NIX atomic swaps)
https://flarewallet.io/

NIX
https://nixplatform.io/

NIX moving onto Ethereum
https://nixplatform.medium.com/bringing-privacy-to-the-ever-expanding-world-of-ethereum-and-defi-28d1c0248d98

I just failed to verify the 3.6.1 release as there is no commit tagged as such. I will update this review once verification is possible again.

Hi, hope everything's fine

I recently got to know the app and tried to install it from the latest release page, but issuing sha256sum airgap-vault-28519.apk yielded

57c362a3508f1420007fe5d0867f889a9683f0b51d746ab20067fb9e90abbc2f  airgap-vault-28519.apk

instead of the expected

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  airgap-vault-28519.apk

Then I tried to verify the other two available downloads (the zip and tar ones) to check if the hash was from something else, but that wasn't the issue.

I ran through the same steps with the previous version, and I was able to get the same hash for the APK as the one shown.

Am I missing something?

Thanks!

I know some will prefer FIO or something else, but I would like to suggest adding support on integrating Unstoppable Domains

• Support .zil and .crypto addresses (Will need to add ZIL coin support for .zil domains)
• Ability to buy multiple unstoppable domains with crypto in the app
• Ability to transfer multiple unstoppable domains to another address in the app
• Ability to add crypto addresses to multiple unstoppable domains in the app
• Ability to send crypto to an unstoppable domain address in the app

I prefer Unstoppable Domains since they are a one time purchase and you have it for life unlike FIO addresses, they are human readable and can help with adoption by being able to tell others were to send crypto to. Unstoppable domains can be used for other things like hosting IPFS stuff but I dont see a need for Airgap to support all of that, just for the ability to register, transfer domains and be able to easily accept crypto using a unstoppable domain.

Would be nice to be able to import private key (with optional bip38 password), so we could use airgap vault to securely spend paper wallet.
Also would be nice to support segwit (3xxx keys) and bech32 (bcxxx keys)

Future suggested options::

auto completion of mnemonic seed after N chars
plausible deniability
lock application with a password
auto-delete after N wrong passwords
social recovery external standalone file (html and javascript.)
( Ex: https://github.com/iancoleman/iancoleman.io/blob/master/shamir39/index.html)
I hope these suggestions will motivate you to greatly improve this application, which could become a competitor of BRD Wallet.

On my device I can spam empty space to cancel authentication, then get a prompt again (while(1) loop?) from app, but between these two prompts I have a few millisecond I can operate the app. And go viewing phrases will break the loop.

It's not a serious security concern because when signing and viewing phrases a prompt(*X) will popup again, and is not skip-pable. According to your implementation seems to be cryptographically safe, prompt is a must to decrypt.

The need to fix is because when after you break the loop, stay in app, lock the screen, UNLOCK the screen, Android OS will decide if that second prompt(*X) is still in place, which mostly, not.

I've built master branch and it looks like AirGap Vault must be reopened once after opening at first time to accept disclaimer, for example it doesn't allows me to sign transaction until I reopen it.

Store Passcode using KeyStore. Properly call KeyStore to generate keystream "A" using input passcode. Then if Bio is not enabled, Provide "A" as decryption key and along with TX message to sign TX or show recovery phrase. If Bio is enabled, then you need chain these key together. When for example fingerprint get changed or disabled, then the chain is broken and recovery phrase is needed to re-enable accessing to private key/master phrase.

Currently all tags in repo are not signed:
https://github.com/airgap-it/airgap-vault/tags

instead of signed, see for example: (click the 'verified' green button)
https://github.com/bitcoin-wallet/bitcoin-wallet/tags

see for more info on how to sign:
https://help.github.com/en/github/authenticating-to-github/signing-tags

and better read all documentation about git signing at github at: (commit signing as well, etc...)
https://help.github.com/en/github/authenticating-to-github/managing-commit-signature-verification

after signing is used, upload the key to github (it will be shown as verified instead of unverified)
https://help.github.com/en/github/authenticating-to-github/adding-a-new-gpg-key-to-your-github-account

why it's important:
https://www.qubes-os.org/security/verifying-signatures/#how-to-verify-qubes-repos

The page quotes:
01d55519d8a73a9710b3d22a1f2bf16ed6f48b46cefedfe1ffcaa8dd770423b0

Result I got:
$shasum -a 256 = bde259a8bcdf36c895a32589e1e1894d2d965b60a1ac389b6341b7eea54edcdb

https://github.com/airgap-it/airgap-vault/releases

There is a new BIP that is slowly being adopted by hardware wallets. Coldcard was the first to add support a couple months ago, now others are starting to plan this as well.

A non-technical explanation of BIP85 is that it allows you to deterministically generate new mnemonics out of a mnemonic.

So for example, you can have a mnemonic:

install scatter logic circle pencil average fall shoe quantum disease suspect usage

And then generate another mnemonics out of it, eg:

Index 1: girl mad pet galaxy egg matter matrix prison refuse sense ordinary nose
Index 2: mystery car occur shallow stable order number feature else best trigger curious

Use case

There are many use-cases for BIP85:

• Instead of worrying about backing up multiple mnemonics in a secure and resilient way, you can focus on storing only one.
• When you need a mnemonic for a less secure wallet (eg. browser extension), you can derive a new child mnemonic out of the master key. When a child key is compromised, other child keys and the master key are still safe.
• When you lose a child mnemonic, you can simply derive it again from your master seed. No backups of the child key are necessary.

Libraries

There was no bip85 library available in javascript, so I created one: https://github.com/AndreasGassmann/bip85

References

BIP85 Specs
BIP39 tool from iancoleman PR

Device: Fairphone FP3
OS: /E/OS

This is a brand new install of the OS, everything was erased, there should be no trace of a previous root.
The procedure i followed:
_ OEM unlock
_ Flash /e/os as instructed here, ignoring the "Installing a custom recovery" part.
_ Boot the system
_ OEM lock (in developer options)
_ Install AirGap-vault

The OS works fine, dm-verity doesn't complain, i did not even try to root the phone.
When starting AirGap vault, it tells me "Your device is rooted", why is that? how can i fix this?

Thanks

Please create the vault app for linux phones to allow linux phone users like LibreM 5, Pinephone, Ubuntu Touch, etc users can use and enjoy AirGap.

Linux Mobile Wallet App
airgap-it/airgap-wallet#50

Coldcard released a new feature yesterday: https://seedxor.com

It's basically a simple and less powerful alternative to Shamir's.

The way it works is very simple, so integrating it would not be hard. But because it's a new standard, we will have to wait and see how the community reacts to it and if it becomes a new standard.

Some thoughts on using XOR for seeds: https://github.com/mmgen/mmgen/wiki/XOR-Seed-Splitting:-Theory-and-Practice

I tried to reproduce the latest version from Google Play for WalletScrutiny but got a huge diff. I used the same test script as last time when it worked.

I'm pretty sure the build instructions should have changed as I see "1.0" as my build's version and that should be replaced by 3.3.0 I guess.

Files that differ:

Files /tmp/fromPlay_it.airgap.vault_20379/apktool.yml and /tmp/fromBuild_it.airgap.vault_20379/apktool.yml differ
Only in /tmp/fromPlay_it.airgap.vault_20379/assets/public: 38.cea6fa8b879cffca7fe3.js
Only in /tmp/fromBuild_it.airgap.vault_20379/assets/public: 38.e51e7d17dabdb5844377.js
Files /tmp/fromPlay_it.airgap.vault_20379/assets/public/index.html and /tmp/fromBuild_it.airgap.vault_20379/assets/public/index.html differ
Only in /tmp/fromPlay_it.airgap.vault_20379/assets/public: main.07c5ae921df3d9811219.js
Only in /tmp/fromBuild_it.airgap.vault_20379/assets/public: main.4ad3bdee2aeb1e78081d.js
Only in /tmp/fromPlay_it.airgap.vault_20379/assets/public: runtime.5f0fe13d41aff1159105.js
Only in /tmp/fromBuild_it.airgap.vault_20379/assets/public: runtime.8bf3e3c66d45f3bca379.js
Files /tmp/fromPlay_it.airgap.vault_20379/original/AndroidManifest.xml and /tmp/fromBuild_it.airgap.vault_20379/original/AndroidManifest.xml differ
Files /tmp/fromPlay_it.airgap.vault_20379/original/META-INF/MANIFEST.MF and /tmp/fromBuild_it.airgap.vault_20379/original/META-INF/MANIFEST.MF differ
Only in /tmp/fromPlay_it.airgap.vault_20379/original/META-INF: PAPERS.RSA
Only in /tmp/fromPlay_it.airgap.vault_20379/original/META-INF: PAPERS.SF
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/BuildConfig.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/BuildConfig.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/appinfo/AppInfo.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/appinfo/AppInfo.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$3.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$authenticate$3.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$clearWindowSecureFlag$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$clearWindowSecureFlag$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Companion.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Companion.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$3.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$getItem$$inlined$with$lambda$3.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Key.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Key.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Param.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$Param.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$removeItem$$inlined$with$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$removeItem$$inlined$with$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$removeItem$$inlined$with$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$removeItem$$inlined$with$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$3.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setItem$$inlined$with$lambda$3.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupParanoiaPassword$$inlined$with$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupParanoiaPassword$$inlined$with$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupParanoiaPassword$$inlined$with$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupParanoiaPassword$$inlined$with$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$3.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setupRecoveryPassword$$inlined$with$lambda$3.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setWindowSecureFlag$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils$setWindowSecureFlag$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/SecurityUtils.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Errors.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Errors.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$afterTextChanged$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$afterTextChanged$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$Companion.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$Companion.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$generatePassword$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$generatePassword$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$generatePasswordKey$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$generatePasswordKey$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$readFromSecureStorage$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$readFromSecureStorage$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$readFromSecureStorage$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$readFromSecureStorage$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$error$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoverString$error$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoveryKeyCharacters$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$recoveryKeyCharacters$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2$$special$$inlined$apply$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2$$special$$inlined$apply$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2$$special$$inlined$apply$lambda$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2$$special$$inlined$apply$lambda$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordAlert$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$$special$$inlined$apply$lambda$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$$special$$inlined$apply$lambda$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showPasswordSetupAlert$2.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showRecoveryAlert$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$showRecoveryAlert$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$writeToSecureStorage$1$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$writeToSecureStorage$1$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$writeToSecureStorage$1.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage$writeToSecureStorage$1.smali differ
Files /tmp/fromPlay_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage.smali and /tmp/fromBuild_it.airgap.vault_20379/smali/it/airgap/vault/plugin/securityutils/storage/Storage.smali differ

Would it be possible to extend compatibility to those older devices?
What android version is required?

Hi guys,

So to test some changes in the coin-lib, I added it in the vault's package.json, file

    "airgap-coin-lib": "file://Users/xyz/Documents/airgap/airgap-coin-lib",

Then did it as npm install

But when I tried to build the vault
npm run build
I am getting issues with two packages mostly

Module not found: Error: Can't resolve 'crypto' in '/Users/xyz/Documents/airgap/airgap-coin-lib/dist/dependencies/src/pbkdf2-3.0.17'

ERROR in ../airgap-coin-lib/dist/dependencies/src/tweetnacl-1.0.1/nacl.js
Module not found: Error: Can't resolve 'crypto' in '/Users/xyz/Documents/airgap/airgap-coin-lib/dist/dependencies/src/tweetnacl-1.0.1'

ERROR in ../airgap-coin-lib/dist/dependencies/src/cipher-base-1.0.4/index.js
Module not found: Error: Can't resolve 'stream' in '/Users/xyz/Documents/airgap/airgap-coin-lib/dist/dependencies/src/cipher-base-1.0.4'

Any suggestion why this could be happening ?

Please not I took a clean pull of the develop branch of both vault and lib

Coinlib

• To prepare a segwit/PSBT transaction, we need the masterFingerprint in the wallet. This should be added to all "share account" messages.
• Add signing support for PSBTs
• Add broadcast support for PSBTs
• Extract data (eg. input and output, signatures) from PSBT so we can display it. (partially done)

Apps

• "prepareTransaction" in the Wallet must be called with masterFingerprint

Other

• RBF (replace by fee) can now be configured, we need to add a UI for it (RBF can be done through watch-only wallets in the near future)

Watch-only wallets

• BlueWallet
• Sparrow

Other wallets that support BC-UR should also work, but will be tested in a separate issue: #105

When launching the app the following error is shown: The connection to the server was unsuccessful. (file ///android_asset/www/index.html). I suspect this is due to the missing permission. Following that the app is shut down, thus not usable.

A wallet application is something very sensitive and even the air gap setup is not safe against key leak if the app is corrupt and for example uses poor randomness. A careless maintainer catching a backdoor might be enough to have an APK infected. Of course the public scrutiny is the other reason you want your app to be verifiable.

I tried to verify the current build but failed building the vault app. My findings are in this review.

Hey Guys,

When I try to run build command

ionic cordova platform run android

I am getting error

ERROR] Cannot load Cordova config.
        
        Could not find necessary file(s): config.xml, package.json.
        
        - ./config.xml
        - ./package.json
        
        You can re-add the Cordova integration with the following command: ionic integrations enable cordova --add

I am new to ionic I am guessing its a configuration file, which is missing in the project.

Also i don't see that's added in the .gitignore file so perhaps its a required file

I just failed to verify the 3.5.1 release as there is no commit tagged as such. I will update this review once verification is possible again.

https://github.com/airgap-it/airgap-vault/releases?after=v3.1.0

Version Code: 8755
expected SHA-256 hash: f970193dc859fe41a1be49613e9ee48da2e4157623daef97de572acadb468e1e

Actual hash I got: bde259a8bcdf36c895a32589e1e1894d2d965b60a1ac389b6341b7eea54edcdb

Hi!

