I'd like to present Stellar Authenticator to the Stellar Building Challenge. It is both part of the wider project of implementing the CosmicLink protocol and a tool I need as I plan an ICO on Stellar network and felt I'll need something to secure better investor & users.
Stellar Authenticator has been designed to securely & easily sign Stellar transaction.
I felt a need for it after seeing that a increasingly number of Stellar-based service ask for my private seed. I thought this is a flawed development model as secret key propagation will lead to multiple attacks that'll hurt the whole network and each of us. Each time I want to use a new service, I'm facing the issue of trust. It seems that solving this would benefit everyone.
I designed Stellar Authenticator as a solution similar to Google authenticator and so on. The idea is having an app that exclusively focus on signing transaction and securing private keys. By keeping the codebase tiny & simple, we make it easier to audit. It should offer encrypted backup on the cloud, as a way to protect casual and non-tech users from loss. It should be compatible with any service that wish so. It should make account creation & authentication as easy as possible.
One core activity of the development is inventing new ways to harden the security of the authenticator. Those protections will have to be implemented gradually as the incentive for building an attack goes up with the user base. When needed, I'll implement mechanisms that enforce peer review & auditing before releasing new versions of the code. I'm expecting some of the services handling Stellar Authenticator in the future to adopt a code reviewing routine and I'm thinking about ways to thanks them for the work.
In the future, I'd like Stellar Authenticator to be a way to log-in into Stellar services aswell. I'm still thinking about how to achieve that.
Of the three projects I'm presenting, Stellar Authenticator is the more demanding one and as such still need some serious effort before I release the first Alpha. However, I plan to have it available on each platform before the 15th.
I signed my first url-formatted transactions today and want to bring you something clean & polished enough for testing.
To be done before Beta (hopefully end-march)
- File-based backup of the seeds
- First level of security features
- Support multi-operation transactions
- Better malformed links handling
- Better interface
- Build phone application packages & release
- Off-line signing
- Support testing network
To be done before first stable release (hopefully end-june)
- Support Ledger blue & Ledger nano S
- Internationalization / translations
- Paper & Cloud backup
- Linking several wallet services
- Log-in capabilities
- Signing text/files (interesting advanced feature for free)
- Support a hardened federation protocol
- Handle multisignature collection through a dedicated portal (link external service?)
- Support private network
- Second layer of security features
To complete this effort, I'm coding two other project that I also present for SBC (both under MIT license):
CosmicLink, a redirecting service toward choosen authenticator service :https://galactictalk.org/d/1118-cosmiclink-stellar-transaction-into-url-website
A month ago I wrote a proposal based on ideas shared here that led me to work on those projects: