Sonic Wallet is a mobile wallet application service which is based on the Stellar network. What's unique about Sonic Wallet is that it uses exclusive sound waves to transmit data across wallets. And we call each sound wave a "Sonic Code" (read more in Base Technology ). About Sonic Wallet aims to be an easy, fast and secure mobile wallet. Although Stellar offers low fee service to expand access to low-cost financial services to fight poverty and maximize individual potential, it's not quite easy. The process of creating a wallet account is difficult and people need money up front in order to create a wallet. Sonic Wallet is for everyone to create a wallet and transact at no cost. We will pay for any cost associated with our users transactions. We want to walk hand-in-hand with Stellar to expand access of financial services to those in need. Base Technology Sonic Code is a proximity data transmission technology using inaudible sound through a speaker and a microphone. Sonic Code transmits encrypted audio patterned data quickly and securely across devices. A good comparison of Sonic Code is QR code. When it comes to safety, Sonic Code is more safe because unlike QR code, its generating and recognizing algorithms are not open to public. When it comes to convenience, Sonic Code does not require extra actions of users such as activating camera and focusing on a visible image pattern. Frequency range used: 16KHz - 19KHz Effective range: 10cm - 30cm (4in - 12in) Recognition speed: 0.04 second Error detection rate: 99.999994% (CRC24 algorithm) Services Payment (ready to use) Sonic Wallet provides quick and easy payment service to our users. Users no longer need to show or scan QR code. When a Sonic Code for a specific transaction begins playing through one's smartphone, this will trigger the other person's Sonic Wallet on his lock-screen. Without unlocking the phone or opening the Sonic Wallet app, users will be able to receive payment authorization request via Sonic Code. Sonic Wallet enables consistent user experience in face-to-face environment, offline and online. User Authentication (expected to launch in October) Sonic Wallet is not just about payment. It's an ultimate key for user authentication. Sonic Wallet's user authentication is a 2-channel PKI authorization service. The public key (wallet address) will work as the digital ID and the private key assigned to each users when creating a Sonic Wallet account which is saved in the TEE zone, will validate and authenticate users via digital signature. Our API will allow any services to use the Sonic Wallet User Authentication service. Offline services such as building access, membership entrance can also use Sonic Wallet. Digital Token (expected to launch in October) Sonic Wallet will support the on-boarding of analog token to blockchain based digital token on Stellar network. We will launch a platform within our service where retail stores and services can provide vouchers, coupons, tickets, memberships, reward points, etc. such physical, so-called "analog" tokens to completely go digital. Any fees associated with this service will be paid by us and no users will bare monetary pressure. WoT Platform (expected to launch in December) We believe the most effective platform for IoT is web. Web is convenient, easy to access and manage, and does not cost too much to develop and operate. Like Google's Physical Web uses BLE, Sonic Wallet uses sound to connect users with things. All they need is devices with a speaker and a microphone. Features Security, security, security... it must come before convenience TEE The security weakness of PKI private key in cryptocurrency wallet is management. Most users lack knowledge of private-key management and thus, experts recommend users to utilize hardware wallets. Sonic Wallet stores each user's private-key in the Secure World of their smartphones' AP Chip called TEE zone. This ensures great security compared to any other mobile wallet. Icon PIN Individual PIN is associated with a 4-digit number and an graphic icon. When users create a new account, each of the will be given different icon keypad. Those keypads will generate different HASH value, making it difficult to retrace for hackers. Mnemonics Mnemonic code is used for recovering Sonic Wallet account in an unavoidable situation such as loss of a smartphone. If users want to recover their wallet, they need to enter the correct 24 words (given when first creating Sonic Wallet account) in order to recover their wallet properly. UX Lock-screen Trigger (Patented) In general, users must unlock their phone, find the app, and open the app to activate mobile wallet service. With Sonic Wallet, those actions are eliminated. User's smartphone will recognize Sonic Code automatically when in lock-screen display--that is, not when the phone's screen is completely pitch-black-off; it's when the phone is still in locked-mode, but with display on. This will allow much faster money transfer. Identity + Icon = Identicon Wallet addresses are long and complicated. Sonic Wallet generates an Identicon for each wallet to present user's address visually. Identicon will allow users to double check their recipients. Automatic Address Input When a valid Stellar wallet address gets copied onto clipboard, Sonic Wallet will automatically open up and be ready to make a payment to copied address. Website: http://www.sonicwallet.net

infosonic TEE The security weakness of PKI private key in cryptocurrency wallet is management. Most users lack knowledge of private-key management and thus, experts recommend users to utilize hardware wallets. Sonic Wallet stores each user's private-key in the Secure World of their smartphones' AP Chip called TEE zone. This ensures great security compared to any other mobile wallet. Isn't this a bit overrated? Unless the TEE can actually sign transactions, you need to move the private key outside of the TEE to use it anyway. The ones I've seen don't do ed25519, so all you have is password protected keys.

dzham Hi dzham - thanks for the comment! TEE is like a safe box for Sonic Wallet users. Safe box is used to store valuable possessions, such as currency, important documents, gemstones, or computer data, that need protection from theft, fire, or other hazard. But, we will open the safe and take things out to use them nonetheless. Our use of TEE zone is about how safe the place where users' private keys is stored. Sonic Wallet stores each user's private key in its smartphone's TEE zone and whenever transaction signs, the memory will load from Sonic Wallet and process transaction. This is by far more safe than any other mobile wallets which store private keys in the Normal World. Oh, we also store any information related to users as well as their private keys in TEE zone for maximum security. It's never too much when protecting those sensitive data! ? I hope I answered your question. Please feel free to leave follow-up questions if you have any. Again, thanks for taking your time to read our post!

Cool.... Is it similar to the AQR that Google Tez uses?

infosonic This is by far more safe than any other mobile wallets which store private keys in the Normal World. Again, if the private key is securely encrypted, it doesn't really matter where it's stored. And when it gets to your app from the TEE, it's not encrypted anymore.

infosonic Hi! I wonder: You mentioned Sonic waves is secure because private. I wonder: Is it your own technology? Is it likely (or even possible) that any other wallet or shop platform include it someday?

Sonic Wallet - Sound Payment on Stellar Network

infosonic

dzham
Hi there! Thanks for the follow up. You are absolutely right. But we think we have a different standard when it comes to security. We think by making it difficult to access individual’s private key—in this case by locating it in TEE, is the best option. It’s true that for each transaction private key must be loaded in memory in any applications. And within that split second, the Pure Date is exposed. Storing in TEE indeed cannot prevent hacker attack on memory, but at least it can protect itself from BruteForce attach or Dictionary attack , which will need access to TEE in the first place to hack.

But we agree that storing in TEE is not the ultimate hack-free solution. To increase the level of security, we are currently working with Trustonic to eliminate any possible chance of hacking.

dzham

infosonic But we agree that storing in TEE is not the ultimate hack-free solution. To increase the level of security, we are currently working with Trustonic to eliminate any possible chance of hacking.

If you can get signing into the TEE that would be awesome!

infosonic But we think we have a different standard when it comes to security.

Usually in cryptography you assume the that the enemy knows everything about your system apart from the key,
so in that respect, it shouldn't matter where the cipher text is stored.

Anything else is just security through obscurity, and we all know how well that works.

infosonic

Henrik
Yes, that's right!

infosonic

dzham
Yes! We will keep you updated. Please follow up with us!

MisterTicot

@infosonik
I'm still expecting an answer about that Sonic wave thing ?

infosonic

MisterTicot

Hi MisterTicot -
Sorry we missed you! Yes, Sonic Code is our own technology that we've developed ourselves. We have Sonic Code audio patterns as well as unique recognition module. While we have Sonic Wallet--a B2C platform, we also have B2B service where application service provider or any platform can purchase our license to use Sonic Code technology. We want our technology to spread as wide as possible and for it to reach as many people as possible if it is to change their lives! Thanks for your question ?

MisterTicot

infosonic Well then it would spread easily being open sourced.

CarlosMucuho

Congrats for the amazing project, keep up the good work

infosonic

CarlosMucuho Thanks Carols!

Sanjay

Interesting project.
Is the noise not affecting the signal?

infosonic

Sanjay Normal day-to-day noise will not be any problem! Even at concerts, construction sites, city center Sonic Code will not be affected by those noise. When it might be of a problem is when there is noise of similar frequency--between 16kHz-19kHz. However, with our CRC24 error detecting algorithm, Sonic Code holds strong against any noise.

CarlosMucuho

infosonic Carlos*

Sanjay

infosonic
Ok, You mean usual noise does not matter.
Maybe The sonic weapon the New Delhi police use to disperse the crowd could interfere with the signal.

kodaxx

Love the tech, and the experience. UI needs work. I can help.

infosonic

kodaxx

Hi~
Thanks for your attention. I agree with your opinion. We are preparing a new UI.