I am on Vault 3.6.1 Android.

Signing transactions is not working:

• I scan the QR
• I enter the PIN for the Seed.
• Phone enters a loop asking the unlock pattern.

I tried to replace the unlock pattern by a plain PIN.

Now the vault is now allowing me to sign with: "key permanently invalidated exception".

• Ignore case
• mnemonic auto completion

Special thanks to Alessandro for his great help via Telegram.

First my question is - shouldn't there be some specific OS/build version ranges listed for each release?

(1) I've been breaking my head for days trying to install any version at all of Vault over OTG to an Android 6.0 build FlymeOS 6.7.8.8, and then build FlymeOS 7.8.8.31.

Every release I tried installed, but then would not run. Object.entries is not a function.

(2) Then I've gone and updated the WebView to a 59 version, and then a 90 version.

Sidenote: As my main device has always been on iOS and I'm just flailing around with Android for the first time on a friend's "old phone," it's wacky to me that a user has to "know" to go and download specific OS components, which should have been included in the build, but weren't.

Again, even with the new WebViews, there's the same error.
I've tried Vault 1.6.0, 3.7.0, 3.6.2, now trying 2.7.1 as I type.

2.7.1 installs, opens, shows the Vault + aeternity logo, and then shows:

Unexpected token =
SyntaxError: Unexpected token =

webpackJsonp is not defined
ReferenceError: webpackJsonp is not defined at file:///android_asset/www/build/main.js.1:1

(3) I realize this Flyme thingy might be an edge case.
Maybe users could submit their failed installs into a wiki.
Or maybe the requirements could be listed for each release, whether iOS, Android, etc.

https://github.com/airgap-it/airgap-vault/releases

Hi, I just found this project and airgap-distro and started to poke around.

I noticed that airgap-distro hasn't been updated since 2018 and that the vault version being included is extremely old v1.3.1:
https://github.com/airgap-it/airgap-distro/blob/master/distro_build_script.sh#L22

But v1.3.1 seems to be the latest deb available here. Is there a reason that new deb files are not being created?

Thanks.

Github Releases contain .apk file in assets, please add a .ipa file as well.
https://github.com/airgap-it/airgap-vault/releases

Hi,

it seems when creating a new wallet, setting the optional BIP39 passphrase does not make a difference for the derived Bitcoin address (and presumably the private keys). The same mnemonic/secret gives the same address whether a passphrase is used or not.

How I checked: In Vault, I set up a new wallet with an additional BIP39 passphrase. Then I re-imported that wallet using the mnemonic/secret from the first time, but now without specifying the BIP39 passphrase -- and it gave me the exact same public address, which should not happen.

I also cross checked using https://iancoleman.io/bip39/: The public address corresponds to the mnemonic/secret only, the BIP39 passphrase is ignored.

I'm on Airgap Vault 28519, 3.7.0

Currently, as I understand, the only way to import a wallet is with the bip39 mnemonic. When I need to create a transaction from the rubble of post-blast New York, I don't want to have to mess around with laptops and bip39 to make that vital 'let me out' transaction from my emergency wallet.

I suggest the process be something like:
Retrieve the digits of the private key from wherever they are tattooed onto your body.
Import the raw private key into AirGap.
(Option: Sweep the coins into a new wallet, or use the existing wallet in AirGap wallet.)
Pay the Duke for permission to leave.
...

Maybe Consider creating a plugin like system which can be made for cryptocurrency devs to easily integrate their coin into the AirGap Vault and Wallet app.

The plugin will expect the cryptocurrency developers to create functions with the following parameters, some parameters are optional. Here is an example

• send function (to, amount, speed/fee, privatesend, offchain)
• receive function (to, amount, offchain)
• gettransactions (address)
• wordphrase (wordphrase, 25thword)
• syncing (wordphrase)

And then with the wallet GUI all that is needed by the AirGap devs is to add the wallet and then can integrate the functions to get the coin supported. I am a basic web develop learning web development but I do not know much on mobile app and desktop app programming and an issue I can see if the language used for this since I know there is Java and Koplin or Android, Swift on iOS and other languages for desktop apps which can require the cryptocurrency devs the need to develop the plugin for up to three languages. Using one universal language like Python or JS could work but maybe hard to integrate on Android & iOS and can be more vulnerable to security issues when not using a native language.

This will also mean getting AirGap known by the crypto community as an open source software wallet for crypto developers to support so projects will come and get their coin supported and with the AirGap GUI developed, the cryptocurrency devs may not need to create their own user wallets and only will have to create core wallets and mining software.

I do think however AirGap should continue supporting very popular coins like Bitcoin and Ethereum.

airgap-it/airgap-wallet#46